This is an old revision of the document!


Slackware64-14.0 ChangeLog (2017-07-14)

Fri Jul 14 22:11:58 UTC 2017

  • patches/packages/samba-4.4.15-x86_64-1_slack14.0.txz
    This update fixes an authentication validation bypass security issue:
    “Orpheus' Lyre mutual authentication validation bypass”
    All versions of Samba from 4.0.0 onwards using embedded Heimdal
    Kerberos are vulnerable to a man-in-the-middle attack impersonating
    a trusted server, who may gain elevated access to the domain by
    returning malicious replication or authorization data.
    Samba binaries built against MIT Kerberos are not vulnerable.
    For more information, see:
    https://www.samba.org/samba/security/CVE-2017-11103.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103
    (* Security fix *)
  • news/2017/07/14/slackware64-14.0-changelog.1500121069.txt.gz
  • Last modified: 7 years ago
  • by Giuseppe Di Terlizzi