Samba 4.10.5 Available for Download

Samba 4.10.5 (gzipped)
Signature

Patch (gzipped) against Samba 4.10.4
Signature

                   ==============================
                   Release Notes for Samba 4.10.5
                           June 19, 2019
                   ==============================


This is a security release in order to address the following defects:

o  CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
                  (dnsserver))
o  CVE-2019-12436 (Samba AD DC LDAP server crash (paged searches))

=======
Details
=======

o  CVE-2019-12435:
   An authenticated user can crash the Samba AD DC's RPC server process via a
   NULL pointer dereference.

o  CVE-2019-12436:
    An user with read access to the directory can cause a NULL pointer
    dereference using the paged search control.

For more details and workarounds, please refer to the security advisories.


Changes since 4.10.4:
---------------------

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * BUG 13922: CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found
     in DnssrvOperation2.
   * BUG 13951: CVE-2019-12436 dsdb/paged_results: Ignore successful results
     without messages.