Updated Samba packages are now available to fix security vulnerabilities found during a code audit.
Samba is a suite of utilities which provides file and printer sharing services to SMB/CIFS clients. Sebastian Krahmer discovered a security vulnerability present in unpatched versions of Samba prior to 2.2.8. An anonymous user could use the vulnerability to gain root access on the target machine. Additionally, a race condition could allow an attacker to overwrite critical system files. All users of Samba are advised to update to the erratum packages which contain patches to correct these vulnerabilities. These packages contain the security fixes backported to the Samba 2.2.7 codebase.