Package samba-winbind-krb5-localauth: Information
Default inline alert: Version in the repository: 4.20.1-alt1
Binary package: samba-winbind-krb5-localauth
Version: 4.17.12-alt2
Architecture: aarch64
Build time: Oct 22, 2023, 05:04 PM in the task #332448
Source package: samba
Category: System/Servers
Report package bugHome page: http://www.samba.org/
Summary: Samba winbind krb5 plugin for mapping user accounts
Description:
The winbind krb5 localauth is a plugin that permits the MIT Kerberos libraries that Kerberos principals can be validated against local user accounts.
Maintainer: Evgeny Sinelnikov
List of contributors:
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Evgeny Sinelnikov
Michael Shigorin
Ivan A. Melnikov
Grigory Ustinov
Alexey Shabalin
Alexey Sheplyakov
Andrey Cherepanov
Igor Vlasenko
Vitaly Kuznetsov
Last changed
Oct. 22, 2023 Evgeny Sinelnikov 4.17.12-alt2
- Revert services type from forking to notify.
Oct. 17, 2023 Evgeny Sinelnikov 4.17.12-alt1
- Update to security release of Samba 4.17 - Security fixes (Samba#15422, Samba#15424, Samba#15439, Samba#15473, Samba#15474): + CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html + CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" https://www.samba.org/samba/security/CVE-2023-4091.html + CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. https://www.samba.org/samba/security/CVE-2023-4154.html + CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. https://www.samba.org/samba/security/CVE-2023-42669.html + CVE-2023-42670: Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. https://www.samba.org/samba/security/CVE-2023-42670.html
Oct. 7, 2023 Evgeny Sinelnikov 4.17.11-alt2
- New build scheme with separate upstream, altlinux and sisyphus branches.