From: Karolin Seeger <kseeger@samba.org>
Date: Sat, 7 Apr 2012 13:20:25 +0000 (+0200)
Subject: WHATSNEW: Prepare release notes for 3.6.4.
X-Git-Tag: samba-3.6.4~8
X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=0d45a24cffef841de5db2344910224e4df9bce3a;p=samba.git

WHATSNEW: Prepare release notes for 3.6.4.

Karolin
---

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 92754cf2bc5..2f131e84d46 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,20 +1,25 @@
                    =============================
                    Release Notes for Samba 3.6.4
-                         , 2012
+                          April 10, 2012
                    =============================
 
 
-This is the latest stable release of Samba 3.6.
+This is a security release in order to address
+CVE-2012-1182 ("root" credential remote code execution).
 
-Major enhancements in Samba 3.6.4 include:
+o  CVE-2012-1182:
+   Samba 3.0.x to 3.6.3 are affected by a
+   vulnerability that allows remote code
+   execution as the "root" user.
 
-o  
 
 Changes since 3.6.3:
 --------------------
 
 
-o   Jeremy Allison <jra@samba.org>
+o   Stefan Metzmacher <metze@samba.org>
+    *BUG 8815: PIDL based autogenerated code allows overwriting beyond of
+     allocated array (CVE-2012-1182).
 
 
 ######################################################################