Update to Samba 4.9.17 to address CVE-2019-14861 and CVE-2019-14870

Description

===========================================================
== Subject: Samba AD DC zone-named record Denial of
== Service in DNS management server (dnsserver)
==
== CVE ID#: CVE-2019-14861
==
== Versions: All Samba versions since Samba 4.0
==
== Summary: An authenticated user can crash the DCE/RPC DNS
== management server by creating records with matching
== the zone name
===========================================================

===========================================================
== Subject: DelegationNotAllowed not being enforced
== in protocol transition on Samba AD DC.
==
== CVE ID#: CVE-2019-14870
==
== Versions: All Samba versions since Samba 4.0
==
== Summary: The DelegationNotAllowed Kerberos feature restriction
== was not being applied when processing protocol
== transition requests (S4U2Self), in the AD DC KDC.
===========================================================

Problem/Justification

None

Impact

None

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Dru Lavigne
December 20, 2019 at 4:26 PM

Legacy UI doc commit: https://github.com/freenas/freenas-docs/commit/125f5d58f6400fd1df18fe422f9904ba83a32240

New UI doc commit: https://github.com/freenas/freenas-docs/commit/113b9cfc70fcce388c121602116d57eaa5e8556e

Bug Clerk
December 10, 2019 at 4:22 PM

11.2 PR: https://github.com/freenas/ports/pull/475

Resize issue view side panel

Complete

Details

Assignee

Andrew Walker

Reporter

Andrew Walker

Components

Fix versions

TrueNAS 11.2-U8

11.2-U8

Priority

Low

More fields

Katalon Platform

Created December 10, 2019 at 1:52 PM

Updated July 1, 2022 at 4:47 PM

Resolved December 10, 2019 at 4:22 PM