similar to: [Announce] Samba 4.7.3, 4.6.11 and 4.5.15 Security Releases Available for Download

Displaying 20 results from an estimated 20000 matches similar to: "[Announce] Samba 4.7.3, 4.6.11 and 4.5.15 Security Releases Available for Download"

2017 Dec 12
1
failure joining a domain as a DC
in my optinion, yes, i use my own packages for years now, started with 4.1.x  ( still the same servers) started with debian wheezy and these are now debian stretch.   Start reading here, it wil help you ;-) https://github.com/thctlo/samba4/tree/master/howtos      Greetz,   Louis   Van: Taylor Hammerling [mailto:thammerling at tcsbasys.com] Verzonden: dinsdag 12 december 2017 15:13 Aan: L.P.H.
2017 Dec 01
0
samba-tool drs showrepl Issues After updating to 4.5.15
G'day All, We have a test and production SambaAD running very happily, but they are many versions out of date. We need to upgrade. Both versions of Samba are currently running 4.3.2. Our test SambaAD runs on Centos6 with two DCs running in the same data centre. Our production SambaAD runs on Centos7 with 4 DCs across 4 geographically dispersed data Centres. I went about updating
2018 Jan 10
0
samba-tool drs showrepl Issues After updating to 4.5.15
G'day All, We have a test and production SambaAD running very happily, but they are many versions out of date. We need to upgrade. Both versions of Samba are currently running 4.3.2. Our test SambaAD runs on Centos6 with two DCs running in the same data centre. Our production SambaAD runs on Centos7 with 4 DCs across 4 geographically dispersed data Centres. I
2017 Dec 12
5
failure joining a domain as a DC
Andrew - i am trying to join a new DC. Both DCs (old and new) are running samba 4.5.12-Debian On Dec 11, 2017 8:11 PM, "Andrew Bartlett" <abartlet at samba.org> wrote: > On Mon, 2017-12-11 at 19:56 -0600, Taylor Hammerling via samba wrote: > > Good evening! > > > > I am having difficulty joining a Samba4 install to my current domain. > > What new
2022 Jul 27
0
[Announce] Samba 4.16.4, 4.15.9, 4.14.14 Security Releases are available for Download
Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.
2022 Jul 27
0
[Announce] Samba 4.16.4, 4.15.9, 4.14.14 Security Releases are available for Download
Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-2031:? Samba AD users can bypass certain restrictions associated with ????????????????? changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32744: Samba AD users can forge password change requests for any user.
2018 Aug 14
0
[Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC
2018 Aug 14
0
[Samba] [Announce] Samba 4.8.4, 4.7.9 and 4.6.16 Security Releases Available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-1139 (Weak authentication protocol allowed.) o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) o CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) o CVE-2018-10918 (Denial of Service Attack on AD DC
2016 Mar 08
0
[Announce] Samba 4.3.6, 4.2.9, 4.1.23 and 4.4.0rc4 Security Releases Available for Download
Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path) o CVE-2016-0771 (Out-of-bounds read in internal DNS server) ======= Details ======= o CVE-2015-7560: All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable to a malicious client overwriting the
2016 Mar 08
0
[Announce] Samba 4.3.6, 4.2.9, 4.1.23 and 4.4.0rc4 Security Releases Available for Download
Release Announcements --------------------- This is a security release in order to address the following CVEs: o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path) o CVE-2016-0771 (Out-of-bounds read in internal DNS server) ======= Details ======= o CVE-2015-7560: All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable to a malicious client overwriting the
2018 Mar 14
4
Error running CVE-2018-1057_helper on 4.5
I tried to run this script on a system running 4.5.15 built from source under Ubuntu 16.04, but I get the following exception: # PYTHONPATH="/usr/local/samba/lib/python2.7/site-packages/" ./samba_CVE-2018-1057_helper --lock-pwchange Temporarily overriding 'dsdb:schema update allowed' setting Traceback (most recent call last):   File "./samba_CVE-2018-1057_helper",
2013 Nov 11
0
[Announce] Samba 4.1.1, 4.0.11 and 3.6.20 Security Releases Available for Download
Release Announcements --------------------- Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order to address CVE-2013-4475 (ACLs are not checked on opening an alternate data stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world readable). Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11 address both issues. o
2013 Nov 11
0
[Announce] Samba 4.1.1, 4.0.11 and 3.6.20 Security Releases Available for Download
Release Announcements --------------------- Samba 4.1.1, 4.0.11 and 3.6.20 have been issued as security releases in order to address CVE-2013-4475 (ACLs are not checked on opening an alternate data stream on a file or directory) and CVE-2013-4476 (Private key in key.pem world readable). Samba 3.6.20 includes the fix for CVE-2013-4475 only, Samba 4.1.1 and 4.0.11 address both issues. o
2017 Sep 20
0
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they should) o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects) o CVE-2017-12163 (Server memory information leak over SMB1) ======= Details ======= o CVE-2017-12150: A
2017 Sep 20
0
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they should) o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects) o CVE-2017-12163 (Server memory information leak over SMB1) ======= Details ======= o CVE-2017-12150: A
2022 Jan 31
1
[Announce] Samba 4.15.5, 4.14.12, 4.13.17 Security Releases are available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target ????????????????? of a symlink exists. https://www.samba.org/samba/security/CVE-2021-44141.html o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
2022 Jan 31
1
[Announce] Samba 4.15.5, 4.14.12, 4.13.17 Security Releases are available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target ????????????????? of a symlink exists. https://www.samba.org/samba/security/CVE-2021-44141.html o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
2017 Sep 27
1
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Hi Team, Workaround for CVE-2017-12151 :- client max protocol = NT1 and CVE-2017-12163 :- server min protocol = SMB2_02 are contradicting to each other. CVE-2017-12151 impacts on SMB3 protocol but workaound suggst to use NT1. I have below queries regarding this. Is SMB2 protocol also impacted by CVE-2017-12151 ? Can i use client max protocol = SMB2 so that it does not contradict with
2021 Nov 09
2
[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members.
2021 Nov 09
2
[Announce] Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download
Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members.