similar to: Samba 4.19.1, 4.18.8 and 4.17.12 Security Releases are available for Download

hi all, i haven't seen any discussion here of this issue, nor do i see any obviously related (open) bugs in bugzilla. It's not clear to me from the CVE how important this issue is or isn't, but i'm a bit concerned. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4091 thanks as always to wayne & the other contributors

Hello, I have updated my system to Debian 12 with Samba 4.17.12, but the problem with performance still exist. On the Samba page there is a note in the CVE-2016-2114 description: "Note that the default for server roles other than active directory domain controller, is "off" because of performance reasons." https://www.samba.org/samba/security/CVE-2016-2114.html Does it mean

Ok thank you. So, Is my file server with Samba 4.17.12 vulnerable to CVE-2016-2114 if it is not a DC server? To be clear, I don't use any Active Directory domain controller in my network. Best regards. Adam Blaszczykowski pon., 23 pa? 2023 o 10:20 Rowland Penny via samba <samba at lists.samba.org> napisa?(a): > On Mon, 23 Oct 2023 09:54:47 +0200 > Adam B?aszczykowski via samba

On 09/25/2015 11:53 AM, Jakub Jelinek via llvm-dev wrote: > On Fri, Sep 25, 2015 at 01:19:48AM -0700, Renato Golin wrote: >> After long talks with lots of people, I think we have a winning >> strategy to deal with the variable nature of VMA address in AArch64. >> It seems that the best way forward is to try the dynamic calculation >> at runtime, evaluate the performance,

This issue just cropped up upon upgrading to Samba 4.19.1 masterz at yagosaki:~> smbclient -kd 3 //olympia.pukey/masterz WARNING: The option -k|--kerberos is deprecated! lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Can't load /etc/samba/smb.conf - run testparm to debug it added interface wlan0

On Mon, 23 Oct 2023 12:02:20 +0200 Adam B?aszczykowski via samba <samba at lists.samba.org> wrote: > Ok thank you. > So, Is my file server with Samba 4.17.12 vulnerable to CVE-2016-2114 > if it is not a DC server? > > To be clear, I don't use any Active Directory domain controller in my > network. Lets see if I can paraphrase the documentation for CVE-2016-2014

On Mon, 23 Oct 2023 09:54:47 +0200 Adam B?aszczykowski via samba <samba at lists.samba.org> wrote: > Hello, > I have updated my system to Debian 12 with Samba 4.17.12, but the > problem with performance still exist. > On the Samba page there is a note in the CVE-2016-2114 description: > "Note that the default for server roles other than active directory > domain

Release Announcements --------------------- This is the latest stable release of the Samba 4.18 release series. It contains the security-relevant bug CVE-2018-14628: ??? Wrong ntSecurityDescriptor values for "CN=Deleted Objects" ??? allow read of object tombstones over LDAP ??? (Administrator action required!) ??? https://www.samba.org/samba/security/CVE-2018-14628.html

Release Announcements --------------------- This is the latest stable release of the Samba 4.18 release series. It contains the security-relevant bug CVE-2018-14628: ??? Wrong ntSecurityDescriptor values for "CN=Deleted Objects" ??? allow read of object tombstones over LDAP ??? (Administrator action required!) ??? https://www.samba.org/samba/security/CVE-2018-14628.html

Hi Michael, short question: will the Bullseye-Backports getting 4.17.12, too? I saw, Bookworm is already updated... -- Regards Ingo https://github.com/WAdama

Hi Michael, thanks for the info - and your work... As Bookworm for Raspberry isn't that far away, I can live with that. This is "just" my playground... Regards Ingo https://github.com/WAdama Michael Tokarev via samba schrieb am 18.10.2023 um 09:17: > 16.10.2023 15:50, Ingo Asche via samba wrote: >> Hi Michael, >> >> short question: will the

16.10.2023 15:50, Ingo Asche via samba wrote: > Hi Michael, > > short question: will the Bullseye-Backports getting 4.17.12, too? > > I saw, Bookworm is already updated... Since oldstable-bpo archive in debian is always subject to manual backports-policy processing (all uploads are processed manually), I don't push stuff to oldstable-bpo often. On the other hand, this

Op 18-10-2023 om 11:32 schreef Ingo Asche via samba: > Hi Michael, > > thanks for the info - and your work... > > As Bookworm for Raspberry isn't that far away, I can live with that. > This is "just" my playground... I have recently migrated my Raspberry Pi machines from Raspbian to Debian bookworm. It has several advantages: - All Debian packages are

https://bugzilla.samba.org/show_bug.cgi?id=5356 Summary: SELinux extended attributes incompatibility: Linux kernel 2.6.9 and 2.6.18 Product: rsync Version: 3.0.0 Platform: x64 OS/Version: Linux Status: NEW Severity: major Priority: P3 Component: core AssignedTo: wayned@samba.org

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC

19.07.2023 17:55, Jule Anger via samba weote: > Release Announcements > --------------------- > > This are security releases in order to address the following defects: > > o CVE-2022-2127:? When winbind is used for NTLM authentication, a maliciously > ????????????????? crafted request can trigger an out-of-bounds read in winbind > ????????????????? and possibly crash

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD Internal DNS server) o CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT) o CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server) o CVE-2018-16852 (NULL pointer