-CVE-2009-2948: Information disclosure by setuid mount.cifs
-CVE-2009-2906: Remote DoS against smbd on authenticated connections
Security: CVE-2009-2813, CVE-2009-2948, CVE-2009-2906
Please note that this is the last bugfix release of the Samba 3.2 series!
Major enhancements in 3.2.14 include:
o Fix SAMR access checks (e.g. bugs #6089 and #6112).
o Fix 'force user' (bug #6291).
o Improve Win7 support (bug #6099).
o Fix posix ACLs when setting an ACL without explicit ACE for the
owner (bug #2346).
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data
value can potentially affect access control when "dos filemode"
is set to "yes".
Security: CVE-2009-1886, CVE-2009-1888
In Samba 3.2.9, there is an issue while migrating passdb.tdb files from older
Samba versions (e.g. 3.2.8). That causes panics of smbd child processes until
the parent smbd is restarted once after converting the passdb.tdb file. This
issue is fixed in Samba 3.2.10.
o Correctly detect if the current DC is the closest one.
o Add saf_join_store() function to memorize the DC used at join time.
This avoids problems caused by replication delays shortly after domain
joins.
More bugs introduced^Wfixed!
