similar to: [Announce] Samba 4.14.11 Available for Download

Release Announcements --------------------- This is the latest stable release of the Samba 4.15 release series. Important Notes =============== There have been a few regressions in the security release 4.15.2: o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html ????????????????? PLEASE [RE-]READ! ?????????????????

Release Announcements --------------------- This is the latest stable release of the Samba 4.15 release series. Important Notes =============== There have been a few regressions in the security release 4.15.2: o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html ????????????????? PLEASE [RE-]READ! ?????????????????

Release Announcements --------------------- This is the latest stable release of the Samba 4.13 release series. Important Notes =============== There have been a few regressions in the security release 4.13.14: o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html ????????????????? PLEASE [RE-]READ!

Release Announcements --------------------- This is the latest stable release of the Samba 4.13 release series. Important Notes =============== There have been a few regressions in the security release 4.13.14: o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html ????????????????? PLEASE [RE-]READ!

Hello, This is situation: * [netApps SMB-server] [RHEL-7.1-Client]* | =SMB 2/3= | | sending data>65k Fail | sending data<65k Passes Max Write/Read Size[65535]

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members.

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication. https://www.samba.org/samba/security/CVE-2016-2124.html o CVE-2020-25717: A user on the domain can become root on domain members.

I noticed there was Bug 12808 against 4.6.3 ( if I read it right ) about smblcient doesn't handle STATUS_NOT_SUPPORTED gracefully for FSCTL_VALIDATE_NEGOTIATE_INFO. We are currently updating to 4.6.6 and I do not see it in smbXcli_base.c. I see the fix was done in 5/30/2017. Is this something that is still needed, and will be added in future releases ? I would like to know whether I should

====================================================== "Change your thoughts and you change your world." Norman Vincent Peale ====================================================== Release Announcements --------------------- This is the latest stable release of the Samba 4.5 release series. Changes since 4.5.10: --------------------- o Jeremy Allison <jra at

====================================================== "Change your thoughts and you change your world." Norman Vincent Peale ====================================================== Release Announcements --------------------- This is the latest stable release of the Samba 4.5 release series. Changes since 4.5.10: --------------------- o Jeremy Allison <jra at

So, without doing a fresh install on the system the join succeeded with 4.14.9. What does it mean? In the end I want to end up with a much later version which is still getting security fixes. I went through the readme of CVE-2020-25717 as mentioned but did not really understand how this impacts the join procedure. Up to now I was using DOMAIN\administrator or its kerberos ticket for the join.

On Thu, 12 Dec 2024 13:11:55 +0000 Peter Mittermayer via samba <samba at lists.samba.org> wrote: > So, without doing a fresh install on the system the join succeeded > with 4.14.9. What does it mean? > In the end I want to end up with a much later version which is still > getting security fixes. > > I went through the readme of CVE-2020-25717 as mentioned but did not

On 12/12/24 06:25, Peter Mittermayer via samba wrote: > In the meantime I also did a lot of testing to find out where exactly the issue starts. This is what I found: > 4.13.13 still works. I can joing a DC running this version without problem. > 4.13.14 show exactly the same error as I also see on 4.21. Good work tracking that down. Do 4.14.9 or 4.15.1 work? If it is something in the

Hi Douglas, Thanks for this suggestion. I'll try that. Additionally, after reading the not on samba.tranquil.it about 'dependencies to sssd' (whatever it means) I will try to use a completely fresh installation of RHEL9. For my testlab I have just used a clone of some VM which was previously joined to domain and was using sssd. I will report back with my findings in a while. Thanks

Server: Debian Wheezy 7.3, ECC RAM, updated via cron-apt Version: 4.1.4 Clients: Windows 8.1 Pro Environment: Active Directory, installed from scratch (no migration), roaming profiles, group policies for printers, network mappings, ... Hello everyone, I've upgraded my Samba installation from 4.0.14 (which was working more or less fine) to 4.1.4 yesterday - via Sernet packages, i. e. just

Just now I again had occasion to want nested describe lists in a documentation file. I found that the bug which I reported on 18 October, 2001 still persists. I checked on the bug report at the R web page, and found that the notes say ``Not a problem in R 1.4.0 (2001-12-08)''. Well, it's still a problem for me --- using R 1.4.1. (Details: platform sparc-sun-solaris2.7 arch

In the meantime I also did a lot of testing to find out where exactly the issue starts. This is what I found: 4.13.13 still works. I can joing a DC running this version without problem. 4.13.14 show exactly the same error as I also see on 4.21. So what exactly was changed between these two versions? According to release notes there have just been a few security fixes. I don't see how any of

Hello everybody, i'm from Mexico, at the time i?m working on a production server with asterisk 1.2.25 + spandsp-0.0.4 + libmfcr2-0.0.3+libsupertone-0.0.2+libunicall-0.0.3 and zaptel-1.2.22. I installed this version of astunicall that i downloaded from http://www.moythreads.com/astunicall/ Everything works fine, i'm able to make outgoing calls and recive incoming calls with all ANI and

Hello, I was reading about secure Dialect negotiation to prevent man-in-middle to downgrade dialects & capabilities. _https://blogs.msdn.microsoft.com/openspecification/2012/06/28/smb3-secure-dialect-negotiation/_ I wanted to ask, is there any option to disable SMB2 to do dialect renegotiation as present in Windows8 clients, as they can control using RequireSecureNegotiate. -- Thanks Amit

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic. o CVE-2019-14907: Crash after failed character conversion at log level 3 or above. o CVE-2019-19344: Use after free