[USN-4121-1] Samba vulnerability

Steve Beattie steve.beattie at canonical.com
Tue Sep 3 21:07:29 UTC 2019

Ubuntu Security Notice USN-4121-1
September 03, 2019

samba vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04


Samba would allow unintended access to files over the network.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix


Stefan Metzmacher discovered that the Samba SMB server did not properly
prevent clients from escaping outside the share root directory in
some situations. An attacker could use this to gain access to files
outside of the Samba share, where allowed by the permissions of the
underlying filesystem.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  samba                           2:4.10.0+dfsg-0ubuntu2.4

In general, a standard system update will make all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20190903/d4b52a24/attachment.sig>

More information about the ubuntu-security-announce mailing list