Blog

SAMBA+  4.11.2, 4.10.10 and 4.9.15 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

These are Security Releases in order to address the following defects:

CVE-2019-10218: Client code can return filenames containing path separators (advisory).

CVE-2019-14833: Samba AD DC check password script does not receive the full password (advisory).

CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync (advisory).

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.9.14 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

Please note that this is the last bugfix release of the Samba 4.9 release series. There will be security releases only beyond this point.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.10.9 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

Additionally the following fixes are included:

  • Bug 14125: As kerberos service/acceptor we may not accept expired tickets with our previous machine password
  • Bug 12907: pam_winbind with krb5_auth or wbinfo -K doesn't work for users of trusted domains with more than 1 hop between server and user realm when using heimdal
  • Bug 14153: azure ad connect reports discovery errors: reference-value-not-ldap-conformant

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.11.0 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

As this is the first release of the 4.11.0 release series, please test carefully before running on a production system and read the release notes thouroughly. Please note that SMB1 support is now disabled by default.

For details, please see the release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.10.8 and 4.9.13 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

These are Security Releases in order to address the following defect:

CVE-2019-10197: Combination of parameters and permissions can allow user to escape from the share path definition.

For details and workarounds, please see the security advisory.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Newsletter

SerNet's Samba newsletter informs you about all important developments and events with its main focus on new packages.

+ subscribe to Newsletter

SAMBA+ Shop

Buy and manage software subscriptions. SAMBA+ subscriptions are available for one, two and three years at the SAMBA+ shop.

+ visit the shop

Deutsche SpracheEnglish language