1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
5 <title>Samba 4.8.4 - Release Notes</title>
8 <H2>Samba 4.8.4 Available for Download</H2>
10 <a href="https://download.samba.org/pub/samba/stable/samba-4.8.4.tar.gz">Samba 4.8.4 (gzipped)</a><br>
11 <a href="https://download.samba.org/pub/samba/stable/samba-4.8.4.tar.asc">Signature</a>
14 <a href="https://download.samba.org/pub/samba/patches/samba-4.8.3-4.8.4.diffs.gz">Patch (gzipped) against Samba 4.8.3</a><br>
15 <a href="https://download.samba.org/pub/samba/patches/samba-4.8.3-4.8.4.diffs.asc">Signature</a>
19 =============================
20 Release Notes for Samba 4.8.4
22 =============================
25 This is a security release in order to address the following defects:
27 o CVE-2018-1139 (Weak authentication protocol allowed.)
28 o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
29 o CVE-2018-10858 (Insufficient input validation on client directory
30 listing in libsmbclient.)
31 o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
32 o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
41 Vulnerability that allows authentication via NTLMv1 even if disabled.
44 Missing null pointer checks may crash the Samba AD DC, both over
48 A malicious server could return a directory entry that could corrupt
52 Missing null pointer checks may crash the Samba AD DC, over the
53 authenticated DRSUAPI RPC service.
56 Missing access control checks allow discovery of confidential attribute
57 values via authenticated LDAP search expressions.
63 o Jeremy Allison <jra@samba.org>
64 * BUG 13453: CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against
65 returns from malicious servers.
67 o Andrew Bartlett <abartlet@samba.org>
68 * BUG 13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query
69 with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140
70 * BUG 13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when
71 not servicePrincipalName is set on a user.
73 o Tim Beale <timbeale@catalyst.net.nz>
74 * BUG 13434: CVE-2018-10919: acl_read: Fix unauthorized attribute access via
77 o Günther Deschner <gd@samba.org>
78 * BUG 13360: CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it
79 is disabled via "ntlm auth".
81 o Andrej Gessel <Andrej.Gessel@janztec.com>
82 * BUG 13374: CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in