1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
5 <title>Samba 4.10.17 - Release Notes</title>
8 <H2>Samba 4.10.17 Available for Download</H2>
10 <a href="https://download.samba.org/pub/samba/stable/samba-4.10.17.tar.gz">Samba 4.10.17 (gzipped)</a><br>
11 <a href="https://download.samba.org/pub/samba/stable/samba-4.10.17.tar.asc">Signature</a>
14 <a href="https://download.samba.org/pub/samba/patches/samba-4.10.16-4.10.17.diffs.gz">Patch (gzipped) against Samba 4.10.16</a><br>
15 <a href="https://download.samba.org/pub/samba/patches/samba-4.10.16-4.10.17.diffs.asc">Signature</a>
19 ===============================
20 Release Notes for Samba 4.10.17
22 ===============================
25 This is a security release in order to address the following defects:
27 o CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC
28 LDAP Server with ASQ, VLV and paged_results.
29 o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
31 o CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
32 paged_results and VLV.
33 o CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
41 A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
42 de-reference and further combinations with the LDAP paged_results feature can
43 give a use-after-free in Samba's AD DC LDAP server.
45 o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
49 The use of the paged_results or VLV controls against the Global Catalog LDAP
50 server on the AD DC will cause a use-after-free.
53 The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
54 further requests once it receives an empty (zero-length) UDP packet to
57 For more details, please refer to the security advisories.
63 o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
64 * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
65 several seconds of CPU each.
67 o Andrew Bartlett <abartlet@samba.org>
68 * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
70 * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
71 server with paged_result or VLV.
72 * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
75 o Gary Lockyer <gary@catalyst.net.nz>
76 * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
77 and VLV combined, ldb: Bump version to 1.5.8.