[Pkg-samba-maint] Samba ZeroLogon CVE-2020-1472
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 25 06:14:25 BST 2020
Hi Andrew,
On Fri, Sep 25, 2020 at 02:06:18PM +1200, Andrew Bartlett wrote:
> G'Day,
>
> I just noticed there are no patches for the ZeroLogon issue in Debian.
>
> This is a pretty big deal for anybody who has fiddled with the default
> for 'server schannel' or is running Samba 4.7 or earlier.
>
> Is anybody getting onto this? Did the bug not get to the right folks?
yes it did got to us, we have put it on a 'DSA needed' list for
buster, but nobody has come to it yet for an update there yet.
In my understanding this is more problematic for stretch running AD's
as they do not have yet the sane 'server schannel' default. buster has
already the sane defaults but not yet the patches.
AFAICS there is Mike Gabriel recently working on triaging samba for
the LTS supported version, so I'm looping in here.
Regards,
Salvatore
More information about the Pkg-samba-maint
mailing list