CVE-2013-0454.html:

===========================================================
== Subject:     A writable configured share might get read only
==
== CVE ID#:     CVE-2013-0454
==
== Versions:    Samba 3.6.0 - 3.6.5 (inclusive)
==
== Summary:     A share configuration 'read only = no' might result
==              in 'read only = yes'
==
===========================================================

===========
Description
===========

Due to a assignment vs equality bug a share reference might get
overwritten.  This can lead to 'read only = no' from another share to
leak into a 'read only = yes' share for a subsequent connections. This
is a re-evaluation of an already fixed bug.

==========
Workaround
==========

Update to 3.6.6 and higher or apply the following patch
http://ftp.samba.org/pub/samba/patches/security/samba-3.6-CVE-2013-0454.patch

The file samba-3.6-CVE-2013-0454.patch.asc from the same directory
allows gpg verification as described in the general download
description at https://www.samba.org/samba/download/

==================
Patch Availability
==================

See above.

=======
Credits
=======

The release of this information was driven by Ulf Troppens of IBM
February, 19th 2013.

The required patch got written by Michael Adam 1st of February 2013.

==========================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
==========================================================