Samba 4.5.3, 4.4.8 and 4.3.13 Security Releases Available for Download
These are security releases in order to address CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability), CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers in trusted realms), CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege elevation).
The uncompressed tarballs have been signed using GnuPG (ID 6F33915B6568B7EA).
The 4.5.3 source code can be downloaded now.
A patch against Samba 4.5.2 is also available.
See the 4.5.3 release notes for more info.
The 4.4.8 source code can be downloaded now.
A patch against Samba 4.4.7 is also available.
See the 4.4.8 release notes for more info.
The 4.3.13 source code can be downloaded now.
A patch against Samba 4.3.12 is also available.
See the 4.3.13 release notes for more info.