[Pkg-samba-maint] Bug#1001053: also being affected
Michael Tokarev
mjt at tls.msk.ru
Wed Apr 13 21:17:16 BST 2022
13.04.2022 22:37, Daniel Lakeland wrote:
> My wife has a dual mirrored glusterfs file server that is used for central storage of biology research data. They'd been running old versions of
> Debian, until one of them had a hard drive failure. After replacing hardware and installing the latest Debian release, upgrading the other machine,
> and synchronizing the gluster fileserver, now no-one can access the server because they are experiencing something similar to this bug.
We missed a bugfix from upstream samba 4.13.17, this one:
CVE-2020-25717-s3-auth-fix-MIT-Realm-regression.patch
which smells like this very bug.
Security team imported all security-related patches up to 4.13.16, but
did not include any bugfixes, and this is one of the bugfixes.
From this patch:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14922
Reported-at: https://lists.samba.org/archive/samba/2021-November/238720.html
Please take a look..
I prepared an update for samba in bullseye (it has quite some other
issues too, including a serious data corruption issue which bite
me hard). I *hope* it will fix your issue too, as it includes the
above mentioned change. I should try to push it to stable-proposed-updates.
And yes it should hopefully be fixed in 4.16 release too, which is
available in unstable.
Thanks!
/mjt
More information about the Pkg-samba-maint
mailing list