Samba 4.11.8 Available for Download

Samba 4.11.8 (gzipped)

Patch (gzipped) against Samba 4.11.7

                   Release Notes for Samba 4.11.8
                           April 28, 2020

This is a security release in order to address the following defects:

o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ 
o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC


o  CVE-2020-10700:
   A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
   use-after-free in Samba's AD DC LDAP server.
o  CVE-2020-10704:
   A deeply nested filter in an un-authenticated LDAP search can exhaust the
   LDAP server's stack memory causing a SIGSEGV.

For more details, please refer to the security advisories.

Changes since 4.11.7

o  Andrew Bartlett <>
   * BUG 14331: CVE-2020-10700: Fix use-after-free in AD DC LDAP server when
     ASQ and paged_results combined.

o  Gary Lockyer <>
   * BUG 20454: CVE-2020-10704: Fix LDAP Denial of Service (stack overflow) in
     Samba AD DC.