Package samba-winbind-krb5-locator: Information
Binary package: samba-winbind-krb5-locator
Version: 4.16.11-alt2
Architecture: i586
Build time: Jul 28, 2023, 06:39 PM in the task #325413
Source package: samba
Category: System/Servers
Report package bugHome page: http://www.samba.org/
Summary: Samba winbind krb5 locator
Description:
The winbind krb5 locator is a plugin for the system kerberos library to allow the local kerberos library to use the same KDC as samba and winbind use
Maintainer: Evgeny Sinelnikov
List of contributors:
Evgeny Sinelnikov
Ivan A. Melnikov
Michael Shigorin
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Evgeny Sinelnikov
Ivan A. Melnikov
Michael Shigorin
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Last changed
July 23, 2023 Evgeny Sinelnikov 4.16.11-alt2
- Add check with admx-lint for group policy templates validation.
July 23, 2023 Evgeny Sinelnikov 4.16.11-alt1
- Update to security release of Samba 4.16 (Closes: 46966): + Secure channel faulty since Windows 10/11 update 07/2023 (KB5028166). - Security fixes (Samba#15418): + CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html + CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. https://www.samba.org/samba/security/CVE-2023-34966.html + CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. https://www.samba.org/samba/security/CVE-2023-34967.html + CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server- side absolute path of shares and files and directories in search results. https://www.samba.org/samba/security/CVE-2023-34968.html
March 29, 2023 Evgeny Sinelnikov 4.16.10-alt1
- Update to security release of Samba 4.16 with update libldb to 2.5.3: + ldb wildcard matching makes excessive allocations (Samba#15331). - Security fixes (Samba#15270, Samba#15315): + CVE-2023-0922: The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. https://www.samba.org/samba/security/CVE-2023-0922.html + CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. Installations with such secrets in their Samba AD should assume they have been obtained and need replacing. https://www.samba.org/samba/security/CVE-2023-0614.html