similar to: [Announce] Samba 4.1.16 and 4.0.24 Security Releases Available

Release Announcements --------------------- This is the fourth release candidate of Samba 4.2. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.2 will be the next version of the Samba suite. IMPORTANT NOTE ABOUT THE SUPPORT END OF SAMBA 3

Release Announcements --------------------- This is the fourth release candidate of Samba 4.2. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.2 will be the next version of the Samba suite. IMPORTANT NOTE ABOUT THE SUPPORT END OF SAMBA 3

Release Announcements --------------------- This is the fifth release candidate of Samba 4.2. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.2 will be the next version of the Samba suite. IMPORTANT NOTE ABOUT THE SUPPORT END OF SAMBA 3

Release Announcements --------------------- This is the fifth release candidate of Samba 4.2. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.2 will be the next version of the Samba suite. IMPORTANT NOTE ABOUT THE SUPPORT END OF SAMBA 3

Release Announcements --------------------- This is is the first stable release of Samba 4.2. Samba 4.2 will be the next version of the Samba suite. Samba User Survey 2015 ====================== https://www.surveygizmo.com/s3/2020369/Samba-User-Survey-2015 Please take our survey. It will help us improve Samba by understanding your knowledge and needs. The survey runs until end of March 2015

Release Announcements --------------------- This is is the first stable release of Samba 4.2. Samba 4.2 will be the next version of the Samba suite. Samba User Survey 2015 ====================== https://www.surveygizmo.com/s3/2020369/Samba-User-Survey-2015 Please take our survey. It will help us improve Samba by understanding your knowledge and needs. The survey runs until end of March 2015

===================================================================== "Progress was all right. Only it went on too long." James Thurber ===================================================================== Release Announcements --------------------- This is the latest stable release of Samba 4.1. Please note that this bug fix release also addresses two minor

===================================================================== "Progress was all right. Only it went on too long." James Thurber ===================================================================== Release Announcements --------------------- This is the latest stable release of Samba 4.1. Please note that this bug fix release also addresses two minor

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos ????????????????? RC4-HMAC Elevation of Privilege Vulnerability ????????????????? disclosed by Microsoft on Nov 8 2022. ????????????????? A Samba Active Directory DC will issue weak rc4-hmac ?????????????????

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos ????????????????? RC4-HMAC Elevation of Privilege Vulnerability ????????????????? disclosed by Microsoft on Nov 8 2022. ????????????????? A Samba Active Directory DC will issue weak rc4-hmac ?????????????????

Release Announcements --------------------- Samba 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases in order to address CVE-2015-0240 (Unexpected code execution in smbd.). For the sake of completeness, Samba 4.2.0rc5 including a fix for this defect will follow soon, but it won't be a dedicated security release and will therefore address other bug fixes also. o CVE-2015-0240:

Release Announcements --------------------- Samba 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases in order to address CVE-2015-0240 (Unexpected code execution in smbd.). For the sake of completeness, Samba 4.2.0rc5 including a fix for this defect will follow soon, but it won't be a dedicated security release and will therefore address other bug fixes also. o CVE-2015-0240:

Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability). o CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers in trusted realms). o CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger

Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability). o CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers in trusted realms). o CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger

We have a third party mail system which can write/read accounts to/from AD using ldaps protocol, it works fine with active directory of windows server 2003. When I test the mail system with samba4 DC, I can't disable user from the mail system, because the mail system write 0x800002 (8388610,UF_ACCOUNTDISABLED | UF_PASSWORDEXPIRED) to userAccountControl field of AD/samba4, and samldb returns

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================== I'm thinking with sand here! -- JFK in "Bubba Ho-Tep" ============================================================== Release Announcements ===================== This is the first production release of

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================== I'm thinking with sand here! -- JFK in "Bubba Ho-Tep" ============================================================== Release Announcements ===================== This is the first production release of

Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2015-7540 (Remote DoS in Samba (AD) LDAP server) o CVE-2015-3223 (Denial of service in Samba Active Directory server) o CVE-2015-5252 (Insufficient symlink verification in smbd) o CVE-2015-5299 (Missing access control check in shadow copy code) o CVE-2015-5296 (Samba

Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2015-7540 (Remote DoS in Samba (AD) LDAP server) o CVE-2015-3223 (Denial of service in Samba Active Directory server) o CVE-2015-5252 (Insufficient symlink verification in smbd) o CVE-2015-5299 (Missing access control check in shadow copy code) o CVE-2015-5296 (Samba

Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path) o CVE-2016-0771 (Out-of-bounds read in internal DNS server) ======= Details ======= o CVE-2015-7560: All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable to a malicious client overwriting the