15e4a66aab
- Update to 4.17.4
* CVE-2022-44640 Upstream Heimdal free of user-controlled
pointer in FAST; (bsc#14929);
* CVE-2021-20251 Bad password count not incremented atomically;
(bsc#14611);
* CVE-2022-42898 krb5_pac_parse() buffer parsing vulnerability;
(bsc#15203);
* CVE-2022-37966 rc4-hmac Kerberos session keys issued to
modern servers; (bso#15237);
* CVE-2022-37967 Kerberos constrained delegation ticket forgery
possible against Samba AD DC; (bso#15231);
* CVE-2022-38023 RC4/HMAC-MD5 NetLogon Secure Channel is weak
and should be avoided; (bso#15240);
* pam_winbind uses time_t and pointers assuming they are of the
same size; (bso#15224);
* Heimdal session key selection in AS-REQ examines wrong entry;
(bso#15219);
* filter-subunit is inefficient with large numbers of
knownfails; (bso#15258);
* smbd allows setting FILE_ATTRIBUTE_TEMPORARY on directories;
(bso#15252);
* The KDC logic arround msDs-supportedEncryptionTypes differs
from Windows; (bso#13135);
* libnet: change_password() doesn't work with
dcerpc_samr_ChangePasswordUser4(); (bso#15206);
* Heimdal session key selection in AS-REQ examines wrong entry;
(bso#15219);
* Memory leak in snprintf replacement functions; (bso#15230);
* RODC doesn't reset badPwdCount reliable via an RWDC
(CVE-2021-20251 regression); (bso#15253);
OBS-URL: https://build.opensuse.org/request/show/1043954
OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=674
|
||
|---|---|---|
| _service | ||
| .gitattributes | ||
| .gitignore | ||
| baselibs.conf | ||
| samba-4.17.4+git.300.305b22bfce.tar.bz2 | ||
| samba-client-rpmlintrc | ||
| samba.changes | ||
| samba.spec | ||