similar to: Samba 4.0.1 Security Release Available for Download

Release Announcements --------------------- These are security release in order to address the following defects: o CVE-2018-1050 (Denial of Service Attack on external print server.) o CVE-2018-1057 (Authenticated users can change other users' password.) ======= Details ======= o CVE-2018-1050: All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack

Release Announcements --------------------- These are security release in order to address the following defects: o CVE-2018-1050 (Denial of Service Attack on external print server.) o CVE-2018-1057 (Authenticated users can change other users' password.) ======= Details ======= o CVE-2018-1050: All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906. o CVE-2009-2813: In all versions of Samba later than 3.0.11, connecting to the home share of a user will use the root of the filesystem as the home directory if this user is misconfigured to have an empty home directory in /etc/passwd.

Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.

Release Announcements ===================== This is a security release in order to address CVE-2009-1886 and CVE-2009-1888. o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server.

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements --------------------- These are a security releases in order to address the following defect: o CVE-2017-7494 (Remote code execution from a writable share) ======= Details ======= o CVE-2017-7494: All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable

Release Announcements --------------------- These are a security releases in order to address the following defect: o CVE-2017-7494 (Remote code execution from a writable share) ======= Details ======= o CVE-2017-7494: All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Release Announcements ===================== This is a security release in order to address CVE-2009-1888. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". ###################################################################### Changes

Hi folks, Firstly; apologies in advance for what is a head wrecker of keeping on top of the speculative mitigations and also if this is a duplicate email; my first copy didn't seem to make it into the archive. Also a disclaimer that I may have misunderstood elements of the below but please bear with me. I write this hoping to find out a bit more about the state of the relevant kernel

Release Announcements --------------------- Samba 4.1.6, 4.0.16 and 3.6.23 have been issued as security releases in order to address CVE-2013-4496 (Password lockout not enforced for SAMR password changes) and CVE-2013-6442 (smbcacls can remove a file or directory ACL by mistake). Please note that Samba 3.6.23 is not affected by CVE-2013-6442. o CVE-2013-4496: Samba versions 3.4.0 and above

Release Announcements --------------------- Samba 4.1.6, 4.0.16 and 3.6.23 have been issued as security releases in order to address CVE-2013-4496 (Password lockout not enforced for SAMR password changes) and CVE-2013-6442 (smbcacls can remove a file or directory ACL by mistake). Please note that Samba 3.6.23 is not affected by CVE-2013-6442. o CVE-2013-4496: Samba versions 3.4.0 and above

Hi all! I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU. I note that when I run the redhat script to test for spectre & meltdown I get this result for variant 2: Variant #2 (Spectre): Vulnerable CVE-2017-5715 - speculative execution branch target injection - Kernel with mitigation patches: OK - HW support / updated microcode: NO - IBRS: Not disabled on