Samba 4.9.15 (gzipped)
Signature
Patch (gzipped) against Samba 4.9.14
Signature
==============================
Release Notes for Samba 4.9.15
October 29, 2019
==============================
This is a security release in order to address the following defects:
o CVE-2019-10218: Client code can return filenames containing path separators.
o CVE-2019-14833: Samba AD DC check password script does not receive the full
password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server
via dirsync.
=======
Details
=======
o CVE-2019-10218:
Malicious servers can cause Samba client code to return filenames containing
path separators to calling code.
o CVE-2019-14833:
When the password contains multi-byte (non-ASCII) characters, the check
password script does not receive the full password string.
o CVE-2019-14847:
Users with the "get changes" extended access right can crash the AD DC LDAP
server by requesting an attribute using the range= syntax.
For more details and workarounds, please refer to the security advisories.
Changes since 4.9.14:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 14071: CVE-2019-10218 - s3: libsmb: Protect SMB1 and SMB2 client code
from evil server returned names.
o Andrew Bartlett <abartlet@samba.org>
* BUG 12438: CVE-2019-14833: Use utf8 characters in the unacceptable
password.
* BUG 14040: CVE-2019-14847 dsdb: Correct behaviour of ranged_results when
combined with dirsync.
o Björn Baumbach <bb@sernet.de>
* BUG 12438: CVE-2019-14833 dsdb: Send full password to check password
script.