From c5370a4349d381ba3b64b063dc28a2c54cfacdfc Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 6 Nov 2018 13:40:48 +1300
Subject: CVE-2018-16853 WHATSNEW: The Samba AD DC, when build with MIT
 Kerberos is experimental

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
---
 WHATSNEW.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'WHATSNEW.txt')

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index fc43edc8e86..23a88c295b5 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -78,6 +78,17 @@ Using the default sequence the restart delays (in seconds) are:
 REMOVED FEATURES
 ================
 
+MIT Kerberos build of the AD DC
+-------------------------------
+
+While not removed, the MIT Kerberos build of the Samba AD DC is still
+considered experimental.  Because Samba will not issue security
+patches for this configuration, such builds now require the explicit
+configure option: --with-experimental-mit-ad-dc
+
+For further details see
+https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
+
 samba_backup
 ------------
 
-- 
cgit v1.2.1