Hi, Thanks for the updates.
Built and tested on -current, 7.9-stable and 7.8-stable. OK Ian McWilliam > On 27 May 2026, at 04:29, Björn Ketelaars <[email protected]> > wrote: > > Samba security releases have been made available: > - 4.24.3 for -current and 7.9 > - 4.23.8 for 7.8 > > These updates address the following defects: > CVE-2026-1933: Missing access checks on reparse point operations > CVE-2026-2340: WORM vfs module does not block overwrites > CVE-2026-3012: auto-enrolment GPO installing CA certificate over http > without verification > CVE-2026-3238: Denial of service against AD DC WINS server > CVE-2026-4408: Unauthenticated Remote Code Execution in Samba DCE/RPC > SAMR server > CVE-2026-4480: Unauthenticated Remote Code Execution in Samba printing > subsystem > > More information can be found at > https://www.samba.org/samba/history/samba-4.24.3.html and > https://www.samba.org/samba/history/samba-4.23.8.html. > > Enclosed are 3 diffs: > current-samba-4.24.3.patch: updates Samba on current > 7.9-samba-4.24.3.patch: updates Samba on 7.9 > 7.8-samba-4.23.8.patch: updates Samba on 7.8 > > These updates need FIX_EXTRACT_PERMISSIONS=Yes. Minor of libsamba-util > has been bumped. > All three diffs have been lightly run tested. > > OK to commit to -current, 7.9 and 7.8? > <current-samba-4.24.3.patch><7.9-samba-4.24.3.patch><7.8-samba-4.23.8.patch>
