============================== Release Notes for Samba 4.1.11 August 1, 2014 ============================== This is a security release in order to address CVE-2014-3560 (Remote code execution in nmbd). o CVE-2014-3560: Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root). Changes since 4.1.10: --------------------- o Volker Lendecke <vl@samba.org> * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.