Do you use Samba? you have to update to the new corrective version of Samba 4.11.2

Darkcrizt

4 minutes

linux-samba

Recientemente developers who are behind of the Samba project announced through a statement the release of a new corrective version of the Samba protocol, reaching its new version 4.11.2.

For those who do not know about Samba they should know that this is a free implementation of the Microsoft Windows file sharing protocol (formerly called SMB, recently renamed to CIFS) for UNIX-like systems. In this way, it is possible what computers with GNU / Linux, Mac OS X or Unix in general look like servers or act like clients on Windows networks.

Samba It also allows validating users as the Main Domain Controller (PDC), as a domain member and even as an Active Directory domain for Windows-based networks; apart from being able to serve print queues, shared directories and authenticate with your own user archive.

Among the Unix-like systems in which Samba can be run, there are the GNU / Linux distributions, Solaris and the different BSD variants, among which we can find Apple's Mac OS X Server.

About Samba 4.11.2

This new version of Samba 4.11.2 is a corrective version, which was released to be able to address some security issues that were presented in the protocol. Of which the vulnerabilities were addressed:

  •  CVE-2019-10218: Malicious servers can cause the Samba client code to return file names that contain path separators to the calling code.
  • CVE-2019-14833- Samba AD DC password verification script does not receive complete password. When the password contains multi-byte characters (not ASCII), checking the password script does not receive the complete password string.
  • CVE-2019-14847- User with "get changes" permission can lock AD DC LDAP server via dirsync.

How to install or upgrade to Samba 4.11.2 on Ubuntu and derivatives?

Well, for those who are interested in being able to install this new version of Samba or want to update their previous version to this new oneThey can do it by following the steps we share below.

The first thing we are going to do is share the steps for the installation of Samba 4.11.2. Because the update was released recently, builds prepared for Ubuntu have not yet been generated in the repositories. So the installation will be done from the source code.

Now as additional information for Ubuntu 18.04 LTS users they can make use of a repository which will help them to install the new version of samba in a simple way.

To add it, we just type in a terminal:

sudo add-apt-repository ppa:linux-schools/samba-latest

sudo apt-get update

And we can install samba with:

sudo apt install samba

For the rest, we must do the compilation. First we are going to download the Samba package which we can obtain by opening a terminal (you can do it with the key combination Ctrl + Alt + T) and in it we are going to type the following command:

wget https://download.samba.org/pub/samba/stable/samba-4.11.2.tar.gz

After that we are going to extract the package with:

tar -zxf samba-4.11.2.tar.gz

We enter the folder created with:

cd samba-4.11.2

Being inside it, we are going to compile the package and then carry out the installation. The first thing we must do is install some dependencies:

sudo apt-get install acl attr autoconf bind9utils bison build-essential \

debhelper dnsutils docbook-xml docbook-xsl flex gdb libjansson-dev krb5-user \

libacl1-dev libaio-dev libarchive-dev libattr1-dev libblkid-dev libbsd-dev \

libcap-dev libcups2-dev libgnutls-dev libgpgme-dev libjson-perl \

libldap2-dev libncurses5-dev libpam0g-dev libparse-yapp-perl \

libpopt-dev libreadline-dev nettle-dev perl perl-modules-5.26 pkg-config \

python-all-dev python-crypto python-dbg python-dev python-dnspython \

python3-dnspython python-gpgme python3-gpgme python-markdown python3-markdown \

python3-dev xsltproc zlib1g-dev liblmdb-dev lmdb-utils

Done this now we are going to type:

./configure --prefix=/usr/local

To start with the compilation we are going to type:

make

If everything went well, the installation is carried out with:

make install

Y finally let's set the environment variable with:

export PATH=/usr/local/samba/bin/:/usr/local/samba/sbin/:$PATH

Finally for those who have an older version, that is version 4.11.1, they can apply the patch by downloading it with:

wget https://download.samba.org/pub/samba/patches/samba-4.11.1-4.11.2.diffs.gz

We extract it with:

gzip -9 samba-4.11.1-4.11.2.diffs.gz

We enter the directory:

cd samba-4.11.1-4.11.2.diffs

And we apply the patch with:

patch -p0 < samba-4.11.1-4.11.2.diffs

And ready.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   rchat said
    ago 4 years

    Hello and this applies to the version if I have samba 4.4 to update it to 4.12

    Reply to rchat