1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
5 <title>Samba 4.9.9 - Release Notes</title>
8 <H2>Samba 4.9.9 Available for Download</H2>
10 <a href="https://download.samba.org/pub/samba/stable/samba-4.9.9.tar.gz">Samba 4.9.9 (gzipped)</a><br>
11 <a href="https://download.samba.org/pub/samba/stable/samba-4.9.9.tar.asc">Signature</a>
14 <a href="https://download.samba.org/pub/samba/patches/samba-4.9.8-4.9.9.diffs.gz">Patch (gzipped) against Samba 4.9.8</a><br>
15 <a href="https://download.samba.org/pub/samba/patches/samba-4.9.8-4.9.9.diffs.asc">Signature</a>
19 =============================
20 Release Notes for Samba 4.9.9
22 =============================
25 This is a security release in order to address the following defect:
27 o CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
35 An authenticated user can crash the Samba AD DC's RPC server process via a
36 NULL pointer dereference.
38 For more details and workarounds, please refer to the security advisory.
44 o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
45 * BUG 13922: CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found