SAMBA+ 4.17.2, 4.16.6 and 4.15.11 Security Releases

2022-10-27

SAMBA+ 4.17.2, 4.16.6 and 4.15.11 have just been released. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

The 4.17.2 packages address the following issues:

CVE-2022-3437: Buffer overflow in Heimdal unwrap_des3():
There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba).
CVE-2022-3592: Wide links protection broken:
A malicious client can use a symlink to escape the exported directory.

Samba 4.16 and 4.15 are not affected by CVE-2022-3592, the packages address CVE-2022-3437.

The 4.15.11 packages additionally address the following issues:

Bug 15197: Windows 11 22H2 and Samba-AD 4.15 Kerberos login issue
Bug 15202: writev epoll_wait cpu-spinning in the LDAP server

Back

Contact

We are here for you!

Our sales team is happy to help you with any questions about all Samba products and services from SerNet - personally and individually tailored to your needs.

You can call us directly at +1 (415) 248-7818
or outside the US at +49 551 370000-0.
Mail us at sales@remove-this.sernet.com.

SerNet Sales Team — Andrea Schell (Head of Sales) and Alina Schnur