oss-sec mailing list archives
Re: Heads-up: Upcoming Samba security releases (2026-04-09)
From: Douglas Bagnall <dbagnall () samba org>
Date: Tue, 7 Apr 2026 16:10:05 +1200
I was a little inaccurate in this message, sorry. Below I have amended the impacted components to reflect that one of the bad ones requires an unusual configuration, and one of the AD bugs affects domain members, not the DC. On 06/04/2026 2:53 pm, Douglas Bagnall via samba-technical wrote:
This is a heads-up that there will be Samba security updates for 4.22, 4.23, and 4.24 on Thursday, April 9, 2026. Please make sure that your Samba servers will be updated soon after the release! Impacted components: - File Services, CVSS 10.0, affecting some configurations - File Services, CVSS 10.0, affecting some configurations - File Services, CVSS 7.1 affecting some configurations - File Services, CVSS 6.5 affecting uncommon configurations - AD DC CVSS 8.0, affecting some configurations - AD DC CVSS 7.5, affecting uncommon configurations>
Impacted components: - File Services, CVSS 10.0, affecting some configurations - File Services, CVSS 10.0, affecting uncommon configurations - File Services, CVSS 7.1 affecting some configurations - File Services, CVSS 6.5 affecting uncommon configurations - Domain members CVSS 8.0, affecting some configurations - AD DC CVSS 7.5, affecting uncommon configurations Release is still Thursday 9 April. Douglas
Current thread:
- Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 05)
- Re: Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 07)
- Re: Re: Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 08)
- Re: Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 07)