| Errata ID | 360 |
|---|---|
| Date | 2016-12-19 |
| Source package | samba |
| Fixed in version | 2:4.5.1-1.849.201612152121 |
| Description | This update fixes the following issues: * Overflow in Samba NDR parsing function ndr_pull_dnsp_name causes vulnerability to remote code execution (CVE-2016-2123). * Unconditional privilege delegation to Kerberos servers in trusted realms (CVE-2016-2125). * Flaws in Kerberos PAC validation can trigger privilege elevation (CVE-2016-2126). * Samba has been updated to version 4.5.3. The Debian package version doesn't reflect this and stays at 2:4.5.1-1.849. * Rejoining a DC Backup or DN Slave failed in UCS 4.1-4 because samba-tool domain join didn't support the option --keep existing any longer. |
| Additional notes | |
| CVE ID | CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 |
| UCS Bug number | #43132 #43144 #43176 |
