Add missing whitespace

[samba-web.git] / history / security.html

<!--#include virtual="/samba/header.html" --> 
  <title>Samba - Security Updates and Information</title>
<!--#include virtual="header_history.html" -->

<h2>Samba Security Releases</h2>

    <p>Security releases for Samba are listed below by their release
date. The previously affected versions of Samba are listed alongside
the appropriate security concern. For complete information, follow the
link to full release notes for each release.</p>


    <table class="real">
      <th colspan="6">Samba Security Releases</th>
      <tr >
        <td><em>Date Issued</em></td>
        <td><em>Download</em></td>
        <td><em>Known Issue(s)</em></td>
        <td><em>Affected Releases</em></td>
        <td><em>CVE ID #</em></td>
        <td><em>Details</em></td>
      </tr>

    <tr>
        <td>27 August 2008</td>
        <td><a href="/samba/ftp/patches/security/samba-3.2.2-CVE-2008-3789-1.patch">
        patch 1 for Samba 3.2.2</a> 
        <a href="/samba/ftp/patches/security/samba-3.2.2-CVE-2008-3789-2.patch">
        patch 2 for Samba 3.2.2</a></td>
        <td>Wrong permissions of group_mapping.ldb</td>
        <td>Samba 3.2.0 - 3.2.2</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789">CVE-2008-3789</a></td>
        <td><a href="/samba/security/CVE-2008-3789.html">Announcement</a></td>
    </tr>

    <tr>
        <td>29 May 2008</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.29-CVE-2008-1105.patch">patch for Samba 3.0.29</a></td>
        <td>Boundary failure when parsing SMB responses</td>
        <td>Samba 3.0.0 - 3.0.29</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105">CVE-2008-1105</a></td>
        <td><a href="/samba/security/CVE-2008-1105.html">Announcement</a></td>
    </tr>

    <tr>
        <td>10 Dec 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patch">patch for Samba 3.0.27a</a></td>
        <td>Remote Code Execution in Samba's nmbd (send_mailslot())</td>
        <td>Samba 3.0.0 - 3.0.27a</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015">CVE-2007-6015</a></td>
        <td><a href="/samba/security/CVE-2007-6015.html">Announcement</a></td>
    </tr>

    <tr>
        <td>15 Nov 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patch">patch for Samba 3.0.26a</a></td>
        <td>Remote Code Execution in Samba's nmbd</td>
        <td>Samba 3.0.0 - 3.0.26a</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398">CVE-2007-5398</a></td>
        <td><a href="/samba/security/CVE-2007-5398.html">Announcement</a></td>
    </tr>

    <tr>
        <td>15 Nov 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-4572.patch">patch for Samba 3.0.26a</a></td>
        <td>GETDC mailslot processing buffer overrun in nmbd</td>
        <td>Samba 3.0.0 - 3.0.26a</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572">CVE-2007-4572</a></td>
        <td><a href="/samba/security/CVE-2007-4572.html">Announcement</a></td>
    </tr>

    <tr>
        <td>11 Sep 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.25-CVE-2007-4138.patch">patch for Samba 3.0.25</a></td>
        <td>Incorrect primary group assignment for users using the rfc2307 or sfu nss info plugin.</td>
        <td>Samba 3.0.25 - 3.0.25c</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138">CVE-2007-4138</a></td>
        <td><a href="/samba/security/CVE-2007-4138.html">Announcement</a></td>
    </tr>

    <tr>
        <td>14 May 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2447_v2.patch">patch for Samba 3.0.24</a></td>
        <td>Remote Command Injection Vulnerability (Updated June 5 to include missing &quot;c&quot; character from INCLUDE list).</td>
        <td>Samba 3.0.0 - 3.0.25rc3</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447">CVE-2007-2447</a></td>
        <td><a href="/samba/security/CVE-2007-2447.html">Announcement</a></td>
    </tr>

    <tr>
        <td>14 May 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2446_v2.patch">patch for Samba 3.0.24</a></td>
        <td>Multiple Heap Overflows Allow Remote Code Execution (Updated May 25 to fix regression in Samba domain controller logon code).</td>
        <td>Samba 3.0.0 - 3.0.25rc3</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446">CVE-2007-2446</a></td>
        <td><a href="/samba/security/CVE-2007-2446.html">Announcement</a></td>
    </tr>

    <tr>
        <td>14 May 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2444_v2.patch">patch for Samba 3.0.24</a></td>
        <td>Local SID/Name translation bug can result in user privilege elevation (Updated May 25 to fix regression in the &quot;force group&quot; parameter).</td>
        <td>Samba 3.0.23d - 3.0.25pre2</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444">CVE-2007-2444</a></td>
        <td><a href="/samba/security/CVE-2007-2444.html">Announcement</a></td>
    </tr>

    <tr>
        <td>5 Feb 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0452.patch">patch for Samba 3.0.23d</a></td>
        <td>Potential Denial of Service bug in smbd</td>
        <td>Samba 3.0.6 - 3.0.23d</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452">CVE-2007-0452</a></td>
        <td><a href="/samba/security/CVE-2007-0452.html">Announcement</a></td>
    </tr>

    <tr>
        <td>5 Feb 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0453.patch">patch for Samba 3.0.23d</a></td>
        <td>Buffer overrun in NSS host lookup Winbind library on Solaris</td>
        <td>Samba 3.0.21 - 3.0.23d</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453">CVE-2007-0453</a></td>
        <td><a href="/samba/security/CVE-2007-0453.html">Announcement</a></td>
    </tr>

    <tr>
        <td>5 Feb 2007</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0454.patch">patch for Samba 3.0.23d</a></td>
        <td>Format string bug in afsacl.so VFS plugin</td>
        <td>Samba 3.0.6 - 3.0.23d</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454">CVE-2007-0454</a></td>
        <td><a href="/samba/security/CVE-2007-0454.html">Announcement</a></td>
    </tr>

    <tr>
        <td>10 July 2006</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0-CVE-2006-3403.patch">patch for Samba 3.0.1 - 3.0.22</a></td>
        <td>Memory exhaustion DoS against smbd</td>
        <td>Samba 3.0.1 - 3.0.22</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403">CVE-2006-3403</a></td>
        <td><a href="/samba/security/CVE-2006-3403.html">Announcement</a></td>
    </tr>

    <tr>
    <tr>
        <td>30 March 2006</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.21-CVE-2006-1059.patch">patch for Samba 3.0.21[a-c]</a></td>
        <td>Exposure of machine account credentials in winbind log files</td>
        <td>Samba 3.0.21 - 3.0.21c</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1059">CVE-2006-1059</a></td>
        <td><a href="/samba/security/CVE-2006-1059.html">Announcement</a></td>
    </tr>

    <tr>
        <td>16 December 2004</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.9-CVE-2004-1154.patch">patch for Samba 3.0.9</a></td>
        <td>Integer Overflow in security descriptor parsing</td>
        <td>Samba 2.x, 3.0.x &lt;&#61; 3.0.9</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1154">CVE-2004-1154</a></td>
        <td><a href="/samba/security/CVE-2004-1154.html">Announcement</a></td>
    </tr>    

    <tr>
    <tr>
        <td>15 November 2004</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.7-CVE-2004-0882.patch">patch for &lt;&#61;Samba 3.0.7</a></td>
        <td>Buffer Overrun in smbd</td>
        <td>Samba 3.0.x &lt;&#61; 3.0.7</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0882">CVE-2004-0882</a></td>
        <td><a href="/samba/security/CVE-2004-0882.html">Announcement</a></td>
    </tr>    

    <tr>
        <td>8 November 2004</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.7-CVE-2004-0930.patch">patch for &lt;&#61;Samba 3.0.7</a></td>
        <td>Remote DoS</td>
        <td>Samba 3.0.x &lt;&#61; 3.0.7</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0930">CVE-2004-0930</a></td>
        <td><a href="/samba/security/CVE-2004-0930.html">Announcement</a></td>
    </tr>    

    <tr>
        <td>30 September 2004</td>
        <td><a href="/samba/ftp/stable/samba-2.2.12.tar.gz">Samba 2.2.12</a> and/or  <a href="/samba/ftp/patches/security/samba-3.0.2a-reduce_name.patch">patch for &lt;&#61;Samba 3.0.2a</a></td>
        <td>Potential arbitrary file access</td>
        <td>Samba 2.2.x &lt;&#61;2.2.11 and Samba 3.0.x &lt;&#61;3.0.2a</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0815">CVE-2004-0815</a></td>
        <td><a href="/samba/security/CVE-2004-0815.html">Announcement</a></td>
    </tr>    
        
      
      <tr>
        <td>13 Sept 2004</td>
        <td><a href="/samba/ftp/patches/security/samba-3.0.5-DoS.patch">3.0.5 patch</a></td>
        <td>Two DoS bugs; one affecting smbd, the other nmbd.</td>
        <td>3.0.x &lt;= 3.0.6</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0807">CVE-2004-0807</a>, <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0808">CVE-2004-0808</a></td>
        <td><a href="/samba/security/CVE-2004-0807_CVE-2004-0808.html">Announcement</a></td>
      </tr>
      
      <tr>
        <td>22 Jul 2004</td>
        <td><a href="/samba/ftp/stable/samba-3.0.5.tar.gz">3.0.5</a></td>
        <td>Two potential buffer overruns</td>
        <td>>=3.0.2</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0600">CVE-2004-0600</a>, 
            <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
        </td>
        <td><a href="/samba/security/CVE-2004-0600.html">CVE-2004-0600 Announcement</a>
            <a href="/samba/security/CVE-2004-0686.html">CVE-2004-0686 Announcement</a></td>
      </tr>
      
      <tr>
        <td>22 Jul 2004</td>
        <td><a href="/samba/ftp/stable/samba-2.2.10.tar.gz">2.2.10</a></td>
        <td>Buffer overrun in hash mangling method</td>
        <td>all 2.2 releases</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
        </td>
        <td><a href="/samba/history/samba-2.2.10.html">release notes</a></td>
      </tr>
      
      <tr>
        <td>9 Feb 2004</td>
        <td><a href="/samba/ftp/old-versions/samba-3.0.2a.tar.gz">3.0.2a</a></td>
        <td align="left">Password initialization bug that could grant
        an attacker unauthorized
        access to a user account created by the mksmbpasswd.sh shell script.</td>
        <td>>=3.0.0</td>
        <td><a
        href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0082">CVE-2004-0082</a></td>
        <td><a href="/samba/security/CVE-2004-0082.html">Announcement</a></td>
      </tr>
      
      <tr>
        <td>7 Apr 2003</td>
        <td><a href="/samba/ftp/old-versions/samba-2.2.8a.tar.gz">2.2.8a</a></td>
        <td>Buffer overrun condition in the SMB/CIFS packet fragment
        re-assembly code.</td>
        <td>all 2.0 releases and <= 2.2.8</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0196">CVE-2003-0196</a>,
        <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201">CVE-2003-0201</a></td>
        <td><a href="/samba/history/samba-2.2.8a.html">release notes</a></td>
      </tr>
      
      <tr>
        <td>10 Dec 2002</td>
        <td><a href="/samba/ftp/old-versions/samba-2.2.7a.tar.gz">2.2.7a</a></td>
        <td>Bug in the length checking for encrypted password change
        requests from clients.</td>
        <td>2.2.2 - 2.2.6</td>
        <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0085">CVE-2003-0085</a></td>
        <td><a href="/samba/history/samba-2.2.7a.html">release notes</a></td>
      </tr>
      
      <tr>
        <td>23 Jun 2001</td>
        <td><a href="/samba/ftp/old-versions/samba-2.2.0a.tar.gz">2.2.0a</a></td>
        <td>Bug in expansion of certain smb.conf variables such as 
        %m that could grant an attacker the capability to overwrite arbitrary 
        files on the server.  Bug that causes smbd not to honor the hosts allow 
        and deny smb.conf directives.</td>
        <td>2.2.0</td>
        <td>&nbsp</td>
        <td><a href="/samba/history/samba-2.2.0a.html">release notes</a></td>
      </tr>
      
      <tr>
        <td>23 Jun 2001</td>
        <td><a href="/samba/ftp/old-versions/samba-2.0.10.tar.gz">2.0.10</a></td>
        <td>Bug in the handling of temporary files that allows local 
        users to destroy data on local devices.</td>
        <td>>= 2.0.0</td>
        <td>&nbsp</td>
        <td><a href="/samba/history/samba-2.0.10.html">release notes</a></td>
      </tr>
                
    </table>
    
    <p><em>If you suspect you have discovered a serious security hole in a
Samba release, please send an email to <a
href="mailto:security@samba.org">security@samba.org</a>.</em></p>

<!--#include virtual="footer_history.html" -->