Package "smbclient"

Name:	smbclient
Description:	command-line SMB/CIFS clients for Unix
Latest version:	2:4.19.5+dfsg-4ubuntu9.4
Release:	noble (24.04)
Level:	security
Repository:	main
Head package:	samba
Homepage:	https://www.samba.org

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "smbclient"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "smbclient" in Noble

Repository	Area	Version
base	main	2:4.19.5+dfsg-4ubuntu9
updates	main	2:4.19.5+dfsg-4ubuntu9.4

Changelog

Version: 2:4.19.5+dfsg-4ubuntu9.4 2025-10-16 10:07:18 UTC

samba (2:4.19.5+dfsg-4ubuntu9.4) noble-security; urgency=medium * SECURITY UPDATE: uninitialized memory disclosure via vfs_streams_xattr - debian/patches/CVE-2025-9640-1.patch: add torture test for inserting hole in stream in source3/selftest/tests.py, source4/torture/*. - debian/patches/CVE-2025-9640-2.patch: fix unitialized write in source3/modules/vfs_streams_xattr.c. - CVE-2025-9640 * SECURITY UPDATE: command injection via WINS server hook script - debian/patches/CVE-2025-10230-1.patch: check that wins hook sanitizes names in python/samba/tests/usage.py, selftest/*, source4/torture/*, testprogs/blackbox/wins_hook_test. - debian/patches/CVE-2025-10230-2.patch: restrict names fed to shell in source4/nbt_server/wins/wins_hook.c. - CVE-2025-10230 -- Marc Deslauriers <email address hidden> Thu, 09 Oct 2025 09:43:22 -0400

CVE-2025-9640	A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows
CVE-2025-10230	Command injection via WINS server hook script

About - Send Feedback to @ubuntu_updates

Package "smbclient"

Links

Download "smbclient"

Other versions of "smbclient" in Noble

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates