For those who have the 3.0.21b or 3.0.21c, Samba 3.0.22 was released as a security update (about a week ago). (I just saw someone on the centos list with 3.0.21c so i thought I'd post this announcement for all others.) The downside to getting non-distro updates from upstream is that you are responsible for watching out for security releases.
For those with the CentOS version (samba-3.0.10-1.4E.6) it already includes all available errata.
Official Announcement from samba.org:-
Security Release: Samba 3.0.22 Available for Download
This is a security release of Samba. The Samba 3.0.21 release series (including the patch releases a through c) has been discovered to expose the clear text of the server's machine account credentials in the winbind log files when the log level is set to 5 or higher. Details can be found in the online release notes or in the original security announcement for CAN-2006-1059.
The Samba 3.0.22 source code can be downloaded now. The GnuPG signature for the uncompressed tarball is also available. If you prefer to download just the diff from 3.0.21c to 3.0.22, the patch file (gpg signature) is also available. Precompiled packages for Fedora Core 4, RedHat 9, all SuSE Linux products, and Solaris are available in the Binary_Packages download area. Packages for other platforms will be available shortly.
----------------------------------------------- Improve the mailing list by performing a simple search before posting and reading the faq/etiquette. Thank you!!
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com