Blog

SAMBA+ 4.10.13 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.11.5, 4.10.12 and 4.9.18 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD Directory not automatic.
    The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers.
     
  • CVE-2019-14907: Crash after failed character conversion at log level 3 or above.
    When processing untrusted string input Samba can read past the end of the allocated buffer when printing a "Conversion error" message to the logs.
     
  • CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
    During DNS zone scavenging (of expired dynamic entries) there is a read of memory after it has been freed.

Also, SAMBA+ Long Term Support packages 4.8.12-25.lts.4, 4.7.12-21.lts.6 and 4.6.16-17.lts.8 including these fixes are available now.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SDC EMEA 2020 Logo

SerNet will be at the SNIA EMEA Storage Developer Conference 2020 in Tel Aviv from February 4 - 5, 2020. Both days will provide the opportunity to meet SerNet's Samba Team as well as SerNet Sales. Also there are lectures by Ralph Böhme and Volker Lendecke on the agenda.  

As part of the SMB3 Education Track on Tuesday (February 4) Volker Lendecke presents "Samba Scalability Improvements", starting at 14:55. Following at 15:50, Ralph Böhme hosts "Future of SMB in Samba".

On Wednesday, February 5, Volker Lendecke will talk about "Samba for integrators" (13:45). Check the abstract for more details.

Attendees are more than welcome to stop by at the SerNet booth and learn more about our support services, SAMBA+ packages as well as joint development projects.


SAMBA+ 4.11.4 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.11.3, 4.10.11 and 4.9.17 packages have just been released by SerNet. These are important security releases for AD DCs, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server (dnsserver).
  • CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition on Samba AD DC.

For more details and workarounds, please see

Also, SAMBA+ Long Term Support packages 4.8.12-25.lts.3, 4.7.12-21.lts.5 and 4.6.16-17.lts.7 including these fixes are available now.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Newsletter

SerNet's Samba newsletter informs you about all important developments and events with its main focus on new packages.

+ subscribe to Newsletter

RSS Feed

Don't miss any more SAMBA+ news? Read the latest in your feed reader of choice.

+ subscribe to RSS feed

SAMBA+ Shop

Buy and manage software subscriptions. SAMBA+ subscriptions are available for one, two and three years at the SAMBA+ shop.

+ visit the shop

Deutsche SpracheEnglish languageLangue française