-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 26 May 2026 15:46:55 +0300 Source: samba Architecture: source Version: 2:4.22.10+dfsg-0+deb13u1 Distribution: trixie Urgency: medium Maintainer: Debian Samba Maintainers Changed-By: Michael Tokarev Changes: samba (2:4.22.10+dfsg-0+deb13u1) trixie; urgency=medium . * switch to actual upstream release for the May-2026 security fixes: . * This is a security release in order to address the following defects: . CVE-2026-1933: Missing access checks on reparse point operations On a share marked "read only = yes" and on file handles opened R/O users can set or delete the reparse point xattrs on files that the user has write-access in the file system for. https://www.samba.org/samba/security/CVE-2026-1933.html . CVE-2026-2340: WORM vfs module does not block overwrites The WORM (Write-Once, Read Many) vfs module is supposed to lock write access to shared files, so they cannot be altered after initial writes. It was allowing files to be overwritten by renaming a newly created file over a protected file. https://www.samba.org/samba/security/CVE-2026-2340.html . CVE-2026-3012: auto-enrolment GPO installing CA certificate over http without verification To bootstrap a certificate chain a domain member must fetch a certificate without TLS. It was trusting HTTP for this when a more secure encrypted LDAP channel was also available. https://www.samba.org/samba/security/CVE-2026-3012.html . CVE-2026-3238: Denial of service against AD DC WINS server The WINS server component of the Active Directory Domain controller code in Samba is vulnerable to a NULL pointer dereference and crash caused by an unauthenticated UDP packet. https://www.samba.org/samba/security/CVE-2026-3238.html . CVE-2026-4408: Unauthenticated Remote Code Execution in Samba DCE/RPC SAMR server Samba file servers and classic (non-AD) domain controllers with samba-dcerpcd started as a system service and with a "check password script" that has the %u substitution character are vulnerable to a remote code execution. https://www.samba.org/samba/security/CVE-2026-4408.html . CVE-2026-4480: Unauthenticated Remote Code Execution in Samba printing subsystem Samba print servers with a "print command" that has the %J substitution character are vulnerable to a Remote Code Execution. https://www.samba.org/samba/security/CVE-2026-4480.html Checksums-Sha1: c9d2baa3cd626d948d58a11295ac3423d48b7dfe 5763 samba_4.22.10+dfsg-0+deb13u1.dsc 997d64904b689e9e3964d95e833b08a8142c7c1c 25648480 samba_4.22.10+dfsg.orig.tar.xz 1fa3b3335a68d03a8df617380640354dbcc1486f 189592 samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz 4fa675873189102f75b11b338fb8c49fa3429e77 6134 samba_4.22.10+dfsg-0+deb13u1_source.buildinfo Checksums-Sha256: dd994b49b52a9b6bdca7c111442236eac01dedeea47f42d3d46777c320552ab7 5763 samba_4.22.10+dfsg-0+deb13u1.dsc 3be9827fbfbb418ea98eb8db2e6b3ededf9ba54fe8c4521ae34a361c0708b005 25648480 samba_4.22.10+dfsg.orig.tar.xz dbc88b6d7e0c94e341f542cd55e81511eb5d0bdd5fffeecf6d3a2790caa796df 189592 samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz e34ce22562a3e6b70d84c33e07d2689e4b6594b94e8c94a387c00f962aa4feab 6134 samba_4.22.10+dfsg-0+deb13u1_source.buildinfo Files: 1d56fb34da456a6541e98cecca0aafdb 5763 net optional samba_4.22.10+dfsg-0+deb13u1.dsc f72ea9cca2c6a12e0147faf679a3be78 25648480 net optional samba_4.22.10+dfsg.orig.tar.xz c0d20dfce8113f45ccc6c7b92ba9a5ed 189592 net optional samba_4.22.10+dfsg-0+deb13u1.debian.tar.xz cd8ca7c718869e7469f42fd815fac043 6134 net optional samba_4.22.10+dfsg-0+deb13u1_source.buildinfo -----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJqKjtcCRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmfa4100r9jk9ZRqVqJ8uhvADULXTMWKxzPVSI59v68I TBYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AABWmA//aaFXLP7s7XA4wpC46Ze2oCuN r3BqABkNp0fFG5HQIA6pPOMoOPkZ+1lKFO5PjbuvfI2YescVLITVLUvkS2/RM4vG Zw2LFtBUSOLTGtQkjmkjK36SGhTkfJaNa3MpaOtpI3/ZLpHSiS/V5PPkjzbmGEUa iaFf0shLnpccwFlUCJtj4cknLsOdTOsd7fuxcE+6uhGPh3WEaY+Y8rWmY+9FErFR FSoodHRvMlZV8yW9DRF62X4zJp8CTmG0+bpYGDzihrz7m2GAQyT9btj+DCCA8260 oXPj2wLzagMbojfCo3ODlgOXZs67ImHU1j1MVNLW8+xntLyN1ouM5qaWM+tT5jMB C4p4EA1CTwNIQKi7c76K33pRVNwFxLaXIwdoIcuB0WefwE8tzJthLL3cAw9ytCBB rowEUptRD3/5IENPJ/EMS4xiUbJwNsZXAiARi+Agm+ihS48A7UfTbhqPdzAjzOaU XGbU6x+M0tMnP2PL8zua0rcOKdV1OugK/DiPGoBnfNL6M8Mz+5QRcT8AXPVrhhiO FeiCe+Bd51A5hLdBpID0nKGVf5RbKOTrzmIRtlLAS4l/jvppWSvav/EqydgMFpGz CoZjwvk661WN6TmtfyNzWfah4Gb603B9gaaE4q2AXK+/bZvMj2mlc///z29LQB+W VIC3aDApzIkhQNebys0= =PXY6 -----END PGP SIGNATURE-----