diff options
| author | Bob Campbell <bobcampbell@catalyst.net.nz> | 2017-07-12 15:20:28 +1200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2017-07-12 10:59:31 +0200 |
| commit | d80bf4429be217980161a95f67d86c0d22380cb3 (patch) | |
| tree | 982d71d0abf0f9d9e6de2cb52bf97740c1d2ec13 | |
| parent | fd4c30bf5266b0d3a8c9cb3a6ac44d4f7ee3ac75 (diff) | |
| download | samba-d80bf4429be217980161a95f67d86c0d22380cb3.tar.gz | |
WHATSNEW: Add release notes for Samba 4.4.15
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | WHATSNEW.txt | 56 |
1 files changed, 54 insertions, 2 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f6688b0774f..476ea80c509 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,57 @@ ============================== + Release Notes for Samba 4.4.15 + July 12, 2017 + ============================== + + +This is a security release in order to address the following defect: + +o CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass) + +======= +Details +======= + +o CVE-2017-11103 (Heimdal): + All versions of Samba from 4.0.0 onwards using embedded Heimdal + Kerberos are vulnerable to a man-in-the-middle attack impersonating + a trusted server, who may gain elevated access to the domain by + returning malicious replication or authorization data. + + Samba binaries built against MIT Kerberos are not vulnerable. + + +Changes since 4.4.14: +--------------------- + +o Jeffrey Altman <jaltman@secure-endpoints.com> + * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================== Release Notes for Samba 4.4.14 May 24, 2017 ============================== @@ -47,8 +100,7 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +--------------------------------------------------------------------- ============================== Release Notes for Samba 4.4.13 |