Karolin Seeger · Jeremy Allison · Stefan Metzmacher · Stefan Metzmacher · Stefan Metzmacher · Stefan Metzmacher
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 ########################################################
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=10
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8

 ########################################################
 # If a official release has a serious bug              #

--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
+                   ==============================
+                   Release Notes for Samba 4.10.8
+                          September 3, 2019
+                   ==============================
+
+
+This is a security release in order to address the following defect:
+
+o  CVE-2019-10197: Combination of parameters and permissions can allow user        
+                   to escape from the share path definition.
+
+=======
+Details
+=======
+
+o  CVE-2019-10197:
+   Under certain parameter configurations, when an SMB client accesses a network
+   share and the user does not have permission to access the share root
+   directory, it is possible for the user to escape from the share to see the
+   complete '/' filesystem. Unix permission checks in the kernel are still
+   enforced.
+
+
+Changes since 4.10.7:
+---------------------
+
+o  Jeremy Allison <jra@samba.org>
+   * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
+     from the share.
+
+o  Stefan Metzmacher <metze@samba.org>
+   * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
+     from the share.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
                   ==============================
                   Release Notes for Samba 4.10.7
                           August 22, 2019
@@ -76,8 +134,8 @@ database (https://bugzilla.samba.org/).
 ======================================================================


-Release notes for older releases follow:
----------------------------------------
+----------------------------------------------------------------------
+

                   ==============================
                   Release Notes for Samba 4.10.6

--- a/ctdb/doc/ctdb-etcd.7
+++ b/ctdb/doc/ctdb-etcd.7
@@ -2,12 +2,12 @@
 .\"     Title: ctdb-etcd
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-ETCD" "7" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-ETCD" "7" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb-script.options.5
+++ b/ctdb/doc/ctdb-script.options.5
@@ -2,12 +2,12 @@
 .\"     Title: ctdb-script.options
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-SCRIPT\&.OPTIO" "5" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-SCRIPT\&.OPTIO" "5" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb-statistics.7
+++ b/ctdb/doc/ctdb-statistics.7
@@ -2,12 +2,12 @@
 .\"     Title: ctdb-statistics
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-STATISTICS" "7" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-STATISTICS" "7" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb-tunables.7
+++ b/ctdb/doc/ctdb-tunables.7
@@ -2,12 +2,12 @@
 .\"     Title: ctdb-tunables
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-TUNABLES" "7" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-TUNABLES" "7" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb.1
+++ b/ctdb/doc/ctdb.1
@@ -2,12 +2,12 @@
 .\"     Title: ctdb
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb.7
+++ b/ctdb/doc/ctdb.7
@@ -2,12 +2,12 @@
 .\"     Title: ctdb
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB" "7" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB" "7" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb.conf.5
+++ b/ctdb/doc/ctdb.conf.5
@@ -2,12 +2,12 @@
 .\"     Title: ctdb.conf
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\&.CONF" "5" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\&.CONF" "5" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb.sysconfig.5
+++ b/ctdb/doc/ctdb.sysconfig.5
@@ -2,12 +2,12 @@
 .\"     Title: ctdb.sysconfig
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\&.SYSCONFIG" "5" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\&.SYSCONFIG" "5" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb_diagnostics.1
+++ b/ctdb/doc/ctdb_diagnostics.1
@@ -2,12 +2,12 @@
 .\"     Title: ctdb_diagnostics
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB_DIAGNOSTICS" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB_DIAGNOSTICS" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdb_mutex_ceph_rados_helper.7
+++ b/ctdb/doc/ctdb_mutex_ceph_rados_helper.7
@@ -2,12 +2,12 @@
 .\"     Title: Ceph RADOS Mutex
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CEPH RADOS MUTEX" "7" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CEPH RADOS MUTEX" "7" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdbd.1
+++ b/ctdb/doc/ctdbd.1
@@ -2,12 +2,12 @@
 .\"     Title: ctdbd
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDBD" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDBD" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ctdbd_wrapper.1
+++ b/ctdb/doc/ctdbd_wrapper.1
@@ -2,12 +2,12 @@
 .\"     Title: ctdbd_wrapper
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDBD_WRAPPER" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDBD_WRAPPER" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ltdbtool.1
+++ b/ctdb/doc/ltdbtool.1
@@ -2,12 +2,12 @@
 .\"     Title: ltdbtool
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "LTDBTOOL" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "LTDBTOOL" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/onnode.1
+++ b/ctdb/doc/onnode.1
@@ -2,12 +2,12 @@
 .\"     Title: onnode
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "ONNODE" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "ONNODE" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/ctdb/doc/ping_pong.1
+++ b/ctdb/doc/ping_pong.1
@@ -2,12 +2,12 @@
 .\"     Title: ping_pong
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "PING_PONG" "1" "08/22/2019" "ctdb" "CTDB \- clustered TDB database"
+.TH "PING_PONG" "1" "08/27/2019" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/docs/manpages/cifsdd.8
+++ b/docs/manpages/cifsdd.8
@@ -2,12 +2,12 @@
 .\"     Title: cifsdd
 .\"    Author: [see the "AUTHOR" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: System Administration tools
-.\"    Source: Samba 4.10.7
+.\"    Source: Samba 4.10.8
 .\"  Language: English
 .\"
-.TH "CIFSDD" "8" "08/22/2019" "Samba 4\&.10\&.7" "System Administration tools"
+.TH "CIFSDD" "8" "08/27/2019" "Samba 4\&.10\&.8" "System Administration tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------

--- a/docs/manpages/dbwrap_tool.1
+++ b/docs/manpages/dbwrap_tool.1
@@ -2,12 +2,12 @@
 .\"     Title: dbwrap_tool
 .\"    Author: [see the "AUTHOR" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: System Administration tools
-.\"    Source: Samba 4.10.7
+.\"    Source: Samba 4.10.8
 .\"  Language: English
 .\"
-.TH "DBWRAP_TOOL" "1" "08/22/2019" "Samba 4\&.10\&.7" "System Administration tools"
+.TH "DBWRAP_TOOL" "1" "08/27/2019" "Samba 4\&.10\&.8" "System Administration tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -301,7 +301,7 @@ dbwrap_tool
 Use with caution!
 .SH "VERSION"
 .PP
-This man page is part of version 4\&.10\&.7 of the Samba suite\&.
+This man page is part of version 4\&.10\&.8 of the Samba suite\&.
 .SH "SEE ALSO"
 .PP
 \fBsmbd\fR(8),

--- a/docs/manpages/eventlogadm.8
+++ b/docs/manpages/eventlogadm.8
@@ -2,12 +2,12 @@
 .\"     Title: eventlogadm
 .\"    Author: [see the "AUTHOR" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 08/22/2019
+.\"      Date: 08/27/2019
 .\"    Manual: System Administration tools
-.\"    Source: Samba 4.10.7
+.\"    Source: Samba 4.10.8
 .\"  Language: English
 .\"
-.TH "EVENTLOGADM" "8" "08/22/2019" "Samba 4\&.10\&.7" "System Administration tools"
+.TH "EVENTLOGADM" "8" "08/27/2019" "Samba 4\&.10\&.8" "System Administration tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -339,7 +339,7 @@ Filter messages from the system log into an event log:
 .\}
 .SH "VERSION"
 .PP
-This man page is part of version 4\&.10\&.7 of the Samba suite\&.
+This man page is part of version 4\&.10\&.8 of the Samba suite\&.
 .SH "AUTHOR"
 .PP
 The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.