Samba 4.10.8 (gzipped)
Signature
Patch (gzipped) against Samba 4.10.7
Signature
============================== Release Notes for Samba 4.10.8 September 3, 2019 ============================== This is a security release in order to address the following defect: o CVE-2019-10197: Combination of parameters and permissions can allow user to escape from the share path definition. ======= Details ======= o CVE-2019-10197: Under certain parameter configurations, when an SMB client accesses a network share and the user does not have permission to access the share root directory, it is possible for the user to escape from the share to see the complete '/' filesystem. Unix permission checks in the kernel are still enforced. Changes since 4.10.7: --------------------- o Jeremy Allison <jra@samba.org> * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape from the share. o Stefan Metzmacher <metze@samba.org> * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape from the share.