-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
Samba developers have discovered what is believed to be
a non-exploitable buffer over in nmbd during the processing
of GETDC logon server requests. This code is only used
when the Samba server is configured as a Primary or Backup
Domain Controller.
A patch addressing this defect has been posted to
http://www.samba.org/samba/security/
Additionally, Samba 3.0.27 has been issued as a security
release to correct the defect.
Samba administrators may avoid this security issue by disabling
both the "domain logons" and the "domain master" options in in
the server's smb.conf file. Note that this will disable all
domain controller features as well.
This vulnerability was discovered by Samba developers during
an internal code audit.
The time line is as follows:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHPEeNIR7qMdg1EfYRAmKMAKCDcXmqRSNbCHZFS4GzGo7oVUl08gCfS/sY
d6F8+jrnT59SZgCXfftImEA=
=oC2/
-----END PGP SIGNATURE-----