Samba 4.9.9 (gzipped)
Signature
Patch (gzipped) against Samba 4.9.8
Signature
=============================
Release Notes for Samba 4.9.9
June 19, 2019
=============================
This is a security release in order to address the following defect:
o CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
(dnsserver))
=======
Details
=======
o CVE-2019-12435:
An authenticated user can crash the Samba AD DC's RPC server process via a
NULL pointer dereference.
For more details and workarounds, please refer to the security advisory.
Changes since 4.9.8:
--------------------
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 13922: CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found
in DnssrvOperation2.