samba-4.19.4-16.el8_10.ML.1

エラータID: AXSA:2026-767:06

Release date: 
Tuesday, June 9, 2026 - 17:30
Subject: 
samba-4.19.4-16.el8_10.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

* samba: group policy certificate enrollment uses without validation (CVE-2026-3012)
* samba: Samba: Remote Code Execution in printing subsystem via unescaped job description (CVE-2026-4480)
* samba: Remote Code Execution in SAMR (CVE-2026-4408)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-3012
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.
CVE-2026-4408
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service.
CVE-2026-4480
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.

Solution: 

Update packages.

CVEs: 
CVE-2026-3012
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.
CVE-2026-4408
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service.
CVE-2026-4480
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.
Additional Info: 

N/A

Download: 

SRPMS
  1. samba-4.19.4-16.el8_10.ML.1.src.rpm
    MD5: 788ee60bb80c417378d90ad9d391340d
    SHA-256: ab84f8463a9e0a28c46914dc795012c04844f4910ba095a45917ba09d356a6b3
    Size: 25.25 MB

Asianux Server 8 for x86_64
  1. ctdb-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 0e9f0784e23eb3d896126108b186d71b
    SHA-256: c68016446902c2f680c3d20b64743737ba38f6a4f669aa17ab2ea8832ee64c0c
    Size: 822.38 kB
  2. libnetapi-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 95c0681c5aa520b53dc6905c7987bf93
    SHA-256: 4b35cdd4f8f1f4c0007cc1d814cada1304536efdbb674e9b9a01b992cc8ca84f
    Size: 230.70 kB
  3. libnetapi-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 6ceaf660d9bd4af7766e6a8bba77e478
    SHA-256: c192b1250d6d647bec28cc894d4effc437cf1d4705b2a193724b7489291286ad
    Size: 218.13 kB
  4. libnetapi-devel-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: e65f43f412499c380beb10fd31a2f94d
    SHA-256: 765952101c46879adb310d31ac6e2a28ca413bd9f4a9301244cda6c687705aa2
    Size: 110.33 kB
  5. libnetapi-devel-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: de3e3a9ec5ecdef3a710573b1e2702f4
    SHA-256: 3d44ad653809d0ea34d618b19b85188677e636442d2163102890d259d9513de7
    Size: 110.31 kB
  6. libsmbclient-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 18e010c53813769adde8fc38cebe3735
    SHA-256: 029bce2a977562b57ed6ed47503a081d0fcb088c63a97fb554a6d095868dc82e
    Size: 162.57 kB
  7. libsmbclient-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 2f1634e1ea0e6b68e6696d80dd661f7c
    SHA-256: 91a9d5daa7267b3dcf66b4ecae45a9a22444a51511ce0745c35adf9ba9d8e80d
    Size: 156.95 kB
  8. libsmbclient-devel-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: af8fd17e26b34ee6aa1a5b19c7ac7a29
    SHA-256: c738c7f9e15606cd926f8cb9afc4e570e846b0bf4504998ba68a09c2ac388d3c
    Size: 121.36 kB
  9. libsmbclient-devel-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 16bbc914325e94079c45b7ab4039d341
    SHA-256: 5863507f0433544d8f284becf76f31c2e7fa7d4b0e3fbdf8aefe5cc527b963bd
    Size: 121.34 kB
  10. libwbclient-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: f350cec7cdd884a9e05f02b1b43fc30d
    SHA-256: d83948b98751fe237545ae6575f4999cb075863c1ee5fd63faac59ad53364310
    Size: 133.12 kB
  11. libwbclient-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 516bf86fb13fafd77b4e5e2c5a50d114
    SHA-256: f4b1a181fe2b745c5301e155d8601a0ee5fc701630ed04ada79692b2606bd2c8
    Size: 129.85 kB
  12. libwbclient-devel-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 67c2f866b37df5b7c120008c32403a89
    SHA-256: 79e3aea4926edf0312255d453834f8cd656f6c6eb087973452699320964200b0
    Size: 109.33 kB
  13. libwbclient-devel-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 8d39f5ad7e60e58dd9fe444530680c63
    SHA-256: 979e91d1215a6c2a5ebe9e198d38738d8d2be96a46f6a64852ffb95728faf34a
    Size: 109.30 kB
  14. python3-samba-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 7722918f369c4acdcbb070d78ddc1e19
    SHA-256: 0730862b26e8a2082a26630933776f84d13d84dafa08aa30741a44cf0a9de2fd
    Size: 3.38 MB
  15. python3-samba-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 93dc1e2e4529270a18ed7954c0bc93ef
    SHA-256: 166954d4fc5f23628b309ea7ed5efb9373179248ade197bbec821c25a7cc1936
    Size: 3.50 MB
  16. python3-samba-dc-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 3032bc085b0623ebeec88d256d67a124
    SHA-256: b111a1998ed1711dd4a151db4c1a977d75be79c989ae0889f40f98efd20c38d4
    Size: 427.36 kB
  17. python3-samba-devel-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 3521c9e111ac907047443d79fc6ddcd2
    SHA-256: bcd49d34ae376c76870af2e957ba666cda60633cc02455a3f13801d34d768437
    Size: 100.00 kB
  18. python3-samba-devel-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 35f74e0bf1b7640d8e4d899047ede6d6
    SHA-256: c7d504a569788cabe608862b2bf2d42c7379aba0951dfeb2144258a6f5ba6258
    Size: 100.00 kB
  19. python3-samba-test-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 7a493636e2f50e28272eba4dcca13a95
    SHA-256: b37462662f8c3031548cf9044349c4b945b4f1580d29d778564ee855aaf28f8e
    Size: 1.37 MB
  20. samba-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: d9d6b35daddac5c2f0e43bf51fc2169f
    SHA-256: 22dfc70333b1317b9f97b4d6631d42f31b88c99514fd1bef99a91ab85f40f328
    Size: 1.00 MB
  21. samba-client-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 432bd888b6b18e1de3610761eb63f082
    SHA-256: 9dda6283168a1f6a37986064e7beaeb686a582513cda400d11aeb16b4331df50
    Size: 743.14 kB
  22. samba-client-libs-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 60f7b95298a68533d3e69a367613dbfb
    SHA-256: 364ce804cd77761c6993b6b02984ffd582fe38c419760ceef306928d8161f4fe
    Size: 5.37 MB
  23. samba-client-libs-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 94f1ec13f4f0827d7ddf69ba229c649a
    SHA-256: 3373ecf78bc7013da433a2d5a09aa771013939ca59c816858284347fc269a208
    Size: 4.97 MB
  24. samba-common-4.19.4-16.el8_10.ML.1.noarch.rpm
    MD5: 4126ecdb0ee7a70393c6039992d0eed9
    SHA-256: a1a5dbf2feac3bde0b1d5746b81d9bfcb7da3a34754c22ce69601b9ee03fca39
    Size: 234.79 kB
  25. samba-common-libs-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: efbee8022111ff138dd8eb34c65a9bf5
    SHA-256: abe41dce7af5f8e61c4364648d008ec9a5f1784d25cc46043e77177cca33a412
    Size: 193.83 kB
  26. samba-common-libs-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 22654a60ed54e334d0c6b94e9c4e4746
    SHA-256: 58fd80d9eab5e93cf734eab9c229fcd9302a940b1c01e2f4f709266ad3a6613b
    Size: 183.73 kB
  27. samba-common-tools-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 6b017e2e0c7ff9421a1db965fb661d24
    SHA-256: 6ee10344beeec4aa7893d8e670ac4974cf9a9bd8065b85115ee2a3885e4b3d3f
    Size: 543.07 kB
  28. samba-dcerpc-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: a44c50467bb703f2d2c572ee6e515f34
    SHA-256: fab64b534796c03374bf88b06e43b46e319564e406fbd03cd9768bdf60420535
    Size: 756.83 kB
  29. samba-dc-libs-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 3b1d134f73aa98cc67bfb163d3283a90
    SHA-256: 930af12ac7fd51877b92dbd111c6151058c60cb1759d31bfc987336337eebca6
    Size: 116.62 kB
  30. samba-dc-libs-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 966a496c63db90630af0ddea104a1c24
    SHA-256: 187a2f64bde3eb0b6b5248ea4f65c271a562d628f18d745cacfd61c7a612cd3c
    Size: 115.07 kB
  31. samba-devel-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: f34cea43d0acfa1a8115929ad6f155a9
    SHA-256: d9b5ede23298595c482d81179a97d3100d0e38ecfb7eb913a8366ce56f0587af
    Size: 312.96 kB
  32. samba-devel-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 9abd50a4f606be1ebf0bae86a4cbc209
    SHA-256: 04cf135d9838e2eea244fb6c16a73c96e09073e47ad1f70841c925883732c567
    Size: 313.09 kB
  33. samba-krb5-printing-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: deb6acbdb30b1da43d598a06dc935eaa
    SHA-256: 421b2c6ae7b15a6ccb5140d2ef376018c1e4ecf8015d50c8e4b2b8703c92801f
    Size: 107.49 kB
  34. samba-ldb-ldap-modules-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 7472965d02fc2fb8ab52a074cd6b9c79
    SHA-256: 6380aae855f4d7248861c828fe3c9924414c2d58c488e8faee1f9d175016ea9f
    Size: 113.60 kB
  35. samba-libs-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: e15fdf5e714a2d78eed086b6d429db8c
    SHA-256: bc5ffd560e8e77d6584e02401d88ce02b8c7b9791ad243f37829e3b10cae5eda
    Size: 212.12 kB
  36. samba-libs-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: d753c51c4802940ffa0c625cf4403e89
    SHA-256: 907f8840c1d60079d8a2476384ca29678778aeb65df5ca618f0c2b41518e4555
    Size: 203.94 kB
  37. samba-pidl-4.19.4-16.el8_10.ML.1.noarch.rpm
    MD5: c474f2f37bd091ce05ad98754d52efa2
    SHA-256: 75006c2c929ad43ed890e54172774d63ed5515789b46d11d30a6e634c54a0a15
    Size: 204.84 kB
  38. samba-test-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 42e5775e424289a942739b6cf1827e67
    SHA-256: e48c0cac1891c5f914a3e36e6a2677812dc0a121196eb909fc67a78e1ce89c6b
    Size: 2.35 MB
  39. samba-test-libs-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 0fb7bac8754b5595498973c3bbe0363f
    SHA-256: 922950ac2107a658992c92eb6bcbe33f75106a453196ef26b957dd3b4cda6474
    Size: 127.90 kB
  40. samba-tools-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: ea3bcf47a1e21b3b373aec520b497faf
    SHA-256: dc78fce641e2f55c9e3ee9033803b665662fa05a74005d3cb280db55d25064f2
    Size: 110.66 kB
  41. samba-usershares-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 859ae676447a1652b7bfb75eb7438902
    SHA-256: bf5ec4e41dc0d11d4b411a81b22f8e6a6b5b692299047007e92397482b427c85
    Size: 100.03 kB
  42. samba-vfs-iouring-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 81fd0d49167059bd98bc5577f12232da
    SHA-256: 95a7d1a0c5c62ceaea05ee7177810963749ca71834422c4494c9946acce13324
    Size: 110.67 kB
  43. samba-winbind-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 20733351e26bdd90e5b76664f1346fa0
    SHA-256: 95ce06b1e25b2e44b1bda42be0d871f041254806959ece109f1048890bc968ff
    Size: 499.32 kB
  44. samba-winbind-clients-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 48af72759c16df2b2270bf9bfd6f1575
    SHA-256: 01ec08e87ee898c9fa810580cac4aefe73c62c787a147cb25d829e9a3dd40cde
    Size: 183.82 kB
  45. samba-winbind-krb5-locator-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 2dad8a8379fe4c91e15d6ff2d74115c3
    SHA-256: 75c127aad479471b91926fe7dc4e335660977faff0e09162477b0e7488c9f46c
    Size: 133.45 kB
  46. samba-winbind-modules-4.19.4-16.el8_10.ML.1.i686.rpm
    MD5: 5eabef6b2edd056047bfc3624f6f9948
    SHA-256: d8605372361f3915fb6a0c3321397d171f920222ab7be10f97bde03eda198d3b
    Size: 178.86 kB
  47. samba-winbind-modules-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 3d3437c37edb743f76f0449188791ddd
    SHA-256: 87d3ea19a7eba8ea3451c55f007fe6d5a4dded2dffe031bac2595e050573293c
    Size: 172.39 kB
  48. samba-winexe-4.19.4-16.el8_10.ML.1.x86_64.rpm
    MD5: 27547b75295bb3a8ab4ad8adc711bcf6
    SHA-256: 44a02bc656a751216f25457acc11e0b82adb81ed2d20f17b23b71b30bf26e56a
    Size: 138.86 kB