.. Reminder for header structure:        
  Parts (H1)          : #################### with overline
  Chapters (H2)       : ******************** with overline
  Sections (H3)       : ====================
  Subsections (H4)    : --------------------
  Subsubsections (H5) : ^^^^^^^^^^^^^^^^^^^^
  Paragraphs (H6)     : """""""""""""""""""""

.. |date| date::

.. meta::
  :description: Security Notes
  :keywords: Documentation, Homepage, Samba-AD, Tranquil IT, Security

.. _samba_documentation_homepage:

.. Samba-AD documentation master file

###################
Security Advisories
###################

Security advisories for Samba are listed below.

.. warning::

  Before upgrading your samba, please read carrefuly all security advisories. Some changes can break your production.


Samba 4.19.3 Security Releases
==================================================

.. code-block:: bash

    This is the latest stable release of the Samba 4.19 release series.
    It contains the security-relevant bug CVE-2018-14628:

    Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
    allow read of object tombstones over LDAP
    (Administrator action required!)
    https://www.samba.org/samba/security/CVE-2018-14628.html



Samba 4.19.1, 4.18.8 and 4.17.12 Security Releases
==================================================

.. code-block:: bash

  o CVE-2023-3961:  Unsanitized pipe names allow SMB clients to connect as root to
                    existing unix domain sockets on the file system.
                    https://www.samba.org/samba/security/CVE-2023-3961.html

  o CVE-2023-4091:  SMB client can truncate files to 0 bytes by opening files with
                    OVERWRITE disposition when using the acl_xattr Samba VFS
                    module with the smb.conf setting
                    "acl_xattr:ignore system acls = yes"
                    https://www.samba.org/samba/security/CVE-2023-4091.html
  
  o CVE-2023-4154:  An RODC and a user with the GET_CHANGES right can view all
                    attributes, including secrets and passwords.  Additionally,
                    the access check fails open on error conditions.
                    https://www.samba.org/samba/security/CVE-2023-4154.html
  
  o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
                   server block for a user-defined amount of time, denying
                    service.
                    https://www.samba.org/samba/security/CVE-2023-42669.html
  
  o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
                    listeners, disrupting service on the AD DC.
                    https://www.samba.org/samba/security/CVE-2023-42670.html

