<div class="releases">
<h4>Current Stable Release</h4>
<ul>
- <li><a href="/samba/ftp/stable/samba-3.0.27a.tar.gz">Samba 3.0.27a (gzipped)</a></li>
- <li><a href="/samba/history/samba-3.0.27a.html">Release Notes</a></li>
- <li><a href="/samba/ftp/stable/samba-3.0.27a.tar.asc">Signature</a></li>
+ <li><a href="/samba/ftp/stable/samba-3.0.28.tar.gz">Samba 3.0.28 (gzipped)</a></li>
+ <li><a href="/samba/history/samba-3.0.28.html">Release Notes</a></li>
+ <li><a href="/samba/ftp/stable/samba-3.0.28.tar.asc">Signature</a></li>
</ul>
<h4>Historical</h4>
<div class="notes">
<h6>Release Notes</h6>
<ul>
+ <li><a href="samba-3.0.28.html">samba-3.0.28</a></li>
<li><a href="samba-3.0.27a.html">samba-3.0.27a</a></li>
<li><a href="samba-3.0.27.html">samba-3.0.27</a></li>
<li><a href="samba-3.0.26a.html">samba-3.0.26a</a></li>
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 3.0.28 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 3.0.28
+ Dec 10, 2007
+ ==============================
+
+Samba 3.0.28 is a security release in order to address the following
+defect:
+
+ o CVS-2007-6015
+ Boundary failure in GETDC mailslot processing can result in
+ a buffer overrun
+
+The original security announcement for this and past advisories can
+be found http://www.samba.org/samba/security/
+
+######################################################################
+Changes
+#######
+
+Changes since 3.0.27a
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * Fix for CVS-2007-0615.
+
+o Volker Lendecke <vl@samba.org>
+ * Fix for CVS-2007-0615.
+ * Add missing unbecome_root() calls in error path processing
+ when failing to add local groups in create_local_nt_token().
+</pre>
+
+<p>Please refer to the original <a href="/samba/history/samba-3.0.27a.html">Samba
+3.0.27a Release Notes</a> for more details regarding changes in
+previous releases.</p>
+</body>
+</html>
+
<td><em>Details</em></td>
</tr>
+ <tr>
+ <td>10 Dec 2007</td>
+ <td><a href="/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patch">patch for Samba 3.0.27a</a></td>
+ <td>Remote Code Execution in Samba's nmbd (send_mailslot())</td>
+ <td>Samba 3.0.0 - 3.0.27a</td>
+ <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0615">CVE-2007-6015</a></td>
+ <td><a href="/samba/security/CVE-2007-6015.html">Announcement</a></td>
+ </tr>
+
<tr>
<td>15 Nov 2007</td>
<td><a href="/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patch">patch for Samba 3.0.26a</a></td>
<h2>Current Release</h2>
- <h4><a name="latest">20 Nov 2007</a></h4>
- <p class="headline">Samba 3.0.27a Available for Download</p>
+ <h4><a name="latest">10 Dec 2007</a></h4>
+ <p class="headline">Samba 3.0.28 Available for Download</p>
- <p>Samba 3.0.27a is a bug fix release and is the current release
- for production servers running the Samba 3.0 series.</p>
+ <p>Samba 3.0.28 is a security release to address <a href="/samba/security/">CVE-2007-6015</a>.
- <p>The <a href="/samba/ftp/stable/samba-3.0.27a.tar.gz">Samba 3.0.27a</a> source code
- (<a href="/samba/ftp/stable/samba-3.0.27a.tar.asc">GPG
+ <p>The <a href="/samba/ftp/stable/samba-3.0.28.tar.gz">Samba 3.0.28</a> source code
+ (<a href="/samba/ftp/stable/samba-3.0.28.tar.asc">GPG
signature</a>) can be downloaded now. If you prefer, the
- <a href="/samba/ftp/patches/patch-3.0.27-3.0.27a.diffs.gz">patch
+ <a href="/samba/ftp/patches/patch-3.0.27a-3.0.28.diffs.gz">patch
file against previous releases</a>
- (<a href="/samba/ftp/patches/patch-3.0.27-3.0.27a.diffs.asc">GPG
+ (<a href="/samba/ftp/patches/patch-3.0.27a-3.0.28.diffs.asc">GPG
signature</a>) is also available for download.
Please read these <a href="/samba/download/">instructions on
how to verify the gpg signature</a>. Precompiled packages will
git.samba.org / samba-web.git / commitdiff