[CLSA-2026:1781343925] Fix CVE(s): CVE-2026-4408
Type:
security
Severity:
Critical
Release date:
2026-06-13 09:45:48 UTC
Description:
* SECURITY UPDATE: remote command execution via unescaped %u in the "check password script" (samr password validation) - debian/patches/CVE-2026-4408.patch: reject invalid/dangerous account names, mask and single-quote the username before %u substitution, export SAMBA_CPS_ACCOUNT_NAME, and restrict _samr_ValidatePassword to DCs - CVE-2026-4408
CVEs fixed:
Updated packages:
  • ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:2a03d41faa034210ffb7ec383ba9f546f9099899
  • libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:af67fe7a7d0e32110618213897601530dce66429
  • libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:b7ca4b010657d1ac0e009a148b4125a74b1b6ce9
  • libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:ed62d9611e39a0187bc2f9c5031fa113c6579ba3
  • libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:dff7930e07758fe370597d380b8e5e4b2e1d0eaa
  • libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:c74533b2895f06bc43889950a6c592aaa09c4bcb
  • libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:b45bfc1a5f81a8b0f0d3d9eb4479dbecbf3b78df
  • libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:9b028807885f496cb0a3d486883dda1324cf3c33
  • python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:6f3904ddc68a1e9d304d8e3b6c6eee8de80cd043
  • registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:7672fef3f5d69e6c952deb581279366294352bfd
  • samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:fc87d388e7afd8cf5a3491673ba004c9d7dccb25
  • samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_all.deb
    sha:368e3503a855951ba5e78e3d56b8fe945b0a22c0
  • samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:a88df8a9ff60d7b969d3b5ee712ad92c8e848541
  • samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:2d549d6d2561f360a5f130db25124dcbea9d850f
  • samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:f4f1e2811cce3e33bee4ee6f49506b5603b58a35
  • samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:345278f5bbb0b7546dfa508d50263afdba261076
  • samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:1e28b6aa1ef68afa767867af64acd3255b773016
  • samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:f350b0c69f7fd61b64068112fb580c570e419702
  • smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:21126ee15e4cdfc122e2bda7769f2eb885cf0220
  • winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els11_amd64.deb
    sha:02a33f60e680ca7d05ce1c378720defc7bb34e1d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.