Errata overview
Errata ID 246
Date 2019-09-03
Source package samba
Fixed in version 2:4.10.1-1A~
This update addresses the following issues:
* This update fixes an issue in the samba-tool ntacl sysvolcheck command
  where it complains about a difference in the "P", "PAR" or "PAI"
  NTACL flags when comparing LDAP directory ACLs to the sysvol.
* Fix for Samba4.10 Regression: idmap uid to sid failed for accounts with
  uid in range 300000-400000
* Under certain parameter configurations, when an SMB client accesses a
  network share and the user does not have permission to access the share
  root directory, it is possible for the user to escape from the share
  to see the complete '/' filesystem. Unix permission checks in the kernel
  are still enforced (CVE-2019-10197)
Additional notes
CVE ID CVE-2019-10197
UCS Bug number #49293