[Announce] Samba 4.13.15 Available for Download

Jule Anger janger at samba.org
Wed Dec 15 14:36:42 UTC 2021


Release Announcements
---------------------

This is the latest stable release of the Samba 4.13 release series.

Important Notes
===============

There have been a few regressions in the security release 4.13.14:

o CVE-2020-25717: A user on the domain can become root on domain members.
https://www.samba.org/samba/security/CVE-2020-25717.html
                   PLEASE [RE-]READ!
                   The instructions have been updated and some workarounds
                   initially adviced for 4.13.14 are no longer required and
                   should be reverted in most cases.

o BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become
              un-deletable. While this release should fix this bug, it is
              adviced to have a look at the bug report for more detailed
              information, see 
https://bugzilla.samba.org/show_bug.cgi?id=14902.

Changes since 4.13.14
---------------------

o  Andrew Bartlett <abartlet at samba.org>
    * BUG 14656: Spaces incorrectly collapsed in ldb attributes.
    * BUG 14901: The CVE-2020-25717 username map [script] advice has 
undesired
      side effects for the local nt token.
    * BUG 14902: User with multiple spaces (eg Fred<space><space>Nurk) 
become un-
      deletable.

o  Ralph Boehme <slow at samba.org>
    * BUG 14922: Kerberos authentication on standalone server in MIT realm
      broken.

o  Alexander Bokovoy <ab at samba.org>
    * BUG 14903: Support for ROLE_IPA_DC is incomplete.

o  Stefan Metzmacher <metze at samba.org>
    * BUG 14899: winbindd doesn't start when "allow trusted domains" is off.
    * BUG 14901: The CVE-2020-25717 username map [script] advice has 
undesired
      side effects for the local nt token.

o  Joseph Sutton <josephsutton at catalyst.net.nz>
    * BUG 14901: The CVE-2020-25717 username map [script] advice has 
undesired
      side effects for the local nt token.


#######################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).


======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================



================
Download Details
================

The uncompressed tarballs and patch files have been signed
using GnuPG (ID AA99442FB680B620).  The source code can be downloaded
from:

         https://download.samba.org/pub/samba/stable/

The release notes are available online at:

         https://www.samba.org/samba/history/samba-4.13.15.html

Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)

                         --Enjoy
                         The Samba Team



More information about the samba-announce mailing list