Small Error in change log of 4.8.10 ldb 1.3.7/1.3.8

Andrew Bartlett abartlet at
Fri Apr 5 18:29:42 UTC 2019

On Fri, 2019-04-05 at 10:16 +0200, L.P.H. van Belle via samba-technical 
> Hai, 
> I just noticed a small thing, just reporting it. 
> Change log shows version bump to ldb 1.3.7. 
> A version check on wscript shows you need ldb 1.3.8 
> lib/ldb/wscript:VERSION = '1.3.8'

The version bumped twice, see also:

o  Gary Lockyer <gary at>
   * BUG 13773: CVE-2019-3824 ldb: Release ldb 1.3.8, ldb: Out of bound
read in

Because of the nature of the LDAP server in 4.8 (being a pure forking
mode by default) we didn't do a security release for the CVE in that
version, but we did fix the issue with this release. 

A big thanks to Karolin for pushing out one last maintenance release!

Andrew Bartlett
Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT

More information about the samba-technical mailing list