Blog

SAMBA+ 4.16.5 has been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These package updates address several issues, which are listed in the release notes:

https://www.samba.org/samba/history/samba-4.16.5.html

In addition, this SAMBA+ release also fixes a problem with recent versions of Microsoft Azure AD Connect tool, which was preventing password synchronization.

Our AIX Samba packages additionally fix a problem with the "net ads keytab create" command.

New updated SAMBA+ 4.16.3-*, 4.15.8-* and 4.14.13-* packages have just been released (the exact version numbers are listed below). These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

The packages address the following issues:

• CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords.
• CVE-2022-32744: Samba AD users can forge password change requests for any user.
• CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request.
• CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request.
• CVE-2022-32742: Server memory information leak via SMB1.

The first versions with the fixes:

• (SuSE, RedHat, ...):    4.16.3-18, 4.15.8-15 and 4.14.13-16
• Debian/Ubuntu:       4.16.3-18, 4.15.8-16 and 4.14.13-16
• AIX:                             4.16.3-2,  4.15.8-6  and 4.14.13-11

Packages with the official 4.16.4, 4.15.9 and 4.14.14 upstream releases will follow in the next days.

SAMBA+ 4.16.3 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These package updates address several issues, which are listed in the release notes:

• https://www.samba.org/samba/history/samba-4.16.3.html

The Samba Team at SerNet has just released SAMBA+ 4.15.8. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:

• https://www.samba.org/samba/history/samba-4.15.8.html

There are also 4.15.8 packages available for RHEL 9, CentOS Stream 9, AlmaLinux 9 and the upcoming Rocky Linux 9 and Oracle Linux 9 releases.

SAMBA+ 4.16.2 has just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

There are now also packages available for RHEL 9 and the upcoming Rocky Linux 9, AlmaLinux 9, Oracle Linux 9 releases.

These package updates address several issues, which are listed in the release notes:

• https://www.samba.org/samba/history/samba-4.16.2.html