Repository 32bit  Forum
Repository 64bit  Wiki
Fri Mar 14 00:44:48 UTC 2014
patches/packages/samba-4.1.6-x86_64-1_slack14.1.txz: Upgraded.
  This update fixes two security issues:
  CVE-2013-4496:
  Samba versions 3.4.0 and above allow the administrator to implement
  locking out Samba accounts after a number of bad password attempts.
  However, all released versions of Samba did not implement this check for
  password changes, such as are available over multiple SAMR and RAP
  interfaces, allowing password guessing attacks.
  CVE-2013-6442:
  Samba versions 4.0.0 and above have a flaw in the smbcacls command. If
  smbcacls is used with the "-C|--chown name" or "-G|--chgrp name"
  command options it will remove the existing ACL on the object being
  modified, leaving the file or directory unprotected.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442
  (* Security fix *)