Samba 4.1.16 Available for Download

                   Release Notes for Samba 4.1.16
                          January 15, 2015

This is a security release in order to address CVE-2014-8143 (Elevation
of privilege to Active Directory Domain Controller).

o  CVE-2014-8143:
   Samba's AD DC allows the administrator to delegate
   creation of user or computer accounts to specific users or groups.

   However, all released versions of Samba's AD DC did not implement the
   additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the
   userAccountControl attributes.

Changes since 4.1.15:

o   Andrew Bartlett <>
    * BUG 10993: CVE-2014-8143: dsdb-samldb: Check for extended access
      rights before we allow changes to userAccountControl.