NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Any way to see the full firmware release notes?
instead of the basic 1 pager? I see "Security samba update", but I would like more info, like what was updated? Is that available?
Download the GPL and compare what was changed between the current and previous firmware release.
SSH in and see if there is info in the changelogs for the samba packages.
Most likely changes would be security fixes backported from upstream versions of samba.
The SAMBA folks fixed CVE-2018-10858,CVE-2018-10918,CVE-2018-10919,CVE-2018-1139,CVE-2018-1140 last month. 6.9.4 is running 4.7.0, so I agree that some (hopefully all) of the CVEs must have been backported. https://www.samba.org/samba/history/security.html
mdgm wrote:
SSH in and see if there is info in the changelogs for the samba packages.
I'm not seeing any changelogs for samba (though perhaps they aren't in /usr/shares/docs ???). find // -iname *readme* and find // -iname *change* aren't showing anything.
kohdee, I agree with Blanker-2 that all resolved CVEs should be routinely included in the release notes (and for that matter, listed at https://www.netgear.com/about/security/default.aspx ). It'd be great if you could list the ones fixed in 6.9.4 here.
StephenB wrote:
kohdee, I agree with Blanker-2 that all resolved CVEs should be routinely included in the release notes (and for that matter, listed at https://www.netgear.com/about/security/default.aspx ). It'd be great if you could list the ones fixed in 6.9.4 here.
Can't agree more: Netgear must completely review and change the policy on publishing release notes - thus is not limited to ReadyNAS only.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
