FEDORA-2019-57d43f3b58 created by abbra 8 months ago for Fedora 31
stable

Update code to deal with removal of DES support in MIT Kerberos.


Update to Samba 4.11.2 - Security fixes for CVE-2019-10218, CVE-2019-14833


Since MIT Kerberos deprecated use of DES encryption type, restore Samba AD domain controller functionality by not using DES encryption keys. Only AES and RC4 keys would work.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-57d43f3b58

This update has been submitted for testing by abbra.

8 months ago

This update's test gating status has been changed to 'waiting'.

8 months ago

This update has obsoleted samba-4.11.2-0.fc31, and has inherited its bugs and notes.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

This update has been pushed to testing.

8 months ago
karma
BZ#1757071 Deploy new samba DC cause "setup_kerberos_keys: generation of a des-cbc-md5 key failed: Bad encryption type"
karma
BZ#1757071 Deploy new samba DC cause "setup_kerberos_keys: generation of a des-cbc-md5 key failed: Bad encryption type"

This update can be pushed to stable now if the maintainer wishes

8 months ago

This update has been submitted for stable by gd.

8 months ago

This update has been pushed to stable.

8 months ago

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
BZ#1757071 Deploy new samba DC cause "setup_kerberos_keys: generation of a des-cbc-md5 key failed: Bad encryption type"
0
2
BZ#1763137 CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators
0
0
BZ#1763228 samba-4.11.2 is available
0
0
BZ#1764126 CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used
0
0
BZ#1766558 CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators [fedora-all]
0
0
BZ#1766559 CVE-2019-14833 samba: AD DC check password script does not receive full password when non-ASCII characters are used [fedora-all]
0
0
BZ#1769256 ipa-client-samba Installation fails
0
0

Automated Test Results

Test Cases

0 0 Test Case desktop network smb