1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
6 <title>Samba - Release Notes Archive</title>
11 <H2>Samba 4.0.24 Available for Download</H2>
15 ==============================
16 Release Notes for Samba 4.0.24
18 ==============================
21 This is a security release in order to address CVE-2014-8143 (Elevation
22 of privilege to Active Directory Domain Controller).
25 Samba's AD DC allows the administrator to delegate
26 creation of user or computer accounts to specific users or groups.
28 However, all released versions of Samba's AD DC did not implement the
29 additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the
30 userAccountControl attributes.
36 o Andrew Bartlett <abartlet@samba.org>
37 * BUG 10993: CVE-2014-8143: dsdb-samldb: Check for extended access
38 rights before we allow changes to userAccountControl.