diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/packaging/RedHat-9/makerpms.sh samba-3.0.22/packaging/RedHat-9/makerpms.sh
--- samba-3.0.21c/packaging/RedHat-9/makerpms.sh	2006-02-24 00:39:55.000000000 -0600
+++ samba-3.0.22/packaging/RedHat-9/makerpms.sh	2006-03-29 22:52:17.000000000 -0600
@@ -20,7 +20,7 @@
 
 USERID=`id -u`
 GRPID=`id -g`
-VERSION='3.0.21c'
+VERSION='3.0.22'
 SPECFILE="samba3.spec"
 RPMVER=`rpm --version | awk '{print $3}'`
 RPM="rpm"
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/packaging/RedHat-9/samba.spec samba-3.0.22/packaging/RedHat-9/samba.spec
--- samba-3.0.21c/packaging/RedHat-9/samba.spec	2006-02-24 00:39:55.000000000 -0600
+++ samba-3.0.22/packaging/RedHat-9/samba.spec	2006-03-29 22:52:17.000000000 -0600
@@ -4,7 +4,7 @@
 Summary: Samba SMB client and server
 Vendor: Samba Team
 Name: samba
-Version: 3.0.21c
+Version: 3.0.22
 Release: 1
 License: GNU GPL version 2
 Group: Networking
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/packaging/RHEL/makerpms.sh samba-3.0.22/packaging/RHEL/makerpms.sh
--- samba-3.0.21c/packaging/RHEL/makerpms.sh	2006-02-24 00:39:55.000000000 -0600
+++ samba-3.0.22/packaging/RHEL/makerpms.sh	2006-03-29 22:52:17.000000000 -0600
@@ -18,7 +18,7 @@
 
 USERID=`id -u`
 GRPID=`id -g`
-VERSION='3.0.21c'
+VERSION='3.0.22'
 SPECFILE="samba.spec"
 RPMVER=`rpm --version | awk '{print $3}'`
 RPM="rpmbuild"
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/packaging/RHEL/samba.spec samba-3.0.22/packaging/RHEL/samba.spec
--- samba-3.0.21c/packaging/RHEL/samba.spec	2006-02-24 00:39:55.000000000 -0600
+++ samba-3.0.22/packaging/RHEL/samba.spec	2006-03-29 22:52:17.000000000 -0600
@@ -5,7 +5,7 @@
 Vendor: Samba Team
 Packager: Samba Team <samba@samba.org>
 Name:         samba
-Version:      3.0.21c
+Version:      3.0.22
 Release:      1
 License: GNU GPL version 2
 Group: System Environment/Daemons
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/REVISION samba-3.0.22/REVISION
--- samba-3.0.21c/REVISION	2006-02-24 00:39:57.000000000 -0600
+++ samba-3.0.22/REVISION	2006-03-29 22:52:19.000000000 -0600
@@ -1,7 +1,7 @@
 Path: .
 URL: svn+ssh://svn.samba.org/home/svn/samba/branches/SAMBA_3_0_RELEASE
 Repository UUID: 0c0555d6-39d7-0310-84fc-f1cc0bd64818
-Revision: 13672
+Revision: 14787
 Node Kind: directory
 Schedule: normal
 Last Changed Author: jerry
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/source/include/version.h samba-3.0.22/source/include/version.h
--- samba-3.0.21c/source/include/version.h	2006-02-24 00:40:02.000000000 -0600
+++ samba-3.0.22/source/include/version.h	2006-03-29 22:53:02.000000000 -0600
@@ -1,7 +1,6 @@
 /* Autogenerated by script/mkversion.sh */
 #define SAMBA_VERSION_MAJOR 3
 #define SAMBA_VERSION_MINOR 0
-#define SAMBA_VERSION_RELEASE 21
-#define SAMBA_VERSION_REVISION "c"
-#define SAMBA_VERSION_OFFICIAL_STRING "3.0.21c"
+#define SAMBA_VERSION_RELEASE 22
+#define SAMBA_VERSION_OFFICIAL_STRING "3.0.22"
 #define SAMBA_VERSION_STRING samba_version_string()
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/source/nsswitch/winbindd_cm.c samba-3.0.22/source/nsswitch/winbindd_cm.c
--- samba-3.0.21c/source/nsswitch/winbindd_cm.c	2006-01-30 12:38:49.000000000 -0600
+++ samba-3.0.22/source/nsswitch/winbindd_cm.c	2006-03-29 17:36:47.000000000 -0600
@@ -294,7 +294,7 @@
 
 		DEBUG(5, ("connecting to %s from %s with username "
 			  "[%s]\\[%s]\n",  controller, global_myname(),
-			  machine_account, machine_password));
+			  lp_workgroup(), machine_account));
 
 		ads_status = cli_session_setup_spnego(*cli,
 						      machine_account, 
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/source/VERSION samba-3.0.22/source/VERSION
--- samba-3.0.21c/source/VERSION	2006-02-20 14:33:23.000000000 -0600
+++ samba-3.0.22/source/VERSION	2006-03-29 17:36:47.000000000 -0600
@@ -25,7 +25,7 @@
 ########################################################
 SAMBA_VERSION_MAJOR=3
 SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=21
+SAMBA_VERSION_RELEASE=22
 
 ########################################################
 # If a official release has a serious bug              #
@@ -37,7 +37,7 @@
 # e.g. SAMBA_VERSION_REVISION=a                        #
 #  ->  "2.2.8a"                                        #
 ########################################################
-SAMBA_VERSION_REVISION=c
+SAMBA_VERSION_REVISION=
 
 ########################################################
 # For 'pre' releases the version will be               #
diff -u -r --new-file --exclude .svn --exclude CVS samba-3.0.21c/WHATSNEW.txt samba-3.0.22/WHATSNEW.txt
--- samba-3.0.21c/WHATSNEW.txt	2006-02-24 00:39:24.000000000 -0600
+++ samba-3.0.22/WHATSNEW.txt	2006-03-29 17:36:47.000000000 -0600
@@ -1,13 +1,47 @@
+                   ==============================
+                   Release Notes for Samba 3.0.22
+                            Mar 30, 2006
+                   ==============================
+
+This is a security release of Samba. The Samba 3.0.21 release 
+series (including the patch releases a through c) has been 
+discovered to expose the clear text of the server's machine 
+account credentials in the winbind log files when the log 
+level is set to 5 or higher.  This defect has been assigned 
+the CVE number CAN-2006-1059.
+
+Summary
+=======
+
+The machine trust account password is the secret shared
+between a domain controller and a specific member server.
+Access to the member server machine credentials allows
+an attacker to impersonate the server in the domain and 
+gain access to additional information regarding domain 
+users and groups.
+
+The winbindd daemon included in Samba 3.0.21 and subsequent
+patch releases (3.0.21a-c) writes the clear text of server's
+machine credentials to its log file at level 5.  The winbindd
+log files are world readable by default and often log files
+are requested on open mailing lists as tools used to debug
+server misconfigurations.
+
+This affects servers configured to use domain or ads security
+and possibly Samba domain controllers as well (if configured
+to use winbindd).
+
+=======
+
+Release Notes for older release follow:
+
+      --------------------------------------------------
+
                    ===============================
                    Release Notes for Samba 3.0.21c
                               Feb 24, 2006
                    ===============================
 
-This is the latest stable release of Samba. This is the version
-that production Samba servers should be running for all current
-bug-fixes.  Please read the following important changes in this
-release.
-
 Common bugs fixed in 3.0.21c include:
 
   o Access checks when deleting printer driver meta-data.
@@ -122,9 +156,6 @@
       connection code in winbindd.
 
 
-
-Release Notes for older release follow:
-
       --------------------------------------------------
                    ===============================
                    Release Notes for Samba 3.0.21b