[USN-7564-1] Samba vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmhIWTwFAwAAAAAACgkQZWnYVadEvpOC
tA/+LBm4KV55D6NIxw9PNUiNzOCPOAuEoPLNF8Wlf1gABCil5ENrisI86W0u9noxNMl22m/V1Y5U
pJMyzpfO820pp/IFfwkScOC1F55spXb23smXPtDb7bUMgSQ8JcCJT/YPWZGSNkhILIjv0icMc9s5
5xcPQ3++ATkn9zm7IyzHI5slkzkejMkZHnDW1Ba+CW1eys/6UELPHEEXujTE1VT88f3IybVOecYD
41Yo7vR3jTyCeA3FlO9Mj/3qmXGY1gVg3eO/ahMMj+c9GxuviPxwdr+FR5aflIGeruSEC5fEsQ8Q
TKemGVdAQ3JUYfTPAwxDxlDlCzsJUQbtpfuqeIjNNZMxyAMWX4oROrxcP6di68CalsGgd1KqzPjk
1jhKU4OrNe0Q0aPAcsxJHg9m9bU1L9QjWeTrrbPbPwQt2irJV+YkqrUCd6ZWHziNVPYCqe7JMqJ/
WPb7taz2Wns3O/6wb3hvANpAcmkAFLZOuPy+6EdNJTbX6EHqULiqDTo+xiFmYAZ+XhGF4Eo9eC/Q
0GRbI2o8XQrdDXk6/Rv1IobvEg40hgziwN4fExSilgGlkLAkGXI1P6tHyDXOwkS0n6+TozUhl3qS
B1FliMJwS2s21vloJSu59YGNOyfh2CKfpT0R8YBoO9cxZbGaRcIhH8wF4VZPBZ8ntrdXfNR6LAcK
ke4=
=CbsB
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7564-1
June 10, 2025

samba vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04

Summary:

Samba could allow unintended access to network services.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

It was discovered that Samba incorrectly handled certain group membership
changes when using Kerberos authentication. A remote user could possibly
use this issue to continue to access resources after being removed by an
administrator.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
samba 2:4.21.4+dfsg-1ubuntu3.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7564-1
CVE-2025-0620

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.21.4+dfsg-1ubuntu3.1