+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 4.0.21 Available for Download</H2>
+
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 4.0.21
+ August 1, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o CVE-2014-3560:
+ Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+ unauthenticated nmbd NetBIOS name services.
+
+ A malicious browser can send packets that may overwrite the heap of
+ the target nmbd NetBIOS name services daemon. It may be possible to
+ use this to generate a remote code execution vulnerability as the
+ superuser (root).
+
+
+Changes since 4.1.20:
+---------------------
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+</pre>
+
+</body>
+</html>