Blog

An update for SAMBA+ 4.18.3 has just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address the following issues:

• Bug 15381 - Register Samba processes with GPFS
  Fixes broken special handling of smbd processes accessing the GPFS file system.
• smbd: Avoid jumping back using dptr_SeekDir() for SMB2 readdirs
  Fixes possible error in directory content listing.
• vfs_aio_pthread: don't crash without a pthreadpool
  Avoid crash in aio_pthread vfs module.

SAMBA+ 4.18.3 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:
https://www.samba.org/samba/history/samba-4.18.3.html

SAMBA+ 4.17.8 has just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:

   https://www.samba.org/samba/history/samba-4.17.8.html

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate
their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.
 

SAMBA+ 4.18.2 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are
available now.

These packages address several issues, which are listed in the release notes:

https://www.samba.org/samba/history/samba-4.18.2.html

SAMBA+ 4.18.1, 4.17.7 and 4.16.10 have just been released. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

The packages address the following security related issues, which only affect the Samba AD DC and related tools:

• CVE-2023-0614 Access controlled AD LDAP attributes can be discovered.
  The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
  
  Installations with such secrets in their Samba AD should assume they have been obtained and need replacing.
   
• CVE-2023-0225 Samba AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users.
  An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
  
  Affects only Samba 4.17.0 and later versions.  
   
• CVE-2023-0922 Samba AD DC admin tool samba-tool sends passwords in cleartext.
  The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.