Samba, an app that seamlessly integrates Linux/Unix servers and desktops into Active Directory environments using the winbind daemon, is now at version 4.0.2.
The first maintenance release is in the 4.x branch and contains all of Samba's technology parts, both a file server, which can be upgraded from existing Samba 3.x releases, and the AD domain controller previously known as “samba4.”
According to the developers, all current released versions of Samba are vulnerable to clickjacking in the Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into a malicious web page via a frame or iframe and then overlaid by other content, an attacker could trick an administrator to potentially change Samba settings
The current release integrates a fix for this problem. Check out the official announcement for a detailed description of the update process and various other changes in the software.
Download Samba 4.0.2 right now from Softpedia.