SAMBA+ meta-data symlink vulnerabilities CVE-2021-43566 and CVE-2021-20316

SAMBA+ 4.13.16 has just been released. This is a security release that addresses CVE-2021-43566. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

All versions of the Samba file server prior to 4.15.0 are affected by CVE-2021-20316. Samba versions prior to 4.15.0 cannot be patched.

Please update affected systems as soon as possible. If possible upgrade to SAMBA+ 4.15, otherwise consult the release notes for possible mitigations for CVE-2021-20316.

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

Newsletter

SerNet's Samba newsletter informs you about all important developments and events with its main focus on new packages.

+ subscribe to Newsletter

RSS Feed

Don't miss any more SAMBA+ news? Read the latest in your feed reader of choice.

+ subscribe to RSS feed

SAMBA+ Shop

Buy and manage software subscriptions. SAMBA+ subscriptions are available for one, two and three years at the SAMBA+ shop.

+ visit the shop

Deutsch English Français