From 5ad131275bb9d4740bcd696822317eecf6e319d2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 8 Sep 2021 19:20:55 +1200 Subject: [PATCH 1/2] WHATSNEW: Update for KDC crash fixes Signed-off-by: Andrew Bartlett --- WHATSNEW.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d2c25df89ff..f76b519b43b 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -52,6 +52,14 @@ Starting from Jan 21th 2021, all Samba releases will be signed with the new key. See also GPG_AA99442FB680B620_replaces_6F33915B6568B7EA.txt +New minimum version for the experimental MIT KDC +------------------------------------------------ + +The build of the AD DC using the system MIT Kerberos, an +experimental feature, now requires MIT Kerberos 1.19. An up-to-date +Fedora 34 has this version and has backported fixes for the KDC crash +bugs CVE-2021-37750 and CVE-2021-36222 + NEW FEATURES/CHANGES ==================== @@ -274,6 +282,15 @@ Windows. 'samba-tool dns update' is now a bit more careful in rejecting and warning you about malformed IPv4 and IPv6 addresses. +CVE-2021-3671: Crash in Heimdal KDC and updated security release policy +----------------------------------------------------------------------- + +An unuthenticated user can crash the AD DC KDC by omitting the server +name in a TGS-REQ. Per Samba's updated security process a specific +security release was not made for this issue as it is a recoverable +Denial Of Service. + +See https://wiki.samba.org/index.php/Samba_Security_Proces REMOVED FEATURES ================ -- 2.25.1 From ff860af750018976353f550da69f0187ed161d18 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 8 Sep 2021 19:24:29 +1200 Subject: [PATCH 2/2] WHATSNEW: Update with samba-tool domain backup offline fix Signed-off-by: Andrew Bartlett --- WHATSNEW.txt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f76b519b43b..2f3e1422485 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -292,6 +292,14 @@ Denial Of Service. See https://wiki.samba.org/index.php/Samba_Security_Proces +samba-tool domain backup offline with the LMDB backend +------------------------------------------------------ + +samba-tool domain backup offline, when operating with the LMDB backend +now correctly takes out locks against concurrent modification of the +database during the backup. If you use this tool on a Samba AD DC +using LMDB, you should upgrade to this release for safer backups. + REMOVED FEATURES ================ -- 2.25.1