[Pkg-samba-maint] HEADS UP: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
abartlet at samba.org
Thu Jul 13 20:10:23 UTC 2017
On Thu, 2017-07-13 at 21:05 +0200, Yves-Alexis Perez wrote:
> On Thu, 2017-07-13 at 19:47 +1200, Andrew Bartlett wrote:
> > These and the debdiff against a build directly from the git tree are
> > (or will be shortly) at
> > https://seafile.catalyst.net.nz/d/8f9c648216c3452497cb/
> > I hope this is of some assistance.
> Hi, thanks for your work on this. The debdiff looks simple and sane enough,
> unfortunately I don't think we have a Samba-AD test instance to check it does
> work indeed.
> Besides the upstream build test was there some confirmation it did work?
Yes, I built a reproducer for the core issue and checked it against
upstream. I'll release that in a few days as part of our regression
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the Pkg-samba-maint