Recientemente developers who are behind of the Samba project announced through a statement the release of a new corrective version of the Samba protocol, reaching its new version 4.11.2.
For those who do not know about Samba they should know that this is a free implementation of the Microsoft Windows file sharing protocol (formerly called SMB, recently renamed to CIFS) for UNIX-like systems. In this way, it is possible what computers with GNU / Linux, Mac OS X or Unix in general look like servers or act like clients on Windows networks.
Samba It also allows validating users as the Main Domain Controller (PDC), as a domain member and even as an Active Directory domain for Windows-based networks; apart from being able to serve print queues, shared directories and authenticate with your own user archive.
Among the Unix-like systems in which Samba can be run, there are the GNU / Linux distributions, Solaris and the different BSD variants, among which we can find Apple's Mac OS X Server.
About Samba 4.11.2
This new version of Samba 4.11.2 is a corrective version, which was released to be able to address some security issues that were presented in the protocol. Of which the vulnerabilities were addressed:
- CVE-2019-10218: Malicious servers can cause the Samba client code to return file names that contain path separators to the calling code.
- CVE-2019-14833- Samba AD DC password verification script does not receive complete password. When the password contains multi-byte characters (not ASCII), checking the password script does not receive the complete password string.
- CVE-2019-14847- User with "get changes" permission can lock AD DC LDAP server via dirsync.
How to install or upgrade to Samba 4.11.2 on Ubuntu and derivatives?
Well, for those who are interested in being able to install this new version of Samba or want to update their previous version to this new oneThey can do it by following the steps we share below.
The first thing we are going to do is share the steps for the installation of Samba 4.11.2. Because the update was released recently, builds prepared for Ubuntu have not yet been generated in the repositories. So the installation will be done from the source code.
Now as additional information for Ubuntu 18.04 LTS users they can make use of a repository which will help them to install the new version of samba in a simple way.
To add it, we just type in a terminal:
sudo add-apt-repository ppa:linux-schools/samba-latest sudo apt-get update
And we can install samba with:
sudo apt install samba
For the rest, we must do the compilation. First we are going to download the Samba package which we can obtain by opening a terminal (you can do it with the key combination Ctrl + Alt + T) and in it we are going to type the following command:
wget https://download.samba.org/pub/samba/stable/samba-4.11.2.tar.gz
After that we are going to extract the package with:
tar -zxf samba-4.11.2.tar.gz
We enter the folder created with:
cd samba-4.11.2
Being inside it, we are going to compile the package and then carry out the installation. The first thing we must do is install some dependencies:
sudo apt-get install acl attr autoconf bind9utils bison build-essential \ debhelper dnsutils docbook-xml docbook-xsl flex gdb libjansson-dev krb5-user \ libacl1-dev libaio-dev libarchive-dev libattr1-dev libblkid-dev libbsd-dev \ libcap-dev libcups2-dev libgnutls-dev libgpgme-dev libjson-perl \ libldap2-dev libncurses5-dev libpam0g-dev libparse-yapp-perl \ libpopt-dev libreadline-dev nettle-dev perl perl-modules-5.26 pkg-config \ python-all-dev python-crypto python-dbg python-dev python-dnspython \ python3-dnspython python-gpgme python3-gpgme python-markdown python3-markdown \ python3-dev xsltproc zlib1g-dev liblmdb-dev lmdb-utils
Done this now we are going to type:
./configure --prefix=/usr/local
To start with the compilation we are going to type:
make
If everything went well, the installation is carried out with:
make install
Y finally let's set the environment variable with:
export PATH=/usr/local/samba/bin/:/usr/local/samba/sbin/:$PATH
Finally for those who have an older version, that is version 4.11.1, they can apply the patch by downloading it with:
wget https://download.samba.org/pub/samba/patches/samba-4.11.1-4.11.2.diffs.gz
We extract it with:
gzip -9 samba-4.11.1-4.11.2.diffs.gz
We enter the directory:
cd samba-4.11.1-4.11.2.diffs
And we apply the patch with:
patch -p0 < samba-4.11.1-4.11.2.diffs
And ready.
Hello and this applies to the version if I have samba 4.4 to update it to 4.12