Samba security updates

Number: AV18-135
Date: 15 August 2018

Purpose

The purpose of this advisory is to bring attention to recent Samba security advisories.

Assessment

Samba has released updates to address multiple security vulnerabilities.

Affected Versions:

• Samba 4.8.3 and prior versions
• Samba 4.7.8 and prior versions
• Samba 4.5.16 and prior versions

CVE References:
CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, CVE-2018-1140

Suggested Action

CCIRC recommends that owners/operators test and deploy the vendor released update or workaround to affected platforms accordingly.

References:

• https://www.samba.org/samba/history/security.html 
• https://www.samba.org/samba/security/CVE-2018-10858.html 
• https://www.samba.org/samba/security/CVE-2018-10918.html 
• https://www.samba.org/samba/security/CVE-2018-10919.html  
• https://www.samba.org/samba/security/CVE-2018-1139.html   
• https://www.samba.org/samba/security/CVE-2018-1140.html