A writable configured share might get read only

Description

Due to a assignment vs equality bug a share reference might get
overwritten. This can lead to ‘read only = no’ from another share to
leak into a ‘read only = yes’ share for a subsequent connections. This
is a re-evaluation of an already fixed bug.

Workaround

Update to 3.6.6 and higher or apply the following patch
http://ftp.samba.org/pub/samba/patches/security/samba-3.6-CVE-2013-0454.patch

The file samba-3.6-CVE-2013-0454.patch.asc from the same directory
allows gpg verification as described in the general download
description at https://www.samba.org/samba/download/

Patch Availability

See above.

Credits

The release of this information was driven by Ulf Troppens of IBM
February, 19th 2013.

The required patch got written by Michael Adam 1st of February 2013.

== Our Code, Our Bugs, Our Responsibility.
== The Samba Team