Univention Bugzilla – Bug 41193
Regressions regarding NTLMSSP hardening of CVE-2016-2110 in Samba 4.3.7 (4.1)
Last modified: 2023-10-05 10:14:24 CEST
Regressions regarding the NTLMSSP hardening of CVE-2016-2110 in Samba 4.3.7 have been fixed upstream: * https://bugzilla.samba.org/show_bug.cgi?id=11849 * https://bugzilla.samba.org/show_bug.cgi?id=11852 * see also https://bugzilla.samba.org/show_bug.cgi?id=11889
See also https://bugzilla.samba.org/show_bug.cgi?id=11849 https://bugzilla.samba.org/show_bug.cgi?id=11841 https://bugzilla.samba.org/show_bug.cgi?id=11847 https://bugzilla.samba.org/show_bug.cgi?id=11850 https://bugzilla.samba.org/show_bug.cgi?id=11858 https://bugzilla.samba.org/show_bug.cgi?id=11870 https://bugzilla.samba.org/show_bug.cgi?id=11872
The package has been rebuilt with the upstream patches for: * https://bugzilla.samba.org/show_bug.cgi?id=11849 * https://bugzilla.samba.org/show_bug.cgi?id=11852 Advisory: samba.yaml
Rebuilt with additional patch https://bugzilla.samba.org/show_bug.cgi?id=11912 ucs-test -s samba-common -s samba4 -E dangerous was successful on my system.
OK - YAML OK - ucs-test OK - windows join OK - user sync OK - password change OK - share access OK - version 2:4.3.7-1.830.201605101118 0 500 http://192.168.0.10/build2/ ucs_4.1-0-errata4.1-2/amd64/ Packages 2:4.3.7-1.829.201605101206 0 500 http://192.168.0.10/build2/ ucs_4.0-0-errata4.0-5/amd64/ Packages 2:4.3.7-1.828.201605101154 0 500 http://192.168.0.10/build2/ ucs_3.3-0/amd64/ Packages 2:4.3.7-1.827.201605101142 0 500 http://192.168.0.10/build2/ ucs_3.2-0-errata3.2-8/amd64/ Packages
Additional patches have been published: https://bugzilla.samba.org/show_bug.cgi?id=11744#c43
The package has bee rebuilt with the additional patches.
OK - built with patches OK - installation/update OK - simple tests (join, password change, share access) OK - ucs-tests OK - samba.yaml
<http://errata.software-univention.de/ucs/4.1/193.html>