Samba 4.5.12 (gzipped)
Signature
Patch (gzipped) against Samba 4.5.11
Signature
============================== Release Notes for Samba 4.5.12 July 12, 2017 ============================== This is a security release in order to address the following defect: o CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass) ======= Details ======= o CVE-2017-11103 (Heimdal): All versions of Samba from 4.0.0 onwards using embedded Heimdal Kerberos are vulnerable to a man-in-the-middle attack impersonating a trusted server, who may gain elevated access to the domain by returning malicious replication or authorization data. Samba binaries built against MIT Kerberos are not vulnerable. Changes since 4.5.11: --------------------- o Jeffrey Altman <jaltman@secure-endpoints.com> * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation