Displaying 20 results from an estimated 40000 matches similar to: "[Announce] Samba 4.10.8 and 4.9.13 Security Releases Available"
2019 Sep 03
0
[Announce] Samba 4.11.0rc3 Available for Download
Release Announcements
=====================
This is the third release candidate of Samba 4.11. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
Samba 4.11 will be the next version of the Samba suite.
UPGRADING
=========
AD Database compatibility
2019 Sep 03
0
[Announce] Samba 4.11.0rc3 Available for Download
Release Announcements
=====================
This is the third release candidate of Samba 4.11. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
Samba 4.11 will be the next version of the Samba suite.
UPGRADING
=========
AD Database compatibility
2019 Sep 17
0
[Announce] Samba 4.11.0 Available for Download
========================================================
"Moonlight is sculpture."
Nathaniel Hawthorne
========================================================
Release Announcements
---------------------
This is the first stable release of the Samba 4.11 release series.
Please read the release notes carefully before upgrading.
UPGRADING
=========
AD Database
2019 Sep 17
0
[Announce] Samba 4.11.0 Available for Download
========================================================
"Moonlight is sculpture."
Nathaniel Hawthorne
========================================================
Release Announcements
---------------------
This is the first stable release of the Samba 4.11 release series.
Please read the release notes carefully before upgrading.
UPGRADING
=========
AD Database
2019 Sep 11
1
[Announce] Samba 4.11.0rc4 Available for Download
Release Announcements
=====================
This is the fourth release candidate of Samba 4.11. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
Samba 4.11 will be the next version of the Samba suite.
UPGRADING
=========
AD Database compatibility
2019 Sep 11
1
[Announce] Samba 4.11.0rc4 Available for Download
Release Announcements
=====================
This is the fourth release candidate of Samba 4.11. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
Samba 4.11 will be the next version of the Samba suite.
UPGRADING
=========
AD Database compatibility
2020 Sep 18
1
[Announce] Samba 4.12.7, 4.11.13 and 4.10.18 Security Releases Available
Release Announcements
---------------------
These are security releases in order to address the following defect:
o CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon").
The following applies to Samba used as domain controller only (most
seriously the Active Directory DC, but also the classic/NT4-style DC).
Installations running Samba as a file server only are
2020 Sep 18
1
[Announce] Samba 4.12.7, 4.11.13 and 4.10.18 Security Releases Available
Release Announcements
---------------------
These are security releases in order to address the following defect:
o CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon").
The following applies to Samba used as domain controller only (most
seriously the Active Directory DC, but also the classic/NT4-style DC).
Installations running Samba as a file server only are
2017 Sep 20
0
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Release Announcements
---------------------
These are security releases in order to address the following defects:
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
=======
Details
=======
o CVE-2017-12150:
A
2017 Sep 20
0
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Release Announcements
---------------------
These are security releases in order to address the following defects:
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
=======
Details
=======
o CVE-2017-12150:
A
2018 Mar 13
0
[Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download
Under what conditions are "server services = -ldap" an acceptable
workaround? would it work with a standalone AD with file sharing done
by other Samba servers?
On Tue, Mar 13, 2018 at 5:20 AM, Karolin Seeger via samba-technical
<samba-technical at lists.samba.org> wrote:
> Release Announcements
> ---------------------
>
> These are security release in order to address
2017 Sep 27
1
[Announce] Samba 4.6.8, 4.5.14 and 4.4.16 Security Releases Available
Hi Team,
Workaround for
CVE-2017-12151 :- client max protocol = NT1 and
CVE-2017-12163 :- server min protocol = SMB2_02
are contradicting to each other.
CVE-2017-12151 impacts on SMB3 protocol but workaound suggst to use NT1.
I have below queries regarding this.
Is SMB2 protocol also impacted by CVE-2017-12151 ?
Can i use client max protocol = SMB2 so that it does not contradict with
2020 Sep 22
2
[Announce] Samba 4.13.0 Available for Download
Release Announcements
---------------------
This is the first stable release of the Samba 4.13 release series.
Please read the release notes carefully before upgrading.
ZeroLogon
=========
Please avoid to set "server schannel = no" and "server schannel= auto" on all
Samba domain controllers due to the wellknown ZeroLogon issue.
For details please see
2020 Sep 22
2
[Announce] Samba 4.13.0 Available for Download
Release Announcements
---------------------
This is the first stable release of the Samba 4.13 release series.
Please read the release notes carefully before upgrading.
ZeroLogon
=========
Please avoid to set "server schannel = no" and "server schannel= auto" on all
Samba domain controllers due to the wellknown ZeroLogon issue.
For details please see
2018 Mar 13
2
[Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download
Release Announcements
---------------------
These are security release in order to address the following defects:
o CVE-2018-1050 (Denial of Service Attack on external print server.)
o CVE-2018-1057 (Authenticated users can change other users' password.)
=======
Details
=======
o CVE-2018-1050:
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
service attack
2018 Mar 13
2
[Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download
Release Announcements
---------------------
These are security release in order to address the following defects:
o CVE-2018-1050 (Denial of Service Attack on external print server.)
o CVE-2018-1057 (Authenticated users can change other users' password.)
=======
Details
=======
o CVE-2018-1050:
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
service attack
2016 Jul 07
0
[Announce] Samba 4.4.5, 4.3.11 and 4.2.14 Security Releases Available for Download
Release Announcements
---------------------
These are a security release in order to address the following defect:
o CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)
=======
Details
=======
o CVE-2016-2119:
It's possible for an attacker to downgrade the required signing for
an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST
or
2016 Jul 07
0
[Announce] Samba 4.4.5, 4.3.11 and 4.2.14 Security Releases Available for Download
Release Announcements
---------------------
These are a security release in order to address the following defect:
o CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)
=======
Details
=======
o CVE-2016-2119:
It's possible for an attacker to downgrade the required signing for
an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST
or
2023 Jul 19
1
[Announce] Samba 4.18.5, 4.17.10., 4.16.11 Security Releases are available for Download
19.07.2023 17:55, Jule Anger via samba weote:
> Release Announcements
> ---------------------
>
> This are security releases in order to address the following defects:
>
> o CVE-2022-2127:? When winbind is used for NTLM authentication, a maliciously
> ????????????????? crafted request can trigger an out-of-bounds read in winbind
> ????????????????? and possibly crash
2017 Mar 23
0
[Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download
Release Announcements
---------------------
These are a security releases in order to address the following defect:
o CVE-2017-2619 (Symlink race allows access outside share definition)
=======
Details
=======
o CVE-2017-2619:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.11 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file