[Pkg-samba-maint] Bug#787772: Samba 4 upstream versions 4.1.18 / 4.2.1+ (stable) reportedly fix ntlm_auth NTLMv2 failures
Michael Evans
michael.evans at nor-consult.com
Thu Jun 4 21:29:54 UTC 2015
Package: samba
Version: 4.1.17+dfsg-2
Severity: important
I'm re-submitting because I don't think it liked me adding the Tags:
fixed-upstream pseudo-header.
Having spent the last day enabling additional debugging output, and manually
decoding NTLM packets, I've come across a likely root cause for my woes:
https://bugzilla.samba.org/show_bug.cgi?id=10016
The solutions for this bug include: Using the updated Samba which allows
improved client security to function, forcibly downgrading security on all
clients to older (vulnerable) versions of the NTLM protocol, requiring
stored passwords and plain text auth via PAM instead of accounts (single
sign on won't work).
The included patch exists in 4.1.18 and 4.2.1+
https://www.samba.org/samba/history/samba-4.1.18.html
https://www.samba.org/samba/history/samba-4.2.0.html << Note: not included,
but other nice things.
https://www.samba.org/samba/history/samba-4.2.1.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20150604/7279c62f/attachment.html>
More information about the Pkg-samba-maint
mailing list