First Last Prev Next    This bug is not in your last search results.
Bug 41195 - Regressions regarding NTLMSSP hardening of CVE-2016-2110 in Samba 4.3.7 (3.3)
Regressions regarding NTLMSSP hardening of CVE-2016-2110 in Samba 4.3.7 (3.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Samba4
UCS 3.3
Other Linux
: P5 normal (vote)
: UCS 3.3
Assigned To: Arvid Requate
Felix Botner
:
Depends on: 41194
Blocks: 41196
  Show dependency treegraph
 
Reported: 2016-05-03 19:56 CEST by Arvid Requate
Modified: 2016-09-29 17:25 CEST (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Troubleshooting
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2016-05-03 19:56:51 CEST 
+++ This bug was initially created as a clone of Bug #41194 +++

Regressions regarding the NTLMSSP hardening of CVE-2016-2110 in Samba 4.3.7 have been fixed upstream:

* https://bugzilla.samba.org/show_bug.cgi?id=11849
* https://bugzilla.samba.org/show_bug.cgi?id=11852
* see also https://bugzilla.samba.org/show_bug.cgi?id=11889
Comment 1 Arvid Requate univentionstaff 2016-05-09 21:00:47 CEST 
The package has been rebuilt with the upstream patches for:

* https://bugzilla.samba.org/show_bug.cgi?id=11849
* https://bugzilla.samba.org/show_bug.cgi?id=11852

Version: 2:4.3.7-1.828.201605092038
Comment 2 Arvid Requate univentionstaff 2016-05-10 14:31:14 CEST 
Rebuilt with additional patch https://bugzilla.samba.org/show_bug.cgi?id=11912

Version: 2:4.3.7-1.828.201605101154
Comment 3 Arvid Requate univentionstaff 2016-05-19 18:35:56 CEST 
Rebuilt with additional patches:
  https://bugzilla.samba.org/show_bug.cgi?id=11744#c43

Version: 2:4.3.7-1.828.201605191457
Comment 4 Felix Botner univentionstaff 2016-05-23 17:24:25 CEST 
OK - ucs-test
OK - manual test (windows join, password change, share access)
OK - version 2:4.3.7-1.828.201605191457
Comment 5 Stefan Gohmann univentionstaff 2016-06-07 21:35:48 CEST 
UCS 3.3 has been released:
 https://docs.software-univention.de/release-notes-3.3-0-en.html
 https://docs.software-univention.de/release-notes-3.3-0-de.html

If this error occurs again, please use "Clone This Bug".
First Last Prev Next    This bug is not in your last search results.