Rowland Penny
2023-Nov-27 16:50 UTC
[Samba] [Announce] Samba 4.19.3 Available for Download
On Mon, 27 Nov 2023 17:13:18 +0100 Andrea Venturoli via samba <samba at lists.samba.org> wrote:> On 11/27/23 13:27, Jule Anger via samba wrote: > > Hello. > > > > > All versions of Samba from 4.0.0 onwards are vulnerable to an > > ... > > When a domain was provisioned with an unpatched Samba version, > > ... > > The patched Samba does NOT protect existing domains! > > > > The administrator needs to run the following command > > Just a check to see if I understand correctly: > _ Samba 4.19.3 is needed to correctly provision new domains; > _ old domains must be corrected with the given command; > _ that command only works in 4.19.3; it won't fix the problem if > launched on an older version (at least it did nothing when I tried it > on 4.17.12). > > If so, are updated 4.17.x and 4.18.x releases planned for those who > can't or don't want to move to 4.19? > > Or is there another (perhaps more manual) way to check if a domain is > affected and fix it? > > Thanks in advance > av. >If you can follow the trail: https://www.samba.org/samba/security/CVE-2018-14628.html Then: https://bugzilla.samba.org/show_bug.cgi?id=13595 You would find this at comment 20 from Jule Anger: Pushed to autobuild-v4-{19,18}-test. I will add the section to the release notes and I will include the bug for the next 4.17 security release. 4.18.8 is due on Wednesday Not sure when or if there will be a next 4.17 security release. Rowland
Stefan G. Weichinger
2023-Nov-28 08:26 UTC
[Samba] [Announce] Samba 4.19.3 Available for Download
Am 27.11.23 um 17:50 schrieb Rowland Penny via samba:> If you can follow the trail: > > https://www.samba.org/samba/security/CVE-2018-14628.html > > Then: > > https://bugzilla.samba.org/show_bug.cgi?id=13595 > > You would find this at comment 20 from Jule Anger: > > Pushed to autobuild-v4-{19,18}-test. > I will add the section to the release notes and I will include the bug > for the next 4.17 security release. > > 4.18.8 is due on WednesdayYou mean 4.18.9? I already run 4.18.8. So that manual fix is to be done AFTER 4.18.9? Or could I do it already? I can wait for 4.18.9, sure, just asking. Thanks ...