Samba 4.17.12 (gzipped)
Signature
Patch (gzipped) against Samba 4.17.11
Signature
===============================
Release Notes for Samba 4.17.12
October 10, 2023
===============================
This is a security release in order to address the following defects:
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html
Changes since 4.17.11
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 15422: CVE-2023-3961.
o Andrew Bartlett <abartlet@samba.org>
* BUG 15424: CVE-2023-4154.
* BUG 15473: CVE-2023-42670.
* BUG 15474: CVE-2023-42669.
o Ralph Boehme <slow@samba.org>
* BUG 15439: CVE-2023-4091.
o Christian Merten <christian@merten.dev>
* BUG 15424: CVE-2023-4154.
o Stefan Metzmacher <metze@samba.org>
* BUG 15424: CVE-2023-4154.
o Andreas Schneider <asn@samba.org>
* BUG 15424: CVE-2023-4154.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15424: CVE-2023-4154.