Your message dated Thu, 13 Jul 2017 18:21:38 +0000 with message-id <e1dvik6-000aqp...@fasolo.debian.org> and subject line Bug#868209: fixed in samba 2:4.6.5+dfsg-4 has caused the Debian Bug report #868209, regarding CVE-2017-11103: MitM attack, impersonation of the Kerberos client, known as Orpheus Lyre to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 868209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: samba Severity: grave Tags: security patch Version: 2:4.1.11+dfsg-1 Hi, the following vulnerability was published for samba (due to its embedded copy of heimdal). I checked the build logs for unstable and apparently it does use this copy (I don't know the status for older releases). CVE-2017-11103[0]: MitM attack, impersonation of the Kerberos client, know as Orpheus Lyre A dedicated website is here: https://orpheus-lyre.info/ The samba announce and patch are here: https://www.samba.org/samba/security/CVE-2017-11103.html https://download.samba.org/pub/samba/patches/security/samba-4.x.y-CVE-2017-11103.patch If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-11103 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 Please adjust the affected versions in the BTS as needed. -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---
--- Begin Message ---Source: samba Source-Version: 2:4.6.5+dfsg-4 We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 868...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mathieu Parent <sath...@debian.org> (supplier of updated samba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 Jul 2017 14:38:32 +0200 Source: samba Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind libwbclient0 libwbclient-dev ctdb Architecture: source amd64 all Version: 2:4.6.5+dfsg-4 Distribution: unstable Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Mathieu Parent <sath...@debian.org> Description: ctdb - clustered database to store temporary data libnss-winbind - Samba nameservice integration plugins libpam-winbind - Windows domain authentication integration plugin libparse-pidl-perl - IDL compiler written in Perl libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library python-samba - Python bindings for Samba registry-tools - tools for viewing and manipulating the Windows registry samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - Samba common files used by both the server and the client samba-dev - tools for extending Samba samba-dsdb-modules - Samba Directory Services Database samba-libs - Samba core libraries samba-testsuite - test suite from Samba samba-vfs-modules - Samba Virtual FileSystem plugins smbclient - command-line SMB/CIFS clients for Unix winbind - service to resolve user and group information from Windows NT ser Closes: 868209 Changes: samba (2:4.6.5+dfsg-4) unstable; urgency=high . * This is a security release in order to address the following defects: - CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation (Closes: #868209) * Other fixes: - Remove empty samba-common.maintscript (leading to empty preinst and prerm) Checksums-Sha1: 2baf46255c2d63b92374073dd5e05b9684284d97 4072 samba_4.6.5+dfsg-4.dsc 701e6e3c5a334079aa3a87c4629781e46ee75156 224812 samba_4.6.5+dfsg-4.debian.tar.xz b6f4a4e961c09e5627360fdc892e2d652d19527c 2212046 ctdb-dbgsym_4.6.5+dfsg-4_amd64.deb 99253c0d757a5b00680ce39bf7dd357cf9801f4b 667340 ctdb_4.6.5+dfsg-4_amd64.deb cb0470513d6b68fac5b9c9645f4234078d186fa1 28844 libnss-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb 9b2ba3967f94944353f560c2b728842fbdf5e594 107928 libnss-winbind_4.6.5+dfsg-4_amd64.deb d2bcee866bbf7e74330b8ffbfa9b67accc90439b 42710 libpam-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb e209fb31982031c3cbcd5865ddea1a406d2f3a40 125832 libpam-winbind_4.6.5+dfsg-4_amd64.deb 64c2a9f7b9a43035b911ffebb0999227ac71bdf5 192068 libparse-pidl-perl_4.6.5+dfsg-4_amd64.deb b37c476eef8ae966861a400f0db2eb6dfe234002 194956 libsmbclient-dbgsym_4.6.5+dfsg-4_amd64.deb 1be6cb897705f7cce7623b2dd86ccfd6bc3688a9 138518 libsmbclient-dev_4.6.5+dfsg-4_amd64.deb 16b6a387dda6f9dd10a41f1ebd63fa50cff31a8c 150704 libsmbclient_4.6.5+dfsg-4_amd64.deb ce92f5a7a425adc2abf0a921619b15fab74f67f2 110038 libwbclient-dev_4.6.5+dfsg-4_amd64.deb c1f346ce7f23da5ec50421fd088f90803d364d5e 87230 libwbclient0-dbgsym_4.6.5+dfsg-4_amd64.deb 8596bb58ff49c029eb079d8f3b4b2b94d629a9f8 124258 libwbclient0_4.6.5+dfsg-4_amd64.deb ac7a1e4d960736d7a1e7b6ebc9dccf7283fdb0cf 6228156 python-samba-dbgsym_4.6.5+dfsg-4_amd64.deb 2ec45ad651f948b6f2366d7318ec495d760ff871 1884838 python-samba_4.6.5+dfsg-4_amd64.deb 76c6068cba41ed77618246c4380cc056dc4c3ff1 77748 registry-tools-dbgsym_4.6.5+dfsg-4_amd64.deb d3ababcba58728a38ed2da46696f5a4dfa3d5dca 125680 registry-tools_4.6.5+dfsg-4_amd64.deb 59c5829a0b29cd9b98721a2c4d8e317daa7579ec 1271546 samba-common-bin-dbgsym_4.6.5+dfsg-4_amd64.deb 4febe28fc05559116a40d23fcd4d6a82232c3197 607058 samba-common-bin_4.6.5+dfsg-4_amd64.deb 7808538368e847a87116e991eee3f8e8c0e7c672 165912 samba-common_4.6.5+dfsg-4_all.deb 6d3e73b01f4be0d7b7d167198425ffd0e3567758 1942612 samba-dbgsym_4.6.5+dfsg-4_amd64.deb 25250d207080b4e398ab8e8e88d96a27a206f1b7 325482 samba-dev_4.6.5+dfsg-4_amd64.deb 6fe1a155953b600438e9ee261bc0d6cda1580b29 886736 samba-dsdb-modules-dbgsym_4.6.5+dfsg-4_amd64.deb ec4a54cb97501c7821b7acda60d907f4feab872c 328066 samba-dsdb-modules_4.6.5+dfsg-4_amd64.deb 7b276012ab5112df360a90da8aeef2315d51c827 19581688 samba-libs-dbgsym_4.6.5+dfsg-4_amd64.deb 701c67a38d6decfeb22881719decfb481951ebd3 5283396 samba-libs_4.6.5+dfsg-4_amd64.deb 6f86199253640cd35e7d6579b8406e7e98d5dd51 5565274 samba-testsuite-dbgsym_4.6.5+dfsg-4_amd64.deb 8d6e49cc638e34f83f480bd7738c06a24c130b7a 1795780 samba-testsuite_4.6.5+dfsg-4_amd64.deb a34d2f804d7806f7af351039bfaeb308bc9de403 1336924 samba-vfs-modules-dbgsym_4.6.5+dfsg-4_amd64.deb a3d0f203a35ba30f4ec50b5cef6414b1ae4a9bc6 389044 samba-vfs-modules_4.6.5+dfsg-4_amd64.deb 730c15f97a49c124f78b60aadc1932206ee1205b 20590 samba_4.6.5+dfsg-4_amd64.buildinfo ef1c9ae4d31cb9223bf88e42cc4955e3f3fcbef1 936844 samba_4.6.5+dfsg-4_amd64.deb 8edd19cfcba41def7b394096a2a9bd5a13b924ff 1256560 smbclient-dbgsym_4.6.5+dfsg-4_amd64.deb bc432d12841f8fcc85214e8554ede332a9967915 442308 smbclient_4.6.5+dfsg-4_amd64.deb 7ae4d6bff982d2348b3003a0fc54e5f5c47668f6 1793108 winbind-dbgsym_4.6.5+dfsg-4_amd64.deb a52aa0f34490e54efed375e5d30e71fb286ee721 533196 winbind_4.6.5+dfsg-4_amd64.deb Checksums-Sha256: 261f809fd390082744f2fe896a9e16863343b71aca0e90e402136d7983ce3e79 4072 samba_4.6.5+dfsg-4.dsc e5ba30062120c177ae37c32a240ad054b1f3bcba8420d605f96ac320101441fe 224812 samba_4.6.5+dfsg-4.debian.tar.xz eb2d8d77319ffbc2a299b8b558ed0ca1fa60c3b0721526aa56aad9caea397071 2212046 ctdb-dbgsym_4.6.5+dfsg-4_amd64.deb 3bb72dfb554fb6a370a9a00f085ccf5bc75bb7aa639ddc01fda4233ccdf9125a 667340 ctdb_4.6.5+dfsg-4_amd64.deb ea323ef2d52f82d91469bf699dda01f0145e7c3ed116a21378d6946963f8d9a2 28844 libnss-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb ac8edd75e2596889012baed21fa5a93f47b3a90195ebe899ccc071a3849db167 107928 libnss-winbind_4.6.5+dfsg-4_amd64.deb 9f3c01481f8d62a71c2a1cab2791f99005be591421d338ca22311be014be63df 42710 libpam-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb d887c622945089e06abf184030590d57ae373b218722b41c72c40239949a407f 125832 libpam-winbind_4.6.5+dfsg-4_amd64.deb ec04c8aad0f8ba7e9cd4570900a61c47867644ca655c8c600855a276770d12ea 192068 libparse-pidl-perl_4.6.5+dfsg-4_amd64.deb 0688c70a1f05161da6dbdf15ffbb41e3bb8a642ef957704b2c0e9c7147584936 194956 libsmbclient-dbgsym_4.6.5+dfsg-4_amd64.deb a4aee949b1974cf99f6b4323f6423195532affe74335876e21fb7807c8b6aa59 138518 libsmbclient-dev_4.6.5+dfsg-4_amd64.deb fd0512a2c6823bcb3405553c8ef33cdb4c5358508b907ba6527d2aed66948fb6 150704 libsmbclient_4.6.5+dfsg-4_amd64.deb eb5aef30bcbbf6c773606159e87f8844ec084cdda868ca07168d0815cabed214 110038 libwbclient-dev_4.6.5+dfsg-4_amd64.deb f0cf5ab43cf7fb7ccb720dd11afd8ea0777f64b5c143c94db51cb94dd855fd38 87230 libwbclient0-dbgsym_4.6.5+dfsg-4_amd64.deb fc3e36f3b0d358f6e75e015b49666a5fc1307be3ea24426d9623622db8fd5222 124258 libwbclient0_4.6.5+dfsg-4_amd64.deb bea38af9070496c94fabb098749e3ab40bf4f518ff1637b7f73c83b1bdaeb800 6228156 python-samba-dbgsym_4.6.5+dfsg-4_amd64.deb 2bae0b09b02022a556aba9ffd19e430b2724d430157f03501f73181879bb9ed1 1884838 python-samba_4.6.5+dfsg-4_amd64.deb da875e77317105ee5ad3963663385ab9d759d7caed99534eee3ff1b2ba48d2ac 77748 registry-tools-dbgsym_4.6.5+dfsg-4_amd64.deb 93c601988a9c9a6af54fc5107929697ffdb2680bc6fd330e56f3939e403d25fb 125680 registry-tools_4.6.5+dfsg-4_amd64.deb 199ab45bb54e1143c3abfad82c6dd5425f8d8e7bac71fc87b206639e3152d6ec 1271546 samba-common-bin-dbgsym_4.6.5+dfsg-4_amd64.deb 82af97c5de896b108785cd84dcaf063ecc7a60ca71d886df3164d3f758e488bd 607058 samba-common-bin_4.6.5+dfsg-4_amd64.deb f421088556a217668e4e7da9ad9c4e8ee944a5e1fb11b5350bc42a003c46ca6c 165912 samba-common_4.6.5+dfsg-4_all.deb 2d9efa5fe912e683ac084d15c977e6b72fa522df4f6c1d786265f3c74bea228c 1942612 samba-dbgsym_4.6.5+dfsg-4_amd64.deb e940bc402a2f91d3c460dac2c21149ac298534e91c63976e783b751862d34a0e 325482 samba-dev_4.6.5+dfsg-4_amd64.deb 544fd952b99ae021262887496cf468fd1554ea8e68d5c59a25782bf7295c3dbc 886736 samba-dsdb-modules-dbgsym_4.6.5+dfsg-4_amd64.deb abb0f827df308663d985baf9fe315589cd0aca097136b35444d32d16877b0731 328066 samba-dsdb-modules_4.6.5+dfsg-4_amd64.deb 7c71d58ce40d16a06923702d214592af74caa36fd5062cd57a77f2b1a7120c6c 19581688 samba-libs-dbgsym_4.6.5+dfsg-4_amd64.deb 89b4a4dabc9afb4519d617e2cff4d514de8a8120bda7ee95a2ddb15eb4cfc729 5283396 samba-libs_4.6.5+dfsg-4_amd64.deb 7041e147b5f78b23844418dbf2800942e8ac2a33242a67f45389f4cec6b58356 5565274 samba-testsuite-dbgsym_4.6.5+dfsg-4_amd64.deb ca776069f914f79de5cc23be8fd47d674e79cb608673a78c201e054da22c26d5 1795780 samba-testsuite_4.6.5+dfsg-4_amd64.deb ebe49c11b5878c2a54ae11d5f59b188c4468c407ab8190a5dc40311970d714a3 1336924 samba-vfs-modules-dbgsym_4.6.5+dfsg-4_amd64.deb 05ed3f5d2e943daa5ce8f0f05cc7e1fef678bfbc869fa3c613c5c1d481e06734 389044 samba-vfs-modules_4.6.5+dfsg-4_amd64.deb cea9328952e75d923861be9f4ff1051259eca55695e322bd3f45fabc633cbdce 20590 samba_4.6.5+dfsg-4_amd64.buildinfo 4c5d2bc2371389b2365ce55070149910984720dc966f84232e2012f95a1746d7 936844 samba_4.6.5+dfsg-4_amd64.deb 4ce78186ac3086722adf22639f6a3f5d932c68fd9a1d85b236d0e1814f02016e 1256560 smbclient-dbgsym_4.6.5+dfsg-4_amd64.deb e5edb34d0f0977401f491b4e770f67dce2a78cd0d0772ceef9d6dba79a79d6be 442308 smbclient_4.6.5+dfsg-4_amd64.deb de2e9fbed9000323aaf2a9b40b40cef70cc2833a3aa14276fa1a8e3112276627 1793108 winbind-dbgsym_4.6.5+dfsg-4_amd64.deb 1764e416f6001e021c2ca73c7bbb41943755d21f8d55689d719e8eb0cf415531 533196 winbind_4.6.5+dfsg-4_amd64.deb Files: 4a4a2f3552c1d582ed953d90c5c5eab5 4072 net optional samba_4.6.5+dfsg-4.dsc 066d68f9961721cb0eb75d5c73c00aea 224812 net optional samba_4.6.5+dfsg-4.debian.tar.xz b03343005277c29febbf3b87a8c86c04 2212046 debug extra ctdb-dbgsym_4.6.5+dfsg-4_amd64.deb 6e72b169b895935e112c81bbc5c5c32e 667340 net optional ctdb_4.6.5+dfsg-4_amd64.deb 336a366e754ede39acb81341f105d4ac 28844 debug extra libnss-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb 6af25c211c8e6bfc28cf55e37fdf336f 107928 net optional libnss-winbind_4.6.5+dfsg-4_amd64.deb 0ca14061ef5e9bd59617d7df2d5b5394 42710 debug extra libpam-winbind-dbgsym_4.6.5+dfsg-4_amd64.deb 1a2b75fca3c38bfcc094ddfa85e3e10a 125832 net optional libpam-winbind_4.6.5+dfsg-4_amd64.deb fe4769e12c949ea362ef65f141cee35a 192068 perl optional libparse-pidl-perl_4.6.5+dfsg-4_amd64.deb a43cad0cffa2764c5f75064a2bc7b4f0 194956 debug extra libsmbclient-dbgsym_4.6.5+dfsg-4_amd64.deb f8014030dc24431211137b8029c20b6f 138518 libdevel extra libsmbclient-dev_4.6.5+dfsg-4_amd64.deb 9eb404820188503c1173f593b0225dc8 150704 libs optional libsmbclient_4.6.5+dfsg-4_amd64.deb c3f541e626cbf07ba446fbbb29547222 110038 libdevel optional libwbclient-dev_4.6.5+dfsg-4_amd64.deb 7ffd0dedae40ec53a4aebb8cbeb02ebf 87230 debug extra libwbclient0-dbgsym_4.6.5+dfsg-4_amd64.deb c7525984c092d06f3988df719397d395 124258 libs optional libwbclient0_4.6.5+dfsg-4_amd64.deb a82059d650b21e58292057ecaf5bfd3b 6228156 debug extra python-samba-dbgsym_4.6.5+dfsg-4_amd64.deb f3b470fa68b2fb230e738566ebc487e1 1884838 python optional python-samba_4.6.5+dfsg-4_amd64.deb 8c5761c06825e8c090325aa5608f3dcc 77748 debug extra registry-tools-dbgsym_4.6.5+dfsg-4_amd64.deb 2cdb610891d5f35bf77774034dbbf381 125680 net optional registry-tools_4.6.5+dfsg-4_amd64.deb ede87692edc7f7b289f5f1193e3e793b 1271546 debug extra samba-common-bin-dbgsym_4.6.5+dfsg-4_amd64.deb de7eedd2d72ef7906165fe8e0f6302c3 607058 net optional samba-common-bin_4.6.5+dfsg-4_amd64.deb d8993807ce9e199093bbbf9286a3da1b 165912 net optional samba-common_4.6.5+dfsg-4_all.deb 4471e76250e9f7fcac377844db962cf5 1942612 debug extra samba-dbgsym_4.6.5+dfsg-4_amd64.deb fd5c309514874b1b94c451c775689561 325482 devel optional samba-dev_4.6.5+dfsg-4_amd64.deb 4edd03f2196200dbe838b11586c51443 886736 debug extra samba-dsdb-modules-dbgsym_4.6.5+dfsg-4_amd64.deb 3b40ae891be10db18c10cefe1339b38f 328066 libs optional samba-dsdb-modules_4.6.5+dfsg-4_amd64.deb 0d9a169dfc92e49f4bdfc57f1b73e454 19581688 debug extra samba-libs-dbgsym_4.6.5+dfsg-4_amd64.deb 2580901ddc6dcb5c7e18b4586d720359 5283396 libs optional samba-libs_4.6.5+dfsg-4_amd64.deb 7ff88017ae52bd7c5fb333ef27c99ccc 5565274 debug extra samba-testsuite-dbgsym_4.6.5+dfsg-4_amd64.deb 8da2f2c650d894aa1b236149c6328d57 1795780 net optional samba-testsuite_4.6.5+dfsg-4_amd64.deb 43eb2c26380a38a7e194ba8bf5a43627 1336924 debug extra samba-vfs-modules-dbgsym_4.6.5+dfsg-4_amd64.deb a948af843245eefb92cda0f9bb599023 389044 net optional samba-vfs-modules_4.6.5+dfsg-4_amd64.deb 4f5a87abb089eb313b26d541982641a0 20590 net optional samba_4.6.5+dfsg-4_amd64.buildinfo d89121180529eb4de391e35e532eb7ee 936844 net optional samba_4.6.5+dfsg-4_amd64.deb 1fc7e23eb65d7bc049cc68464c0a8846 1256560 debug extra smbclient-dbgsym_4.6.5+dfsg-4_amd64.deb 64028c544ffda294c298698153c3d822 442308 net optional smbclient_4.6.5+dfsg-4_amd64.deb b69e52cddcadaa3a2c93aaa2daf90b73 1793108 debug extra winbind-dbgsym_4.6.5+dfsg-4_amd64.deb f035e1e11408cd6e8d3672565c19bd1d 533196 net optional winbind_4.6.5+dfsg-4_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEqIGbPTP9weQZ135HrgOYBGZoH6UFAllnr3AACgkQrgOYBGZo H6Xqtg//XcYQmlJPMZ0c447fdul9SztrafjQHBHxu3f4Ltr+PQ+1YCagtUBFk/Fq lkemMG1cBCWgFjXZvU2yeT2uZ2IxDWM/i7i5Ps1tzjzbMHISwMTOEIiD6CdMrYgA gqVSnNdMaqh03qwdmZZQXfr7tqb+ETYEA/32coLISCQmLOxueHMMfBQdwv8AoRIJ oQ77C8e5LfC+q1HbDJpNG/cS+sARNOB6EUHMT54kv7bHeOr86uevzCQsSR8q5jER rwgMlmc4Avl1upkhHKBTfKwO5W/ZxxuxnGJe1xNeXRC6NNy3jIM0aVqsMsDr2BDt kR+AXe1VZEI2Mb+StsmLa8gh/L3pnOjNR6cvAQKXkYA9OXulC0RmQQvgBla8yL6u u/AiRRwZ8l257XlJlq6WdseO1fHJwG0zc4WbgyY4sTBabe6EuppDLU8cBTumG22I gq+/K/CJ/j3PpvFT8GONjb1J6S6/MmTHOOHCIpYYVndAkVn2NyLT5HD4FLvZX9ii J2n2cWL7Ys3GdtqPUEW5JLhQmkRy3XlkqSLI++54LLKOWWWNsZh9Wabk8aWH6vY5 olPSa+v5LBXFWz5AGmHHnOaDHaQtyliSU8pCef//uah4lPEIAd8IQQIoc4H0j82R 5wyW+W2EsBWX8wj/54plmqRfboDo+K1jslQAaPxVzimHMMYKuIs= =/Od3 -----END PGP SIGNATURE-----
--- End Message ---
