1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
5 <title>Samba 4.9.18 - Release Notes</title>
8 <H2>Samba 4.9.18 Available for Download</H2>
10 <a href="https://download.samba.org/pub/samba/stable/samba-4.9.18.tar.gz">Samba 4.9.18 (gzipped)</a><br>
11 <a href="https://download.samba.org/pub/samba/stable/samba-4.9.18.tar.asc">Signature</a>
14 <a href="https://download.samba.org/pub/samba/patches/samba-4.9.17-4.9.18.diffs.gz">Patch (gzipped) against Samba 4.9.17</a><br>
15 <a href="https://download.samba.org/pub/samba/patches/samba-4.9.17-4.9.18.diffs.asc">Signature</a>
19 ==============================
20 Release Notes for Samba 4.9.18
22 ==============================
25 This is a security release in order to address the following defects:
27 o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
28 Directory not automatic.
29 o CVE-2019-14907: Crash after failed character conversion at log level 3 or
31 o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
39 The implementation of ACL inheritance in the Samba AD DC was not complete,
40 and so absent a 'full-sync' replication, ACLs could get out of sync between
44 When processing untrusted string input Samba can read past the end of the
45 allocated buffer when printing a "Conversion error" message to the logs.
48 During DNS zone scavenging (of expired dynamic entries) there is a read of
49 memory after it has been freed.
51 For more details and workarounds, please refer to the security advisories.
57 o Andrew Bartlett <abartlet@samba.org>
58 * BUG 12497: CVE-2019-14902: Replication of ACLs down subtree on AD Directory
60 * BUG 14208: CVE-2019-14907: lib/util: Do not print the failed to convert
63 o Gary Lockyer <gary@catalyst.net.nz>
64 * BUG 14050: CVE-2019-19344: kcc dns scavenging: Fix use after free in
65 dns_tombstone_records_zone.