-
samba (3.0.28a-1ubuntu4.18) hardy-security; urgency=low
[ Steve Beattie ]
* SECURITY UPDATE: unauthenticated remote code execution via
RPC calls (LP: #978458)
- debian/patches/security-CVE-2012-1182.patch: make variable length
check be consistent with memory allocation size computation.
- CVE-2012-1182
-- Tyler Hicks <email address hidden> Thu, 12 Apr 2012 05:28:44 -0500
-
samba (3.0.28a-1ubuntu4.17) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via AndX requests
- debian/patches/security-CVE-2012-0870.patch: perform additional
sanity checks in source/smbd/process.c.
- CVE-2012-0870
-- Marc Deslauriers <email address hidden> Thu, 23 Feb 2012 20:08:32 -0500
-
samba (3.0.28a-1ubuntu4.16) hardy-security; urgency=low
* Improve mtab locking support to prevent mtab corruption
- debian/patches/security-mtab-locking.patch: backport mtab locking
logic from newer releases in source/client/{mount.cifs.c,mount.h,
mtab.c,umount.cifs.c}, source/Makefile.in.
* SECURITY UPDATE: denial of service via stale mtab lockfile
- debian/patches/security-mask-signals.patch: mask signals while
updating the mtab file in source/client/mount.cifs.c.
- CVE-2011-3585
* SECURITY UPDATE: mtab corruption via resource limits
- debian/patches/CVE-2011-1678.patch: truncate mtab file if updating it
failed in source/client/{mount.cifs.c,mount.h,mtab.c}.
- CVE-2011-1678
-- Marc Deslauriers <email address hidden> Fri, 30 Sep 2011 11:48:58 -0400
-
samba (3.0.28a-1ubuntu4.15) hardy-security; urgency=low
* SECURITY UPDATE: cross-site scripting in SWAT
- debian/patches/security-CVE-2011-2694.patch: don't display username
in source/web/swat.c.
- CVE-2011-2694
* SECURITY UPDATE: cross-site request forgery in SWAT
- debian/patches/security-CVE-2011-2522.patch: implement nonce in
source/web/{cgi.c,statuspage.c,swat.c}.
- CVE-2011-2522
-- Marc Deslauriers <email address hidden> Thu, 28 Jul 2011 10:20:20 -0400
-
samba (3.0.28a-1ubuntu4.14) hardy-security; urgency=low
* SECURITY UPDATE: denial of service via missing range checks on file
descriptors
- debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
file descriptors.
- CVE-2011-0719
-- Marc Deslauriers <email address hidden> Wed, 23 Feb 2011 17:41:45 -0500
-
samba (3.0.28a-1ubuntu4.13) hardy-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via large number of SID sub authorities
- debian/patches/security-CVE-2010-3069.patch: limit number of SID
sub authorities in source3/lib/util_sid.c, source/libads/ldap.c,
source/libsmb/cliquota.c, source/smbd/nttrans.c.
- CVE-2010-3069
-- Marc Deslauriers <email address hidden> Thu, 09 Sep 2010 11:09:50 -0400
-
samba (3.0.28a-1ubuntu4.12) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary remote code execution.
- debian/patches/security-CVE-2010-2063.patch: upstream fixes.
-- Kees Cook <email address hidden> Mon, 14 Jun 2010 17:16:21 -0700
-
samba (3.0.28a-1ubuntu4.11) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary file disclosure via wide links
- debian/patches/security-CVE-2010-0926.patch: disable wide links when
UNIX extensions are enabled in source/param/loadparm.c,
source/smbd/service.c, source/smbd/trans2.c, source/smbd/vfs.c,
docs/htmldocs/manpages/smb.conf.5.html, docs/manpages/smb.conf.5.
- CVE-2010-0926
* WARNING: This changes the default samba behaviour. For security
reasons, it is no longer possible to use wide links and UNIX
extensions at the same time. After applying this security update, wide
links will be disabled automatically as UNIX extensions are turned on
by default. If wide links are required, you may re-enable them by
adding "unix extensions = no" to the [global] section of
the /etc/samba/smb.conf configuration file.
-- Marc Deslauriers <email address hidden> Thu, 18 Mar 2010 15:44:02 -0400
-
samba (3.0.28a-1ubuntu4.10) hardy-security; urgency=low
* SECURITY UPDATE: privilege escalation via mount.cifs race
- debian/patches/security-CVE-2009-3297.patch: validate mount point and
perform mount in "." to prevent race in source/client/mount.cifs.c.
- CVE-2009-3297
-- Marc Deslauriers <email address hidden> Tue, 26 Jan 2010 14:25:22 -0500
-
samba (3.0.28a-1ubuntu4.9) hardy-security; urgency=low
* SECURITY UPDATE: whole filesystem share via user with no home directory
- debian/patches/security-CVE-2009-2813.patch: make sure home directory
is set in source/param/loadparm.c, source/smbd/service.c.
- CVE-2009-2813
* SECURITY UPDATE: credentials file disclosure and unauthorized usage via
setuid mount.cifs
- debian/patches/security-CVE-2009-2948.patch: don't open credentials
file if user doesn't have permission, and don't print password when
using verbose option in source/client/mount.cifs.c.
- CVE-2009-2948
* SECURITY UPDATE: denial of service via unexpected oplock break
notification reply
- debian/patches/security-CVE-2009-2906.patch: track messages already
processed in source/include/smb.h, source/smbd/process.c.
- CVE-2009-2906
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2009 08:46:43 -0400
-
samba (3.0.28a-1ubuntu4.8) hardy-proposed; urgency=low
* Added debian/patches/fix-winbindd-crash-dc.patch:
- Fix winbindd crash when calling getent group on domain controller (LP: #328874)
- upstream commit in 3.0 branch: db4a435d235bedf48d668a0f4418dd46f38044ed
- upstream bug: #5906
-- Adrien Cunin <email address hidden> Mon, 16 Feb 2009 22:16:22 +0100
-
samba (3.0.28a-1ubuntu4.7) hardy-proposed; urgency=low
* debian/patches/cifs-upcall-backport.patch: Backport cifs.upcall to
samba 3.0.28a, to support kerberos-authenticated CIFS kernel mounts.
LP: #236830.
samba (3.0.28a-1ubuntu4.6) hardy-proposed; urgency=low
* debian/patches/fix-machine-account-password.patch:
- Don't return NT_STATUS_PASSWORD_MUST_CHANGE error on machine account
logon. Fix backported from
http://git.samba.org/?p=samba.git;a=commit;h=10da498a2349bf5944183adf5a9284eafa2b8b74.
(LP: #259110)
-- Steve Langasek <email address hidden> Wed, 08 Oct 2008 21:36:04 +0000
-
samba (3.0.28a-1ubuntu4.6) hardy-proposed; urgency=low
* debian/patches/fix-machine-account-password.patch:
- Don't return NT_STATUS_PASSWORD_MUST_CHANGE error on machine account
logon. Fix backported from
http://git.samba.org/?p=samba.git;a=commit;h=10da498a2349bf5944183adf5a9284eafa2b8b74.
(LP: #259110)
-- Chuck Short <email address hidden> Wed, 20 Aug 2008 16:36:08 +0000
-
samba (3.0.28a-1ubuntu4.5) hardy-proposed; urgency=low
* debian/patches/fix-ldap-password-sync.patch:
- Backported fix for ldap passwd sync = only. Patch taken from http://gitweb.samba.org/?p=samba.git;a=commit;h=1dd8fa9a521046f1de8173ac00224706c5249665 (LP: #242325)
* debian/patches/fix-wireless-no-found.patch:
- Backported fix for nmbd shutdown when network is disconnected. Patch taken from http://git.samba.org/?p=samba.git;a=blobdiff;f=source/nmbd/nmbd.c;h=9797a7adb673b0774672ca586b1f6b625c4faf5c;hp=00d252940afc33bcf34e9d98dca13c89b15b0408;hb=4b03f4eb2da7a523967ace3d13e79406ade07d47;hpb=085887eed71ed1ffdb30100d83763e671ea10eee (LP: #180493)
-- Chuck Short <email address hidden> Thu, 03 Jul 2008 12:27:14 -0400
-
samba (3.0.28a-1ubuntu4.4) hardy-security; urgency=low
* RELIABILITY UPDATE: the patch for CVE-2008-1105 introduced a regression
with certain client and server interactions with large file sizes.
* debian/patches/security-CVE-2008-1105_pt2.patch: adjust cli_negprot()
to properly calculate buffer sizes
* References
LP: #241448
https://bugzilla.samba.org/show_bug.cgi?id=5517
-- Jamie Strandboge <email address hidden> Sat, 28 Jun 2008 09:34:21 -0400
-
samba (3.0.28a-1ubuntu4.3) hardy-proposed; urgency=low
* debian/patches/disable-weak-auth.patch: roll back the change to the
client defaults of disallowing negotiation of lanman authentication,
since this causes usability problems for libsmbclient-based clients
that can't present meaningful error messages to the user. Still
disallow the plaintext authentication method, which is much less
likely to be used on NASes of any sort and age. LP: #209520.
-- Steve Langasek <email address hidden> Thu, 19 Jun 2008 17:20:13 +0000
-
samba (3.0.28a-1ubuntu4.2) hardy-security; urgency=low
* SECURITY UPDATE: heap overflow when processing crafted SMB responses
* debian/patches/security-CVE-2008-1105.patch: update util_sock.c to require
specifying the buffer size and update client.c, smbctool.c, smbfilter.c,
and process.c for these changes
* References:
CVE-2008-1105
LP: #235912
-- Jamie Strandboge <email address hidden> Tue, 17 Jun 2008 12:47:38 -0400
-
samba (3.0.28a-1ubuntu4.1) hardy-proposed; urgency=low
* debian/patches/fix-server-signature.patch:
- Fix for nautlius sharing issues with Windows 2003. Patch
taken from http://git.samba.org/?p=samba.git;a=commit;h=67f90361a07841972a01a4faf575da25ebbbb29c (LP: #217137)
-- Chuck Short <email address hidden> Tue, 03 Jun 2008 08:42:42 -0400
-
samba (3.0.28a-1ubuntu4) hardy; urgency=low
[ Mathias Gug ]
* debian/samba-common.postinst:
Fix upgrade from a first installation done with feisty, edgy or dapper.
(LP: #201059).
* debian/smb.conf.feisty:
Add default smb.conf shipped in feisty.
[ Steve Langasek ]
* When populating the new sambashare group, it's not an error if the
user simply doesn't exist; test for this case and let the install
continue instead of aborting. LP: #206036.
-- Steve Langasek <email address hidden> Wed, 02 Apr 2008 21:07:11 +0000
-
samba (3.0.28a-1ubuntu3) hardy; urgency=low
* debian/patches/fix-smbprinting-os2.patch
- Fixes printing large documents from OS/2. (LP: #60931)
-- Chuck Short <email address hidden> Fri, 28 Mar 2008 08:37:31 -0400
-
samba (3.0.28a-1ubuntu2) hardy; urgency=low
* debian/smb.conf
- Add map to guest = Bad user, maps bad username to guest access.
(LP: #32067)
-- Chuck Short <email address hidden> Thu, 27 Mar 2008 14:24:13 -0400
-
samba (3.0.28a-1ubuntu1) hardy; urgency=low
* Merge from Debian unstable, remaining changes:
* debian/patches/VERSION.patch:
- set SAMBA_VERSION_VENDOR_SUFFIX to Ubuntu
* debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] shares, and add a comment about
"valid users = %S" to show users how to restrict access to
\\server\username to only username.
* debian/samba-common.config:
- do not change priority to HIGH if dhclient3 is installed
- use priority medium instead of high for the workgroup question
* debian/winbind.files:
- include additional files
* debian/patches/fix-documentation.patch:
- fix typos in net(8) and smb.conf(5) man pages
* debian/mksambapasswd.awk:
- Don't add user with UID less than 1000 to smbpasswd.
* debian/samba.init:
- add 'status' option for LSB conformance.
* Updated control version.
* Set Ubuntu maintainer address.
* Dropped changes:
* debian/samba.if-up: this ifup hook isn't actually needed with
current Samba.
* Set 'usershare allow guests' by in the default smb.conf, so that
usershare admins are allowed to create public shares too, not just
authenticated ones (e.g., via nautilus-share). LP: #204703.
-- Steve Langasek <email address hidden> Tue, 25 Mar 2008 19:53:09 +0000
-
samba (3.0.28a-0ubuntu3) hardy; urgency=low
* But smbpasswd-syslog does need updated for the new upstream release,
overlooked in the previous upload. Merge the version from Debian
svn.
-- Steve Langasek <email address hidden> Fri, 14 Mar 2008 07:40:06 +0000
-
samba (3.0.28a-0ubuntu2) hardy; urgency=low
* Re-enable the smbpasswd-syslog patch; this was not really merged
upstream.
-- Steve Langasek <email address hidden> Fri, 14 Mar 2008 05:35:20 +0000
-
samba (3.0.28a-0ubuntu1) hardy; urgency=low
[Chuck Short]
* New upstream release. This fixes the following Ubuntu bugs.
- Prevent nmbd from shutting down when no network interfaces can be
located. (LP: #180493)
- Fixes I/O errors on access to SMB shares of OS/2. (LP: #112839)
* Dropped patches:
- make-distclean.patch
- linux-cifs-user-perms.patch
- cifs-umount-same-user.patch
- get_global_sam_sid-non-root.patch
- chgpasswd.patch
- cups.patch
- samba-syslog.patch
* debian/mksambapasswd.awk
- Don't add user with UID less than 1000 to smbpasswd. (LP: #199412)
* debian/samba.if-up
- ifup hook to reload samba once the interfaces comes up. (LP: #180493)
* Updated control version.
[Nicolas Valcárcel]
* debian/patches/fix-documentation.patch
- Fixed some escape typos in smb.conf(5) manpage. (LP: #182571)
[Shawn Smith]
* debian/samba.init
- Samba init script does not conform to the LSP specification; it needs a
status section (LP: #39157)
-- Chuck Short <email address hidden> Tue, 11 Mar 2008 14:21:29 -0400
-
samba (3.0.28-4ubuntu1) hardy; urgency=low
* Merge from Debian unstable, remaining changes:
* debian/patches/VERSION.patch:
- set SAMBA_VERSION_VENDOR_SUFFIX to Ubuntu
* debian/smb.conf:
- add "(Samba, Ubuntu)" to server string.
- comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (LP #27608). Also, add a
comment about "valid users = %S" to show users how to restrict access
to \\server\username to only username.
- correct winbind enum comment inconsistency.
- correct configuration directive inconsistences.
- clarify comment for max log size.
* debian/samba-common.config:
- do not change priority to HIGH if dhclient3 is installed
- use priority medium instead of high for the workgroup question
* debian/winbind.files:
- include additional files
* debian/patches/fix-documentation.patch:
- fix typo in net(8) man pages
* Set Ubuntu maintainer address.
* Dropped changes:
- default passwd chat value is modified; the default password sync
chat script from Debian now works out of the box. LP: #50624.
-- Steve Langasek <email address hidden> Sun, 09 Mar 2008 12:44:53 +0000
-
samba (3.0.28-1ubuntu3) hardy; urgency=low
* Added additional files to winbind.files. (LP: #156468)
* Deleted winbind enum comment inconsistency. Thanks to Richard Laager for
the patches. (LP: #182569)
* Deleted configuration directive inconsistences. Thanks to Richard Laager
for the patches. (LP: #182567)
* Fixed typo on net(8) man pages using fix-documentation.patch. (LP: #182570)
* Clarrified comment for max log size. Thanks to Richard Laager for the
patches. (LP: #182566)
-- Chuck Short <email address hidden> Tue, 22 Jan 2008 09:53:52 -0500
-
samba (3.0.28-1ubuntu2) hardy; urgency=low
* Fixed incorrect line in debian/patches/VERSION.patch
-- Rick Clark <email address hidden> Sat, 15 Dec 2007 11:03:39 -0500
-
samba (3.0.28-1ubuntu1) hardy; urgency=low
* Merge from debian unstable, remaining changes:
* debian/patches/VERSION.patch:
- set SAMBA_VERSION_VENDOR_SUFFIX to Ubuntu
* debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (LP #27608). Also, add a
comment about "valid users = %S" to show users how to restrict access
to \\server\username to only username.
- default passwd chat value is modified
* debian/samba-common.config:
- do not change priority to HIGH if dhclient3 is installed
- use priority medium instead of high for the workgroup question
* Set Ubuntu maintainer address.
samba (3.0.28-1) unstable; urgency=high
* New upstream release. Security fix
* Fix a remote code execution vulnerability when running as a domain
logon server (PDC or BDC). (CVE-2007-6015)
-- Rick Clark <email address hidden> Thu, 13 Dec 2007 08:44:33 -0500
-
samba (3.0.27a-2ubuntu1) hardy; urgency=low
* Merge from debian unstable (LP: #174296), remaining changes:
* debian/patches/VERSION.patch:
- set SAMBA_VERSION_VENDOR_SUFFIX to Ubuntu
* debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (LP #27608). Also, add a
comment about "valid users = %S" to show users how to restrict access
to \\server\username to only username.
- default passwd chat value is modified
* debian/samba-common.config:
- do not change priority to HIGH if dhclient3 is installed
- use priority medium instead of high for the workgroup question
* Set Ubuntu maintainer address.
samba (3.0.27a-2) unstable; urgency=low
* debian/patches/disable-weak-auth.patch: disable plaintext authentication
on the client, and lanman authentication on both client and server, by
default since these are only needed for Win9x or Samba with encrypted
passwords disabled and are potential password attack vectors. This
change is backported from Samba 3.2. LP: #163194.
* Don't build the userspace tools for the deprecated smbfs kernel driver
anymore; instead, use a shell wrapper around mount.cifs that translates
option names between the smbfs and cifs drivers.
Closes: #169624, #256637, #265468, #289179, #305210, #410075;
LP: #29413
* debian/panic-action: detect when we're on an Ubuntu system and direct bug
reporters to Launchpad instead of to the Debian BTS. Closes: #452940.
* debian/samba.init: call log_progress_msg separately for each daemon on
stop rather than passing a second arg to log_daemon_msg, for greater
compatibility with both Debian and Ubuntu LSB initscript implementations.
Closes: #453350.
* Drop smbldap-tools to Suggests:, consistent with the textbook meaning of
recommends/suggests which is now implemented correctly in apt.
Closes: #453144.
* Get rid of the build-dependency on type-handling:
- add a new target, "update-archs", to be invoked by hand to refresh
the list of known Linux architectures for the libacl1-dev
build-dep; this avoids the clean target making changes to
debian/control
- rework the sed line so that it works in-place on debian/control,
so we can get rid of debian/control.in as well and just update
debian/control directly
Closes: #340570.
-- Steve Langasek <email address hidden> Wed, 05 Dec 2007 16:14:20 -0800
-
samba (3.0.27a-1ubuntu1) hardy; urgency=low
* Merge from debian unstable (LP: #165072), remaining changes:
* debian/patches/VERSION.patch:
- set SAMBA_VERSION_VENDOR_SUFFIX to Ubuntu
* debian/control:
- Remove type-handling (not used in Ubuntu)
* debian/rules:
- Remove type-handling.
* debian/samba.init:
- Ubuntu's log_progress_msg is a no-op, so to avoid confusion, don't
say specifically which daemons we're handling. (LP #25803)
* debian/smb.conf:
- Add "(Samba, Ubuntu)" to server string.
- Comment out the default [homes] shares and add more verbose comments to
explain what they do and how they work (LP #27608). Also, add a
comment about "valid users = %S" to show users how to restrict access
to \\server\username to only username.
- default passwd chat value is modified
* debian/panic-action:
- Alter the panic-action script to link to the samba bug reporting page
on Launchpad.
* debian/samba-common.config:
- do not change priority to HIGH if dhclient3 is installed
- use priority medium instead of high for the workgroup question
* Set Ubuntu maintainer address.
* Bugs fixed in Debian:
- Enable net usershare (LP: #128548)
* Ubuntu patches merged in Debian:
* debian/smb.conf:
- "printer admin" is a deprecated option, and is dropped
completely from the examples.
* debian/samba-common.templates:
- Default workgroup value is now set to WORKGROUP; this is a
change from previous Ubuntu versions which used MSHOME, but is
consistent with the Samba upstream defaults and the default
behavior for most versions of Windows.
* Ubuntu patches dropped:
* debian/rules:
- Samba should not use --error-handler=true for its init script.
* debian/samba-common.templates, debian/po/*.po:
- unnecessary divergence from Debian debconf template which
resulted in fuzzy translations; this is cleaned up now
samba (3.0.27a-1) unstable; urgency=low
[ Steve Langasek ]
* New upstream release
- fix regression with smbfs clients, introduced by the security fix in
3.0.27. Closes: #451839.
- debian/patches/cifs-umount-trailing-slashes.patch: merged upstream.
* Drop the deprecated "printer admin" example from the default smb.conf.
Closes: #451273.
* Add a *new* debian/patches/cups.patch to *enable* cups as the default
printing system, because since the original introduction of this patch
in Debian there was a regression upstream that caused cups to never be
selected as the default print system.
* Set the default value for the workgroup question to "WORKGROUP" in
samba-common.templates, not just in the template smb.conf, so that the
debconf question comes out right every time; and always treat this
as a high-priority debconf question instead of selecting the
priority based on whether there's an existing value, since there's
now *always* an existing value but the value doesn't tell us
anything meaningful about the user's preference. Closes: #451271.
* Drop some code from samba.postinst that only applies to upgrades from
pre-3.0 (i.e., pre-sarge) packages
[ Christian Perrier ]
* Update the "built by" part of README.debian
* Remove the very outdated parts of README.debian
samba (3.0.27-1) unstable; urgency=low
* New upstream version
- fixes a remote code execution vulnerability when running nmbd as a
WINS server. (CVE-2007-5398; closes: #451385)
- fixes a buffer overflow in nmbd when running as a domain controller
during processing of GETDC logon server requests. (CVE-2007-4572)
[ Steve Langasek ]
* fhs.patch: net usershares should also be stored under /var/lib, not under
/var/run. No transition handling in maintainer scripts, since this
feature is not activated by default.
* get_global_sam_sid-non-root.patch: avoid calling get_global_sam_sid()
from smbpasswd -L or pam_smbpass when running as non-root, to avoid a
foreseeable panic. Closes: #346547, #450738.
* usershare.patch: enable "user shares" by default in the server with a
default limit of 100, to support user shares on both upgrades and new
installs with no need to munge config files. Thanks to Mathias Gug
<email address hidden> for the patch. Closes: #443230.
* On Ubuntu, support autopopulating the sambashare group using the existing
members of the admin group; no equivalent handling is done on Debian,
because there doesn't seem to be an appropriate template group we can use
that wouldn't be considered a privilege escalation for those users.
* Update Samba to explicitly use the C locale when doing password changes,
to account for Linux-PAM's recently adopted i18n support.
Closes: #451272.
* Enforce creation of the pid directory (/var/run/samba) in the samba
init script, for compatibility with systems that use a tmpfs for
/var/run. Closes: #451270.
* debian/patches/cups.patch, debian/NEWS: drop the patch to force bsd
as the default printing system, as CUPS is now the dominant/default
printing system for Linux.
[ Debconf translations ]
* Hebrew added. Closes: #444054
[ Christian Perrier ]
* Split fhs.patch into 3 separate patches to make upstream integration
easier:
- fhs-newpaths.patch: introduce new paths
- fhs-filespaths.patch: assign files to new paths
- fhs-assignpaths.patch: assign paths to FHS-compatible locations
* Compile with DNS update support. Thanks to Matthias Gug for
reporting and contributions from Launchpad's #156686
Closes: #449422
-- Steve Langasek <email address hidden> Sun, 25 Nov 2007 12:56:27 -0800
-
samba (3.0.26a-1ubuntu2) gutsy; urgency=low
* debian/patches/chgpasswd.patch:
- Also set the locale to 'C' when using PAM for password changes,
since the PAM conversation is equally affected by PAM l10n support
(LP: #139265).
-- Steve Langasek <email address hidden> Tue, 02 Oct 2007 13:54:23 -0700