[Pkg-samba-maint] Bug#787773: Samba 4 upstream versions 4.1.18 / 4.2.1+ (stable) reportedly fix ntlm_auth NTLMv2 failures

Michael Evans michael.evans at nor-consult.com
Thu Jun 4 20:27:00 UTC 2015


Package: samba

Version: 4.1.17+dfsg-2

Severity: important

Tags: fixed-upstream

 

Having spent the last day enabling additional debugging output, and manually
decoding NTLM packets, I've come across a likely root cause for my woes:

 

https://bugzilla.samba.org/show_bug.cgi?id=10016

 

The solutions for this bug include: Using the updated Samba which allows
improved client security to function, forcibly downgrading security on all
clients to older (vulnerable) versions of the NTLM protocol, requiring
stored passwords and plain text auth via PAM instead of accounts (single
sign on won't work).

 

The included patch exists in 4.1.18 and 4.2.1+

 

https://www.samba.org/samba/history/samba-4.1.18.html 

https://www.samba.org/samba/history/samba-4.2.0.html << Note: not included,
but other nice things.

https://www.samba.org/samba/history/samba-4.2.1.html 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20150604/74c0d865/attachment.html>


More information about the Pkg-samba-maint mailing list