[SECURITY] [DLA 1788-1] samba security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : samba
Version : 2:4.2.14+dfsg-0+deb8u13
CVE ID : CVE-2018-16860
Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos
extension used in Samba's Active Directory support was susceptible to
man-in-the-middle attacks caused by incomplete checksum validation.
For Debian 8 "Jessie", this problem has been fixed in version
2:4.2.14+dfsg-0+deb8u13.
We recommend that you upgrade your samba packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlzcfEYACgkQnUbEiOQ2
gwISkA/5AVU9SPoBNLSkliomQy8G/Ts7iuNpuieyCtRQP2BqjeNAYvRXmKbcW6EZ
IcpfA4GpJc2Iro6X5dQSyfu4pucPCt79LNkDSz6Mf/UZ4yppbFUXF+fLSBj6NiDM
F6eejQzzlA78VQsgGMBaMc4znGMqjZBWXBuin2SFfJNy/BS14Fp48eVYh2hoiDk6
6s4VgmIBX69lGGAYMhAI3W4Tf9EDu6IeCHbJ428qim1RKTq4kRUI3moTvJBkO80C
F2NPpmd8cliX6sk5HFKVCX8F6vgOmh0v6wT2cUmb/mHHcSy/gtP8qUsL+9pJ4Kl9
gTqJfkV+VDVYktJKH3w0ZQwEAG0C3zV4Sm8hOeU0o71mgD0EnfMhHc/Eme2bKzRC
kHw/jcu443rpqkuK+IZiYrhobDJ5NaILBsV5c4GTVV7NxYCwgzINdIhM5TDDXJf8
R3b6lpWIHtKfJ71T3orui7sKLengrJv0Y9fONfGOkIoExynOR4g+lixGc2sy1cRN
euBhFdP4lG0HUnvzg0gIEZeLIfSwsWbCem9iterVd+oBrdrzIBV2CwkI9JCZkERw
rgdPPbtaR9vpbGTNmwPPngz59U/TcuqrOrpQ+P8Oe+QcA7bpeD2tGJZa19DiwLda
iOxjTkmu3uSM33gCusUlZP8zDJqXfkE0DNkPoJwayOSTkr58xMk=
=mYiM
-----END PGP SIGNATURE-----
Reply to: