1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
5 <title>Samba 4.4.14 - Release Notes</title>
8 <H2>Samba 4.4.14 Available for Download</H2>
10 <a href="https://download.samba.org/pub/samba/stable/samba-4.4.14.tar.gz">Samba 4.4.14 (gzipped)</a><br>
11 <a href="https://download.samba.org/pub/samba/stable/samba-4.4.14.tar.asc">Signature</a>
14 <a href="https://download.samba.org/pub/samba/patches/samba-4.4.13-4.4.14.diffs.gz">Patch (gzipped) against Samba 4.4.13</a><br>
15 <a href="https://download.samba.org/pub/samba/patches/samba-4.4.13-4.4.14.diffs.asc">Signature</a>
19 ==============================
20 Release Notes for Samba 4.4.14
22 ==============================
25 This is a security release in order to address the following defect:
27 o CVE-2017-7494 (Remote code execution from a writable share)
34 All versions of Samba from 3.5.0 onwards are vulnerable to a remote
35 code execution vulnerability, allowing a malicious client to upload a
36 shared library to a writable share, and then cause the server to load
43 o Volker Lendecke <vl@samba.org>
44 * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable