SAMBA+ 4.11.2, 4.10.10 and 4.9.15 Security Releases Available

SAMBA+  4.11.2, 4.10.10 and 4.9.15 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

These are Security Releases in order to address the following defects:

CVE-2019-10218: Client code can return filenames containing path separators (advisory).

CVE-2019-14833: Samba AD DC check password script does not receive the full password (advisory).

CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync (advisory).

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

Newsletter

SerNet's Samba newsletter informs you about all important developments and events with its main focus on new packages.

+ subscribe to Newsletter

SAMBA+ Shop

Buy and manage software subscriptions. SAMBA+ subscriptions are available for one, two and three years at the SAMBA+ shop.

+ visit the shop

Deutsche SpracheEnglish language