Debian alert DSA-6297-1 (samba)
| From: | Salvatore Bonaccorso <carnil@debian.org> | |
| To: | debian-security-announce@lists.debian.org | |
| Subject: | [SECURITY] [DSA 6297-1] samba security update | |
| Date: | Tue, 26 May 2026 13:49:42 +0000 | |
| Message-ID: | <E1wRsAA-00000006mnT-0zrg@seger.debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6297-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 26, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2026-1933 CVE-2026-2340 CVE-2026-3012 CVE-2026-3238 CVE-2026-4408 CVE-2026-4480 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in bypass of access checks, overwrite of files in unintended situations using the WORM vfs module, installing CA certificates over http without verification when auto-enrollment GPO is enabled, denial of service or remote code execution. For the oldstable distribution (bookworm), these problems have been fixed in version 2:4.17.12+dfsg-0+deb12u4. For the stable distribution (trixie), these problems have been fixed in version 2:4.22.8+dfsg-0+deb13u2. We recommend that you upgrade your samba packages. For the detailed security status of samba please refer to its security tracker page at: https://security-tracker.debian.org/tracker/samba Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoVpI1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0R10w/+O0OFyZPkjtMJfLYlqvpUIaN3Z2TqW/8BNoDe6u34U+XX2q7Drcs5YiSu G/+81D+gIdEg1TkdBD39mswzQYgm+ANuvLYVH7xbNvogVxnDhm1l9/5XNdVGZHma NLq/I2wFaV5QF4JvKuhwsLkiMdU3ZNM+TTDy3sPcF05TR6RNh492w3PTKYMkqNf+ pLk+u5YFj2bbbY1xno7V6G3dopos/7JVz7asvXeDuf8QBAyZGRKucuZT9ybLAgSP SCl5PpZ1UJ/KrY5ZXv24y9XDjc0PJ4v/TNxHqvD9GaBt698IkrYfQqG7iqChWPSR uDx+BOS6g2Y5X+WMDeuf4PS8QHmZt4jzJChG9gK2uaPhwTIgcwCmjeJVPxqvRL0j 8e4vUpPW0Xo+abjGO0kOqWCgutz/vpNQtjGpL/iyISM+AaxPBtIdFvqOzXMW74pM tfHNTwW2YZWIllM6W3l6EP6n8dA5rNcRHmE73p2rvjN+/J+sNt1kLkVBYbFKjl3t RIP/Is+gJx/vHmc7fKE03iqJzvWsYI9VBcN07yEN1DWs/NauPDTFjj6HkojaR1aw hOc6SiPutJUqFoT3020dCBF7c4kCSvrwC67qvnC8ZMbTc4GZ8hm7oJhr6UZDBy7K pB7VKyebM+aBGs+tF63WSBVOZg0uxzXtnq/cEWK1jghrnmgGYEE= =7y5j -----END PGP SIGNATURE-----