Debian
samba package

samba 2:4.17.4+dfsg-1 source package in Debian

Changelog

samba (2:4.17.4+dfsg-1) unstable; urgency=medium

  * new upstream stable/security release, with the following changes:
   - CVE-2022-37966: Windows Kerberos RC4-HMAC Elevation of Privilege
     Vulnerability disclosed by Microsoft on Nov 8 2022, see
     https://www.samba.org/samba/security/CVE-2022-37966.html
   - CVE-2022-37967: Windows Kerberos Elevation of Privilege Vulnerability
     disclosed by Microsoft on Nov 8 2022. See
     https://www.samba.org/samba/security/CVE-2022-37967.html
   - CVE-2022-38023: Weak "RC4" (rc4-hmac) protection of the NetLogon Secure
     channel uses, see https://www.samba.org/samba/security/CVE-2022-38023.html
    There are several important behavior changes included in this release,
    which may cause compatibility problems interacting with system still
    expecting the former behavior.  Please read the documents referenced above!
    See also the WHATSNEW.txt document, as there are several new, changed
    and deprecated smb.conf parameters.
  * Other bugfixes in this release (from WHATSNEW.txt):
    https://bugzilla.samba.org/show_bug.cgi?id=14929 CVE-2022-44640
     Upstream Heimdal free of user-controlled pointer in FAST.
    https://bugzilla.samba.org/show_bug.cgi?id=15219
     Heimdal session key selection in AS-REQ examines wrong entry.
    https://bugzilla.samba.org/show_bug.cgi?id=13135 The KDC logic around
     msDs-supportedEncryptionTypes differs from Windows.
    https://bugzilla.samba.org/show_bug.cgi?id=14611 CVE-2021-20251
     Bad password count not incremented atomically.
    https://bugzilla.samba.org/show_bug.cgi?id=15206 libnet: change_password()
     doesn't work with dcerpc_samr_ChangePasswordUser4()
    https://bugzilla.samba.org/show_bug.cgi?id=15230
     Memory leak in snprintf replacement functions.
    https://bugzilla.samba.org/show_bug.cgi?id=15253 RODC doesn't reset
     badPwdCount reliable via an RWDC (CVE-2021-20251 regression).
    https://bugzilla.samba.org/show_bug.cgi?id=15198
     Prevent EBADF errors with vfs_glusterfs.
    https://bugzilla.samba.org/show_bug.cgi?id=15243
     %U for include directive doesn't work for share listing (netshareenum).
    https://bugzilla.samba.org/show_bug.cgi?id=15257
     Stack smashing in net offlinejoin requestodj.
  * removed patches which are now included upstream:
   - nsswitch-pam-data-time_t.patch
   - CVE-2022-42898-lib-krb5-fix-_krb5_get_int64-on-32bit.patch

 -- Michael Tokarev <email address hidden>  Thu, 15 Dec 2022 21:54:31 +0300

Upload details

Uploaded by:
Debian Samba Maintainers
Uploaded to:
Sid
Original maintainer:
Debian Samba Maintainers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
samba_4.17.4+dfsg-1.dsc 4.3 KiB 6c34443b9cb0548ed507706ae449d517242a24f409cc4ae017c3f2413ba4a424
samba_4.17.4+dfsg.orig.tar.xz 17.6 MiB a7905360a0a0492efcdd2add64948a0aa1dddd7adebf480b1ede6075d8a7cb7f
samba_4.17.4+dfsg-1.debian.tar.xz 260.9 KiB db7d4ce308e490d96d264381a45dd12f2623900f3357d8dfc211330c5993b835

No changes file available.

Binary packages built by this source