[ubuntu/focal-security] samba 2:4.11.6+dfsg-0ubuntu1.5 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Sep 30 13:32:52 UTC 2020
samba (2:4.11.6+dfsg-0ubuntu1.5) focal-security; urgency=medium
* SECURITY UPDATE: Unauthenticated domain controller compromise by
subverting Netlogon cryptography (ZeroLogon)
- debian/patches/zerologon-*.patch: backport upstream patches:
+ For compatibility reasons, allow specifying an insecure netlogon
configuration per machine. See the following link for examples:
https://www.samba.org/samba/security/CVE-2020-1472.html
+ Add additional server checks for the protocol attack in the
client-specified challenge to provide some protection when
'server schannel = no/auto' and avoid the false-positive results
when running the proof-of-concept exploit.
- CVE-2020-1472
Date: 2020-09-22 14:44:14.014406+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.11.6+dfsg-0ubuntu1.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list