Alert GCSA-26097 - Aggiornamento di sicurezza per Samba server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ****************************************************************** alert ID: GCSA-26097 data: 29 maggio 2026 titolo: Aggiornamento di sicurezza per Samba server ****************************************************************** :: Descrizione del problema Sono state rilasciate nuove versioni del server Samba (SMB/CIFS file, print, and login server for Unix), con le quali vengono risolte alcune vulnerabilita', delle quali due con gravita' "critica" e tre con gravita' "alta". Maggiori informazioni sono disponibili alla sezione "Riferimenti". :: Software interessato Samba file server versioni precedenti alla 4.24.3 Samba file server versioni precedenti alla 4.23.8 Samba file server versioni precedenti alla 4.22.10 :: Impatto Bypass delle funzionalita' di sicurezza (SFB) Denial of Service (DoS) Esecuzione remota di codice arbitrario (RCE) :: Soluzioni Applicare le seguenti patch https://www.samba.org/samba/history/security.html oppure aggiornare alle ultime versioni https://www.samba.org/samba/history/samba-4.24.3.html https://www.samba.org/samba/history/samba-4.23.8.html https://www.samba.org/samba/history/samba-4.22.10.html https://www.samba.org/samba/download/ :: Riferimenti Samba Announcement https://www.samba.org/samba/security/CVE-2026-4408.html https://www.samba.org/samba/security/CVE-2026-4480.html https://www.samba.org/samba/security/CVE-2026-2340.html https://www.samba.org/samba/security/CVE-2026-3012.html https://www.samba.org/samba/security/CVE-2026-3238.html https://www.samba.org/samba/security/CVE-2026-1933.html Mitre's CVE ID https://www.cve.org/CVERecord?id=CVE-2026-4408 https://www.cve.org/CVERecord?id=CVE-2026-4480 https://www.cve.org/CVERecord?id=CVE-2026-2340 https://www.cve.org/CVERecord?id=CVE-2026-3012 https://www.cve.org/CVERecord?id=CVE-2026-3238 https://www.cve.org/CVERecord?id=CVE-2026-1933 Debian https://lists.debian.org/debian-security-announce/2026/msg00208.html https://security-tracker.debian.org/tracker/DSA-6297-1 Ubuntu https://ubuntu.com/security/notices/USN-8306-1 GARR CERT Security Alert - subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert -----BEGIN PGP SIGNATURE----- iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCahlYwgAKCRDBnEyTZRJg Qr5mAKCwG0uNxLmJDwL6C4EU3FKtGZgUzQCg1tC2Lzv1EObsXoFKyIzfflYZzZg= =T8NA -----END PGP SIGNATURE-----