Samba 4.17 introduced following symlinks in user space with the intent to properly check symlink targets to stay within the share that was configured by the administrator. The check does not properly cover a corner case, so that a user can create a symbolic link that will make smbd escape the configured share path.
Affects - All versions of Samba since 4.17.0.
Samba 4.17.2 has been issued as a security releases to correct the defect.
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 2137778]