Blog

SAMBA+ 4.12.2, 4.11.8 and 4.10.15 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ

    A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server.

  • CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC

    A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.12.1 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

This is the latest stable release of the Samba 4.12 release series. Please see the release notes for more details.

With the release of Samba 4.12 the Samba 4.9 release series has upstream been marked as discontinued. 

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.12.0 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

This is the first stable release of the Samba 4.12 release series. Please read the release notes carefully before upgrading.

SAMBA+ now provides native systemd support. The init scripts have been removed from most packages, except RHEL 6 and SLES 11. The desired Samba start mode can still be configured in the /etc/default/sernet-samba service configuration file. The SAMBA_RESTART_ON_UPDATE parameter is ignored by the systemd services. The services will be restarted after update.

Support for multicast DNS is now enabled. Samba can announce itself in combination with the Avahi daemon. This behavior can be controlled with the "multicast dns register" smb.conf option. Samba shares which use the fruit VFS module for enhanced OS X interoperability with enabled Time Machine support will also be registered.

Samba 4.12 raises the minimum requirement for Python to Python 3.5. Due to this requirement SAMBA+ 4.12.0 does not provide the AD DC functionality for SLES12 for now.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Contact us
Contact
Deutsch English Français