diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2017-07-12 15:06:31 +1200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2017-07-12 10:56:00 +0200 |
| commit | 64a40b5f64a849c754cfd3ef9d3d59b9ccf67013 (patch) | |
| tree | 5c9a840cbe51123efa27cbaca5898d6d3e5ab673 /WHATSNEW.txt | |
| parent | 9b0972c8e429fee8e15f23ab508a9f0729a4e0b6 (diff) | |
| download | samba-64a40b5f64a849c754cfd3ef9d3d59b9ccf67013.tar.gz | |
WHATSNEW: Add release notes for Samba 4.6.6.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'WHATSNEW.txt')
| -rw-r--r-- | WHATSNEW.txt | 57 |
1 files changed, 55 insertions, 2 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index ab2182c7b71..75d90b7d1da 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,57 @@ ============================= + Release Notes for Samba 4.6.6 + July 12, 2017 + ============================= + + +This is a security release in order to address the following defect: + +o CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass) + +======= +Details +======= + +o CVE-2017-11103 (Heimdal): + All versions of Samba from 4.0.0 onwards using embedded Heimdal + Kerberos are vulnerable to a man-in-the-middle attack impersonating + a trusted server, who may gain elevated access to the domain by + returning malicious replication or authorization data. + + Samba binaries built against MIT Kerberos are not vulnerable. + + +Changes since 4.6.5: +--------------------- + +o Jeffrey Altman <jaltman@secure-endpoints.com> + * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================= Release Notes for Samba 4.6.5 June 6, 2017 ============================= @@ -78,8 +131,8 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- + ============================= Release Notes for Samba 4.6.4 |