Samba 4.5.12 Available for Download

Samba 4.5.12 (gzipped)

Patch (gzipped) against Samba 4.5.11

                   Release Notes for Samba 4.5.12
                            July 12, 2017

This is a security release in order to address the following defect:

o  CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass)


o  CVE-2017-11103 (Heimdal):
   All versions of Samba from 4.0.0 onwards using embedded Heimdal
   Kerberos are vulnerable to a man-in-the-middle attack impersonating
   a trusted server, who may gain elevated access to the domain by
   returning malicious replication or authorization data.

   Samba binaries built against MIT Kerberos are not vulnerable.

Changes since 4.5.11:

o  Jeffrey Altman <>
   * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation