Samba has fixed several bugs, including two serious password-reset flaws, one of which could allow a user to take complete control of the domain.
A Samba bug could allow remote attackers without authentication to execute arbitrary code as root on impacted systems.