[Samba] [Announce] Samba 4.11.5, 4.10.12 and 4.9.18 Security Releases Available
Jonathan Hunter
jmhunter1 at gmail.com
Tue Jan 21 11:10:02 UTC 2020
Thanks, all.
This is good news for me in that I think I may have been suffering
from bug 12497 for some time; at least, on the surface it would
explain the problems I have had in accessing parts of my tree that
have custom ACLs.
Is this bug able to be made public on bugzilla now? Even after logging
in I can't view the bug yet; I guess because it had been made private
until this announcement was published.
I'd like to look into the details so that I can plan what remedial
action I need to take - i.e. if I have one DC with ACLs that work, and
others where I can't query parts of the tree, do I need to be careful
about replication; is there a 'forward-fix' script as part of one-time
upgrade to these versions; etc.
Many thanks :)
Jonathan
On Tue, 21 Jan 2020 at 09:57, Karolin Seeger via samba
<samba at lists.samba.org> wrote:
>
> Release Announcements
> ---------------------
>
> These are security releases in order to address the following defects:
>
> o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
> Directory not automatic.
> o CVE-2019-14907: Crash after failed character conversion at log level 3 or
> above.
> o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
>
>
> =======
> Details
> =======
>
> o CVE-2019-14902:
> The implementation of ACL inheritance in the Samba AD DC was not complete,
> and so absent a 'full-sync' replication, ACLs could get out of sync between
> domain controllers.
>
> o CVE-2019-14907:
> When processing untrusted string input Samba can read past the end of the
> allocated buffer when printing a "Conversion error" message to the logs.
>
> o CVE-2019-19344:
> During DNS zone scavenging (of expired dynamic entries) there is a read of
> memory after it has been freed.
>
> For more details and workarounds, please refer to the security advisories.
>
>
> Changes:
> --------
>
> o Andrew Bartlett <abartlet at samba.org>
> * BUG 12497: CVE-2019-14902: Replication of ACLs down subtree on AD Directory
> not automatic.
> * BUG 14208: CVE-2019-14907: lib/util: Do not print the failed to convert
> string into the logs.
>
> o Gary Lockyer <gary at catalyst.net.nz>
> * BUG 14050: CVE-2019-19344: kcc dns scavenging: Fix use after free in
> dns_tombstone_records_zone.
>
>
> #######################################
> Reporting bugs & Development Discussion
> #######################################
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored. All bug reports should
> be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
>
>
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
>
>
>
> ================
> Download Details
> ================
>
> The uncompressed tarballs and patch files have been signed
> using GnuPG (ID 6F33915B6568B7EA). The source code can be downloaded
> from:
>
> https://download.samba.org/pub/samba/stable/
>
> The release notes are available online at:
>
> https://www.samba.org/samba/history/samba-4.11.5.html
> https://www.samba.org/samba/history/samba-4.10.12.html
> https://www.samba.org/samba/history/samba-4.9.18.html
>
> Our Code, Our Bugs, Our Responsibility.
> (https://bugzilla.samba.org/)
>
> --Enjoy
> The Samba Team
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
"If we knew what it was we were doing, it would not be called
research, would it?"
- Albert Einstein
More information about the samba
mailing list