thr3ads.net - samba - [Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download [Nov 2021]

If this information is useful, please help other people find it:
Share via:

Stefan Metzmacher

2021-Nov-09 18:26 UTC

[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

Release Announcements
---------------------

These are security releases in order to address the following defects:

o CVE-2016-2124:  SMB1 client connections can be downgraded to plaintext
                  authentication.
                  https://www.samba.org/samba/security/CVE-2016-2124.html

o CVE-2020-25717: A user on the domain can become root on domain members.
                  https://www.samba.org/samba/security/CVE-2020-25717.html
                  (PLEASE READ! There are important behaviour changes described)

o CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued
                  by an RODC.
                  https://www.samba.org/samba/security/CVE-2020-25718.html

o CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos
                  tickets.
                  https://www.samba.org/samba/security/CVE-2020-25719.html

o CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers
                  (eg objectSid).
                  https://www.samba.org/samba/security/CVE-2020-25721.html

o CVE-2020-25722: Samba AD DC did not do suffienct access and conformance
                  checking of data stored.
                  https://www.samba.org/samba/security/CVE-2020-25722.html

o CVE-2021-3738:  Use after free in Samba AD DC RPC server.
                  https://www.samba.org/samba/security/CVE-2021-3738.html

o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability.
                  https://www.samba.org/samba/security/CVE-2021-23192.html

There's sadly a regression that "allow trusted domains = no"
prevents winbindd
from starting, we'll try to provide a follow up fix as soon as possible.

Changes:
--------------------

o  Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
   * CVE-2020-25722

o  Andrew Bartlett <abartlet at samba.org>
   * CVE-2020-25718
   * CVE-2020-25719
   * CVE-2020-25721
   * CVE-2020-25722

o  Ralph Boehme <slow at samba.org>
   * CVE-2020-25717

o  Alexander Bokovoy <ab at samba.org>
   * CVE-2020-25717

o  Samuel Cabrero <scabrero at samba.org>
   * CVE-2020-25717

o  Nadezhda Ivanova <nivanova at symas.com>
   * CVE-2020-25722

o  Stefan Metzmacher <metze at samba.org>
   * CVE-2016-2124
   * CVE-2020-25717
   * CVE-2020-25719
   * CVE-2020-25722
   * CVE-2021-23192
   * CVE-2021-3738
   * ldb release 2.3.2 (for Samba 4.14.10)
   * ldb release 2.2.3 (for Samba 4.13.14)

o  Andreas Schneider <asn at samba.org>
   * CVE-2020-25719

o  Joseph Sutton <josephsutton at catalyst.net.nz>
   * CVE-2020-17049
   * CVE-2020-25718
   * CVE-2020-25719
   * CVE-2020-25721
   * CVE-2020-25722
   * MS CVE-2020-17049


#######################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.libera.chat or the
#samba-technical:matrix.org matrix channel.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).


======================================================================= Our
Code, Our Bugs, Our Responsibility.
== The Samba Team
=====================================================================


===============Download Details
===============
The uncompressed tarballs and patch files have been signed
using GnuPG (ID AA99442FB680B620).  The source code can be downloaded
from:

        https://download.samba.org/pub/samba/stable/

The release notes are available online at:

        https://www.samba.org/samba/history/samba-4.15.2.html
        https://www.samba.org/samba/history/samba-4.14.10.html
        https://www.samba.org/samba/history/samba-4.13.14.html

Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)

                        --Enjoy
                        The Samba Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL:
<http://lists.samba.org/pipermail/samba-announce/attachments/20211109/2e7ead3e/signature-0001.sig>

Stefan Metzmacher

2021-Nov-09 20:04 UTC

head link

[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

Hi,
> There's sadly a regression that "allow trusted domains = no"
prevents winbindd
> from starting, we'll try to provide a follow up fix as soon as
possible.
The regression fix is discussed on this merge request:
https://gitlab.com/samba-team/samba/-/merge_requests/2246

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.samba.org/pipermail/samba-announce/attachments/20211109/d469f711/OpenPGP_signature.sig>

L. van Belle

2021-Nov-09 21:16 UTC

head link

[Samba] Notice on VanBelle repo and the Samba 4.15.2, 4.14.10, 4.13.14 Security Releases

Hai, 

Due the impact of (the possible impact of) these changes,
im not putting these on the currenlty running production repo's 
to make sure everything keeps running so we dont kill 
setups in the nights where autoupgrades are enabled. 
(as in the office where im at)

As soon these are up, i'll post the added repo's so people
can test these before the put them on production and check
if these changes effect your environment.

Later on i'll move these to the normal repo's off course.
I'll keep an eye on the list also. 

Builds will be done in this order. 
            run1 run2 run3
Focal       413  414  415 (amd64 only)
Buster      413  414  415 (amd64 i386 armhf)
Bullseye    413  414  415 (amd64 i386 armhf arm64)

Keep in mind building them all takes time, its 24 version in total.

As strongly adviced by the Samba team, Please read the changes (links)
below.


So far, 

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Stefan Metzmacher via samba
> Verzonden: dinsdag 9 november 2021 19:26
> Aan: samba-announce at lists.samba.org; samba at lists.samba.org; 
> samba-technical at lists.samba.org
> Onderwerp: [Samba] [Announce] Samba 4.15.2, 4.14.10, 4.13.14 
> Security Releases are available for Download
> 
> 
> 
> Release Announcements
> ---------------------
> 
> These are security releases in order to address the following defects:
> 
> o CVE-2016-2124:  SMB1 client connections can be downgraded 
> to plaintext
>                   authentication.
>                   
> https://www.samba.org/samba/security/CVE-2016-2124.html
> 
> o CVE-2020-25717: A user on the domain can become root on 
> domain members.
>                   
> https://www.samba.org/samba/security/CVE-2020-25717.html
>                   (PLEASE READ! There are important behaviour 
> changes described)
> 
> o CVE-2020-25718: Samba AD DC did not correctly sandbox 
> Kerberos tickets issued
>                   by an RODC.
>                   
> https://www.samba.org/samba/security/CVE-2020-25718.html
> 
> o CVE-2020-25719: Samba AD DC did not always rely on the SID 
> and PAC in Kerberos
>                   tickets.
>                   
> https://www.samba.org/samba/security/CVE-2020-25719.html
> 
> o CVE-2020-25721: Kerberos acceptors need easy access to 
> stable AD identifiers
>                   (eg objectSid).
>                   
> https://www.samba.org/samba/security/CVE-2020-25721.html
> 
> o CVE-2020-25722: Samba AD DC did not do suffienct access and 
> conformance
>                   checking of data stored.
>                   
> https://www.samba.org/samba/security/CVE-2020-25722.html
> 
> o CVE-2021-3738:  Use after free in Samba AD DC RPC server.
>                   
> https://www.samba.org/samba/security/CVE-2021-3738.html
> 
> o CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability.
>                   
> https://www.samba.org/samba/security/CVE-2021-23192.html
> 
> There's sadly a regression that "allow trusted domains = no" 
> prevents winbindd
> from starting, we'll try to provide a follow up fix as soon 
> as possible.
> 
> Changes:
> --------------------
> 
> o  Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
>    * CVE-2020-25722
> 
> o  Andrew Bartlett <abartlet at samba.org>
>    * CVE-2020-25718
>    * CVE-2020-25719
>    * CVE-2020-25721
>    * CVE-2020-25722
> 
> o  Ralph Boehme <slow at samba.org>
>    * CVE-2020-25717
> 
> o  Alexander Bokovoy <ab at samba.org>
>    * CVE-2020-25717
> 
> o  Samuel Cabrero <scabrero at samba.org>
>    * CVE-2020-25717
> 
> o  Nadezhda Ivanova <nivanova at symas.com>
>    * CVE-2020-25722
> 
> o  Stefan Metzmacher <metze at samba.org>
>    * CVE-2016-2124
>    * CVE-2020-25717
>    * CVE-2020-25719
>    * CVE-2020-25722
>    * CVE-2021-23192
>    * CVE-2021-3738
>    * ldb release 2.3.2 (for Samba 4.14.10)
>    * ldb release 2.2.3 (for Samba 4.13.14)
> 
> o  Andreas Schneider <asn at samba.org>
>    * CVE-2020-25719
> 
> o  Joseph Sutton <josephsutton at catalyst.net.nz>
>    * CVE-2020-17049
>    * CVE-2020-25718
>    * CVE-2020-25719
>    * CVE-2020-25721
>    * CVE-2020-25722
>    * MS CVE-2020-17049
> 
> 
> #######################################
> Reporting bugs & Development Discussion
> #######################################
> 
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.libera.chat or the
> #samba-technical:matrix.org matrix channel.
> 
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.  All bug reports should
> be filed under the Samba 4.1 and newer product in the 
> project's Bugzilla
> database (https://bugzilla.samba.org/).
> 
> 
> =====================================================================>
== Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> =====================================================================> 
> 
> 
> ===============> Download Details
> ===============> 
> The uncompressed tarballs and patch files have been signed
> using GnuPG (ID AA99442FB680B620).  The source code can be downloaded
> from:
> 
>         https://download.samba.org/pub/samba/stable/
> 
> The release notes are available online at:
> 
>         https://www.samba.org/samba/history/samba-4.15.2.html
>         https://www.samba.org/samba/history/samba-4.14.10.html
>         https://www.samba.org/samba/history/samba-4.13.14.html
> 
> Our Code, Our Bugs, Our Responsibility.
> (https://bugzilla.samba.org/)
> 
>                         --Enjoy
>                         The Samba Team
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

Apparently Analagous Threads

Search for more seemingly similar threads

samba - Nov 2021 - [Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

[Samba] Notice on VanBelle repo and the Samba 4.15.2, 4.14.10, 4.13.14 Security Releases

Apparently Analagous Threads