NEWS[4.18.3]: Samba 4.18.3 Available for Download

[samba-web.git] / history / samba-4.9.6.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Samba 4.9.6 - Release Notes</title>
</head>
<body>
<H2>Samba 4.9.6 Available for Download</H2>
<p>
<a href="https://download.samba.org/pub/samba/stable/samba-4.9.6.tar.gz">Samba 4.9.6 (gzipped)</a><br>
<a href="https://download.samba.org/pub/samba/stable/samba-4.9.6.tar.asc">Signature</a>
</p>
<p>
<a href="https://download.samba.org/pub/samba/patches/samba-4.9.5-4.9.6.diffs.gz">Patch (gzipped) against Samba 4.9.5</a><br>
<a href="https://download.samba.org/pub/samba/patches/samba-4.9.5-4.9.6.diffs.asc">Signature</a>
</p>
<p>
<pre>
                   =============================
                   Release Notes for Samba 4.9.6
                           April 8, 2019
                   =============================


This is a security release in order to address the following defects:

o  CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
o  CVE-2019-3880 (Save registry file outside share as unprivileged user)


=======
Details
=======

o  CVE-2019-3870:
   During the provision of a new Active Directory DC, some files in the private/
   directory are created world-writable.

o  CVE-2019-3880:
   Authenticated users with write permission can trigger a symlink traversal to
   write or detect files outside the Samba share.

For more details and workarounds, please refer to the security advisories.


Changes since 4.9.5:
--------------------

o  Andrew Bartlett &lt;abartlet@samba.org&gt;
   * BUG 13834: CVE-2019-3870: pysmbd: Ensure a zero umask is set for
     smbd.mkdir().

o  Jeremy Allison &lt;jra@samba.org&gt;
   * BUG 13851: CVE-2018-14629: rpc: winreg: Remove implementations of
     SaveKey/RestoreKey.


</pre>
</p>
</body>
</html>