-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 26 May 2026 15:46:55 +0300
Source: samba
Architecture: source
Version: 2:4.22.10+dfsg-0+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
samba (2:4.22.10+dfsg-0+deb13u1) trixie; urgency=medium
.
* switch to actual upstream release for the May-2026 security fixes:
.
* This is a security release in order to address the following defects:
.
CVE-2026-1933: Missing access checks on reparse point operations
On a share marked "read only = yes" and on file handles opened R/O users
can set or delete the reparse point xattrs on files that the user has
write-access in the file system for.
https://www.samba.org/samba/security/CVE-2026-1933.html
.
CVE-2026-2340: WORM vfs module does not block overwrites
The WORM (Write-Once, Read Many) vfs module is supposed to lock write
access to shared files, so they cannot be altered after initial writes.
It was allowing files to be overwritten by renaming a newly created file
over a protected file.
https://www.samba.org/samba/security/CVE-2026-2340.html
.
CVE-2026-3012: auto-enrolment GPO installing CA certificate over http
without verification
To bootstrap a certificate chain a domain member must fetch a certificate
without TLS. It was trusting HTTP for this when a more secure encrypted
LDAP channel was also available.
https://www.samba.org/samba/security/CVE-2026-3012.html
.
CVE-2026-3238: Denial of service against AD DC WINS server
The WINS server component of the Active Directory Domain controller code
in Samba is vulnerable to a NULL pointer dereference and crash caused by
an unauthenticated UDP packet.
https://www.samba.org/samba/security/CVE-2026-3238.html
.
CVE-2026-4408: Unauthenticated Remote Code Execution in Samba DCE/RPC
SAMR server
Samba file servers and classic (non-AD) domain controllers with
samba-dcerpcd started as a system service and with a "check password
script" that has the %u substitution character are vulnerable to a
remote code execution.
https://www.samba.org/samba/security/CVE-2026-4408.html
.
CVE-2026-4480: Unauthenticated Remote Code Execution in Samba
printing subsystem
Samba print servers with a "print command" that has the %J substitution
character are vulnerable to a Remote Code Execution.
https://www.samba.org/samba/security/CVE-2026-4480.html
Checksums-Sha1:
c9d2baa3cd626d948d58a11295ac3423d48b7dfe 5763 samba_4.22.10+dfsg-0+deb13u1.dsc
997d64904b689e9e3964d95e833b08a8142c7c1c 25648480 samba_4.22.10+dfsg.orig.tar.xz
1fa3b3335a68d03a8df617380640354dbcc1486f 189592 samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz
4fa675873189102f75b11b338fb8c49fa3429e77 6134 samba_4.22.10+dfsg-0+deb13u1_source.buildinfo
Checksums-Sha256:
dd994b49b52a9b6bdca7c111442236eac01dedeea47f42d3d46777c320552ab7 5763 samba_4.22.10+dfsg-0+deb13u1.dsc
3be9827fbfbb418ea98eb8db2e6b3ededf9ba54fe8c4521ae34a361c0708b005 25648480 samba_4.22.10+dfsg.orig.tar.xz
dbc88b6d7e0c94e341f542cd55e81511eb5d0bdd5fffeecf6d3a2790caa796df 189592 samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz
e34ce22562a3e6b70d84c33e07d2689e4b6594b94e8c94a387c00f962aa4feab 6134 samba_4.22.10+dfsg-0+deb13u1_source.buildinfo
Files:
1d56fb34da456a6541e98cecca0aafdb 5763 net optional samba_4.22.10+dfsg-0+deb13u1.dsc
f72ea9cca2c6a12e0147faf679a3be78 25648480 net optional samba_4.22.10+dfsg.orig.tar.xz
c0d20dfce8113f45ccc6c7b92ba9a5ed 189592 net optional samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz
cd8ca7c718869e7469f42fd815fac043 6134 net optional samba_4.22.10+dfsg-0+deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
wsG7BAEBCgBvBYJqKjtcCRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmfa4100r9jk9ZRqVqJ8uhvADULXTMWKxzPVSI59v68I
TBYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AABWmA//aaFXLP7s7XA4wpC46Ze2oCuN
r3BqABkNp0fFG5HQIA6pPOMoOPkZ+1lKFO5PjbuvfI2YescVLITVLUvkS2/RM4vG
Zw2LFtBUSOLTGtQkjmkjK36SGhTkfJaNa3MpaOtpI3/ZLpHSiS/V5PPkjzbmGEUa
iaFf0shLnpccwFlUCJtj4cknLsOdTOsd7fuxcE+6uhGPh3WEaY+Y8rWmY+9FErFR
FSoodHRvMlZV8yW9DRF62X4zJp8CTmG0+bpYGDzihrz7m2GAQyT9btj+DCCA8260
oXPj2wLzagMbojfCo3ODlgOXZs67ImHU1j1MVNLW8+xntLyN1ouM5qaWM+tT5jMB
C4p4EA1CTwNIQKi7c76K33pRVNwFxLaXIwdoIcuB0WefwE8tzJthLL3cAw9ytCBB
rowEUptRD3/5IENPJ/EMS4xiUbJwNsZXAiARi+Agm+ihS48A7UfTbhqPdzAjzOaU
XGbU6x+M0tMnP2PL8zua0rcOKdV1OugK/DiPGoBnfNL6M8Mz+5QRcT8AXPVrhhiO
FeiCe+Bd51A5hLdBpID0nKGVf5RbKOTrzmIRtlLAS4l/jvppWSvav/EqydgMFpGz
CoZjwvk661WN6TmtfyNzWfah4Gb603B9gaaE4q2AXK+/bZvMj2mlc///z29LQB+W
VIC3aDApzIkhQNebys0=
=PXY6
-----END PGP SIGNATURE-----