Update Samba to 4.9.9 to address CVE-2019-12435

Description

CVE-2019-12435:
An authenticated user can crash the Samba AD DC's RPC server process via a
NULL pointer dereference.

For more details and workarounds, please refer to the security advisory.

Fixed in Samba 4.9.9

FreeNAS 11.3 is unaffected because it is compiled without DC support.

https://www.samba.org/samba/security/CVE-2019-12435.html

Problem/Justification

None

Impact

None

Linked work items

duplicates

NAS-101764

Update Samba to 4.9.8 to address CVE-2018-16860

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:

Bonnie Follweiler

June 24, 2019 at 1:00 PM

Test Passed in FreeNAS-11.2-INTERNAL-10

Dru Lavigne

June 24, 2019 at 12:45 PM

(edited)

legacy UI doc commit: https://github.com/freenas/freenas-docs/commit/6c212319aed3b1f14128f44d75f249b0116889cb

new UI doc commit: https://github.com/freenas/freenas-docs/commit/bf3df076798a561dcf6db3b8afbb435655f3156c

Bug Clerk

June 19, 2019 at 7:22 PM

11.2 PR: https://github.com/freenas/ports/pull/355

Resize issue view side panel

Complete

Details

Assignee

Andrew Walker

Reporter

Andrew Walker

Priority

Low

Parent

NAS-102406 Updated Software

More fields

Katalon Platform

Created June 19, 2019 at 6:29 PM

Updated July 1, 2022 at 4:35 PM

Resolved June 24, 2019 at 1:46 PM