Blog

SAMBA+ 4.10.5 and 4.9.9 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2019-12435 Samba AD DC Denial of Service in DNS management server (dnsserver)
    An authenticated user can crash the Samba AD DC's RPC server process via a NULL pointer dereference.
    Affects Samba 4.9.9 and 4.10.5.
  • CVE-2019-12436 Samba AD DC LDAP server crash (paged searches)
    An user with read access to the directory can cause a NULL pointer dereference using the paged search control.
    Affects Samba 4.10.5 only.

SAMBA+ is now also available for Debian Buster.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.10.4 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.10.3, 4.9.8 and 4.8.12 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2018-16860 Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum
    The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target (client) principal.

Additionally SAMBA+ LTS packages for 4.5, 4.6 and 4.7 have been released, addressing the security defects. Please visit https://samba.plus/lts/ for further information.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.9.7 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

For details, please see the release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.10.5 and 4.9.9 packages have just been released by SerNet. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

These are Security Releases, please update your servers as soon as possible.

For details, please see the release notes 4.10.5, release notes 4.9.9.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Newsletter

La bulletin d'information Samba de SerNet vous informe sur tous les développements et événements importants avec un accent particulier sur les nouveaux paquets.

+ s'abonner à la Bulletins

RSS Feed

Ne manquez plus les actualités de SAMBA+ ? Lisez les dernières nouvelles dans le lecteur de flux RSS de votre choix.

+ subscribe to RSS feed

SAMBA+ Shop

Acheter et gérer les abonnements aux logiciels. Les abonnements SAMBA+ sont disponibles pour un, deux et trois ans dans la SAMBA+ shop.

+ visiter la shop

Deutsche SpracheEnglish languageLangue française