Release Planning for Samba 4.17
Samba 4.17 is in the Security Fixes Only Mode.
- Tuesday, October 10 2023 - Samba 4.17.12 has been released as a Security Release to address the following defects:
- CVE-2023-3961 (Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system.)
- CVE-2023-4091 (SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes")
- CVE-2023-4154 (An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions.)
- CVE-2023-42669 (Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service.)
- CVE-2023-42670 (Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC.)
- Thursday, September 7 2023 - Samba 4.17.11 has been released. There will be security releases only beyond this point.
- Wednesday, July 19 2023 - Samba 4.17.10 has been released as a Security Release to address the following defects:
- CVE-2023-34967 (Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process.)
- CVE-2022-2127 (When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it.)
- CVE-2023-34968 (As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in search results.)
- CVE-2023-34966 (An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request.)
- CVE-2023-3347 (SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory.)
- Thursday, July 6 2023 - Samba 4.17.9 has been released.
- Thursday, May 11 2023 - Samba 4.17.8 has been released.
- Wednesday, March 29 2023 - Samba 4.17.7 has been released as a Security Release to address the following defects:
- CVE-2023-0225 (An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.)
- CVE-2023-0922 (The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.)
- CVE-2023-0614 (The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. Installations with such secrets in their Samba AD should assume they have been obtained and need replacing.)
- Thursday, March 9 2023 - Samba 4.17.6 has been released.
- Thursday, January 26 - Samba 4.17.5 has been released.
- Thursday, December 15 2022 - Samba 4.17.4 has been released as a Security Release to address the following defects:
- CVE-2022-37966 (This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022)
- CVE-2022-37967 (This is the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022)
- CVE-2022-38023 (The "RC4" protection of the NetLogon Secure channel uses the same algorithms as rc4-hmac cryptography in Kerberos, and so must also be assumed to be weak)
- Tuesday, November 15 2022 - Samba 4.17.3 has been released as a Security Release to address the following defects:
- CVE-2022-42898 (Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap)
- Tuesday, October 25 2022 - Samba 4.17.2 has been released as a Security Release to address the following defects:
- Wednesday, October 19 2022 - Samba 4.17.1 has been released.
- Tuesday, September 13 2022 - Samba 4.17.0 has been released.
- Tuesday, September 6 2022 - Samba 4.17.0rc5 has been released.
- Tuesday, August 30 2022 - Samba 4.17.0rc4 has been released.
- Tuesday, August 23 2022 - Samba 4.17.0rc3 has been released.
- Tuesday, August 16 2022 - Samba 4.17.0rc2 has been released.
- Monday, August 8 2022 - Samba 4.17.0rc1 has been released.