============================== Release Notes for Samba 4.1.16 January 15, 2015 ============================== This is a security release in order to address CVE-2014-8143 (Elevation of privilege to Active Directory Domain Controller). o CVE-2014-8143: Samba's AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. However, all released versions of Samba's AD DC did not implement the additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the userAccountControl attributes. Changes since 4.1.15: --------------------- o Andrew Bartlett <abartlet@samba.org> * BUG 10993: CVE-2014-8143: dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl.