Release Notes: This is a security release of Samba. The Samba 3.0.21 release series (including the patch releases a through c) has been discovered to expose the clear text of the server's machine account credentials in the winbind log files when the log level is set to 5 or higher. This defect has been assigned the CVE number CAN-2006-1059.
Release Notes: This is a minor patch release for the 3.0.2 code base to address, in particular, a problem which occurred when using pdbedit to sanitize (--force-initialized-passwords) Samba's tdbsam backend. This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bugfixes.
Release Notes: A security hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could potentially allow an attacker to gain root access on the target machine. The word "potentially" is used because there is no known exploit of this bug, and the Samba Team itself has not been able to craft one. In addition to addressing this security issue, this release also includes thirteen unrelated improvements.
Release Notes: 2.0.8 did NOT fix the local /tmp security hole. 2.0.9 fixes this, and should be used if you don't want to upgrade to 2.2.x just yet.