-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in smbd. This defect is
is a result of an incorrect buffer size when parsing SMB
replies in the routine receive_smb_raw().
A patch addressing this defect has been posted to
http://www.samba.org/samba/security/
Additionally, Samba 3.0.30 has been issued as a security
release to correct the defect. Samba administrators are
advised to upgrade to 3.0.30 or apply the patch as soon
as possible.
This vulnerability was reported to Samba developers by
Alin Rad Pop, Secunia Research.
The time line is as follows:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIPXTkIR7qMdg1EfYRAhaqAJ0cA6XoFP7debyYutME9fYTenfNVgCguM0I
nppfSSUdqtpbxbESEXjrnhU=
=1yBZ
-----END PGP SIGNATURE-----