Security Update: Samba
One security update has been released this week for Samba package. It affected 12.2 and -Current only. Here's the -Current changelog:
Mon Jan 5 14:09:18 CST 2009
Upgraded to samba-3.2.7.
This fixes a security issue. From the WHATSNEW.txt file:
"This is a security release in order to address CVE-2009-0022.
In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28).
The original security announcement for this and past advisories can be found http://www.samba.org/samba/security/"
For more information, see:
(* Security fix *)