- samba (2:4.24.1+dfsg-1+rpi1) forky-staging; urgency=medium
++samba (2:4.24.3+dfsg-1+rpi1) forky-staging; urgency=medium
+
+ [changes brought forward from 2:4.19.1+dfsg-4+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Thu, 12 Oct 2023 15:37:21 +0000]
+ * Link with libatomic on armhf too.
+
- -- Raspbian forward porter <root@raspbian.org> Tue, 21 Apr 2026 16:26:26 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sun, 31 May 2026 02:13:47 +0000
++
+ samba (2:4.24.3+dfsg-1) unstable; urgency=medium
+
+ * This is a security release in order to address the following defects:
+
+ CVE-2026-1933: Missing access checks on reparse point operations
+
+ On a share marked "read only = yes" and on file handles opened R/O users
+ can set or delete the reparse point xattrs on files that the user has
+ write-access in the file system for.
+
+ https://www.samba.org/samba/security/CVE-2026-1933.html
+
+ CVE-2026-2340: WORM vfs module does not block overwrites
+
+ The WORM (Write-Once, Read Many) vfs module is supposed to lock write
+ access to shared files, so they cannot be altered after initial writes.
+ It was allowing files to be overwritten by renaming a newly created file
+ over a protected file.
+
+ https://www.samba.org/samba/security/CVE-2026-2340.html
+
+ CVE-2026-3012: auto-enrolment GPO installing CA certificate over http
+ without verification
+
+ To bootstrap a certificate chain a domain member must fetch a certificate
+ without TLS. It was trusting HTTP for this when a more secure encrypted
+ LDAP channel was also available.
+
+ https://www.samba.org/samba/security/CVE-2026-3012.html
+
+ CVE-2026-3238: Denial of service against AD DC WINS server
+
+ The WINS server component of the Active Directory Domain controller code
+ in Samba is vulnerable to a NULL pointer dereference and crash caused by
+ an unauthenticated UDP packet.
+
+ https://www.samba.org/samba/security/CVE-2026-3238.html
+
+ CVE-2026-4408: Unauthenticated Remote Code Execution in Samba DCE/RPC
+ SAMR server
+
+ Samba file servers and classic (non-AD) domain controllers with
+ samba-dcerpcd started as a system service and with a "check password
+ script" that has the %u substitution character are vulnerable to a
+ remote code execution.
+
+ https://www.samba.org/samba/security/CVE-2026-4408.html
+
+ CVE-2026-4480: Unauthenticated Remote Code Execution in Samba
+ printing subsystem
+
+ Samba print servers with a "print command" that has the %J substitution
+ character are vulnerable to a Remote Code Execution.
+
+ https://www.samba.org/samba/security/CVE-2026-4480.html
+
+ -- Michael Tokarev <mjt@tls.msk.ru> Tue, 26 May 2026 15:46:55 +0300
+
+ samba (2:4.24.2+dfsg-1) unstable; urgency=medium
+
+ * new upstream point release
+
+ -- Michael Tokarev <mjt@tls.msk.ru> Tue, 12 May 2026 21:10:42 +0300
samba (2:4.24.1+dfsg-1) unstable; urgency=medium
projects / samba.git / commitdiff