SAMBA+ 4.22.6 has just been released by SerNet and is now available for download for Debian GNU/Linux, Ubuntu, and AIX. Security updates for the other supported 4.21 and 4.23 releases have also been published. If you haven’t updated your packages yet, it is strongly recommended to do so soon.
These releases address several security issues, including:
- CVE-2025-9640: Uninitialized memory disclosure via vfs_streams_xattr
- CVE-2025-10230: Command injection via WINS server hook script
A complete list of changes in the 4.22.6 bugfix release can be find in the Release Notes.
SAMBA+ packages are offered through a flexible software subscription model and can be purchased directly via the SAMBA+ shop. Pricing information can be found here:
- USD Pricing: US SAMBA+ Shop
- EUR Pricing: World SAMBA+ Shop
Existing subscribers automatically have access to the new SAMBA+ 4.22.6 packages. With an active subscription, download links are available in the SAMBA+ HowTo or the SAMBA+ AIX HowTo.
For questions, support, or to request a quote, our SAMBA+ Team is happy to help.
