diff --git a/SPECS/ipa.spec b/SPECS/ipa.spec
index 924263b..af97919 100644
--- a/SPECS/ipa.spec
+++ b/SPECS/ipa.spec
@@ -68,8 +68,7 @@
 %global krb5_kdb_version 8.0
 # 0.7.16: https://github.com/drkjam/netaddr/issues/71
 %global python_netaddr_version 0.7.19
-# Require 4.14.5-13 which brings CVE-2020-25717 fixes
-%global samba_version 4.14.5-13
+%global samba_version 4.17.2-1
 %global selinux_policy_version 3.14.3-52
 %global slapi_nis_version 0.56.4
 %global python_ldap_version 3.1.0-1
@@ -93,8 +92,7 @@
 # 0.7.16: https://github.com/drkjam/netaddr/issues/71
 %global python_netaddr_version 0.7.16
 
-# Require 4.14.6 which brings CVE-2020-25717 fixes
-%global samba_version 2:4.14.6
+%global samba_version 2:4.17.2
 
 # 3.14.5-45 or later includes a number of interfaces fixes for IPA interface
 %global selinux_policy_version 3.14.5-45
@@ -191,7 +189,7 @@
 
 Name:           %{package_name}
 Version:        %{IPA_VERSION}
-Release:        6%{?rc_version:.%rc_version}%{?dist}
+Release:        7%{?rc_version:.%rc_version}%{?dist}
 Summary:        The Identity, Policy and Audit system
 
 License:        GPLv3+
@@ -1723,6 +1721,10 @@ fi
 %endif
 
 %changelog
+* Tue Nov 1  2022 Rafael Jeffman <rjeffman@redhat.com> - 4.9.10-7
+- Rebuild to samba 4.17.2.
+  Related: RHBZ#2132051
+
 * Mon Aug 22 2022 Rafael Jeffman <rjeffman@redhat.com> - 4.9.10-6
 - webui: Allow grace login limit
   Resolves: RHBZ#2109243