Your message dated Sun, 06 Aug 2017 15:17:37 +0000 with message-id <e1denjb-0006kg...@fasolo.debian.org> and subject line Bug#868209: fixed in samba 2:4.2.14+dfsg-0+deb8u7 has caused the Debian Bug report #868209, regarding CVE-2017-11103: MitM attack, impersonation of the Kerberos client, known as Orpheus Lyre to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 868209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: samba Severity: grave Tags: security patch Version: 2:4.1.11+dfsg-1 Hi, the following vulnerability was published for samba (due to its embedded copy of heimdal). I checked the build logs for unstable and apparently it does use this copy (I don't know the status for older releases). CVE-2017-11103[0]: MitM attack, impersonation of the Kerberos client, know as Orpheus Lyre A dedicated website is here: https://orpheus-lyre.info/ The samba announce and patch are here: https://www.samba.org/samba/security/CVE-2017-11103.html https://download.samba.org/pub/samba/patches/security/samba-4.x.y-CVE-2017-11103.patch If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-11103 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 Please adjust the affected versions in the BTS as needed. -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---
--- Begin Message ---Source: samba Source-Version: 2:4.2.14+dfsg-0+deb8u7 We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 868...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mathieu Parent <sath...@debian.org> (supplier of updated samba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 Jul 2017 15:00:29 +0200 Source: samba Binary: samba samba-libs samba-common samba-common-bin smbclient samba-testsuite registry-tools libparse-pidl-perl samba-dev samba-doc python-samba samba-dsdb-modules samba-vfs-modules libpam-smbpass libsmbclient libsmbclient-dev winbind libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb Architecture: source amd64 all Version: 2:4.2.14+dfsg-0+deb8u7 Distribution: jessie-security Urgency: high Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Mathieu Parent <sath...@debian.org> Description: ctdb - clustered database to store temporary data libnss-winbind - Samba nameservice integration plugins libpam-smbpass - pluggable authentication module for Samba libpam-winbind - Windows domain authentication integration plugin libparse-pidl-perl - IDL compiler written in Perl libsmbclient - shared library for communication with SMB/CIFS servers libsmbclient-dev - development files for libsmbclient libwbclient-dev - Samba winbind client library - development files libwbclient0 - Samba winbind client library python-samba - Python bindings for Samba registry-tools - tools for viewing and manipulating the Windows registry samba - SMB/CIFS file, print, and login server for Unix samba-common - common files used by both the Samba server and client samba-common-bin - Samba common files used by both the server and the client samba-dbg - Samba debugging symbols samba-dev - tools for extending Samba samba-doc - Samba documentation samba-dsdb-modules - Samba Directory Services Database samba-libs - Samba core libraries samba-testsuite - test suite from Samba samba-vfs-modules - Samba Virtual FileSystem plugins smbclient - command-line SMB/CIFS clients for Unix winbind - service to resolve user and group information from Windows NT ser Closes: 868209 Changes: samba (2:4.2.14+dfsg-0+deb8u7) jessie-security; urgency=high . * This is a security release in order to address the following defect: - CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation (Closes: #868209) Checksums-Sha1: 1c028e4a72352d5a35921ee19e13dbc0fb25f29f 4188 samba_4.2.14+dfsg-0+deb8u7.dsc 75c480c6b950d9874bc2c562c5bea9c0bd896bb4 260836 samba_4.2.14+dfsg-0+deb8u7.debian.tar.xz 9ac60e78650f3b3ba65f2cf8449ff974f43de7d7 509706 ctdb_4.2.14+dfsg-0+deb8u7_amd64.deb d8b0051ec6c93c986948222e5b8a1cebb166df1d 107232 libnss-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb b6324dd9fac0e85dcbcf5b0fa8a81ec0624d1572 111390 libpam-smbpass_4.2.14+dfsg-0+deb8u7_amd64.deb 4c65e0376d699d5a40636d055c358460d55bad0b 122752 libpam-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb 12b475af9d1e68deff2370aad1085730fa34f03a 184730 libparse-pidl-perl_4.2.14+dfsg-0+deb8u7_amd64.deb d6ec8fc2d28c249eda19bb6cfab008b0b84fe6af 134708 libsmbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 04983791a7c42f3ffe3fb12771e16c312bd53b4f 145978 libsmbclient_4.2.14+dfsg-0+deb8u7_amd64.deb c26229fcd1251834a5de8c9a61b81361b4498308 107266 libwbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 8f883c20759ff339381561918984e0fa254ffb48 121000 libwbclient0_4.2.14+dfsg-0+deb8u7_amd64.deb 3d7a6a4411fec5b1f51e37bed785059c813bc612 1045544 python-samba_4.2.14+dfsg-0+deb8u7_amd64.deb fd13e9d3a075daadae4fd5c45bf65f72d584be97 123008 registry-tools_4.2.14+dfsg-0+deb8u7_amd64.deb f7b42b39721552b7d70538174bda2f1592184ec8 611090 samba-common-bin_4.2.14+dfsg-0+deb8u7_amd64.deb 78c273adcd6a71931778a350d006768c2942c8e6 264022 samba-common_4.2.14+dfsg-0+deb8u7_all.deb 04fef24b1f5f0b57e69caf269834eb194aeedce4 37364338 samba-dbg_4.2.14+dfsg-0+deb8u7_amd64.deb 68fa5ff1a9028a6cc786ba5068e33ba6fec47a31 335572 samba-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 01bf372379dfcd0f6e392ebcf2ec758cf07f9a01 319984 samba-doc_4.2.14+dfsg-0+deb8u7_all.deb fa96205a12c1c02d87ac9f40d5655009efe49348 301308 samba-dsdb-modules_4.2.14+dfsg-0+deb8u7_amd64.deb 5d611eb72dff529ab57ec38062e711a0451b4153 5041146 samba-libs_4.2.14+dfsg-0+deb8u7_amd64.deb 15bc92415daf452e06d19c8b5d8f379fd4fd77f4 1561050 samba-testsuite_4.2.14+dfsg-0+deb8u7_amd64.deb 08fe4bd910d284849dd82161d7ca01f9aef766c7 324770 samba-vfs-modules_4.2.14+dfsg-0+deb8u7_amd64.deb 2ac16d57e2142806edb79672e3e7873f92c1cc82 17125 samba_4.2.14+dfsg-0+deb8u7_amd64.buildinfo d66fb8f2a312bc501236bbb760b20370f101aeea 1013840 samba_4.2.14+dfsg-0+deb8u7_amd64.deb 2a9396de5ffc8b0ede9380726ce4ec35faf24a74 341432 smbclient_4.2.14+dfsg-0+deb8u7_amd64.deb e69e928a1a4a0e56c1cb7167df1da7f1a8709188 491548 winbind_4.2.14+dfsg-0+deb8u7_amd64.deb Checksums-Sha256: 0e7028f037e32efe68c6a427da8434a19fe73a0ed941a625ce108dc25eabda00 4188 samba_4.2.14+dfsg-0+deb8u7.dsc b2f68dd3341620de7a42178a5a8cf1feaf167b1d82c92388a7feba22003bb8df 260836 samba_4.2.14+dfsg-0+deb8u7.debian.tar.xz 98bb47ef81a368fce30bfad2d934c32d528bd317fd5fbccf461ea3a1c7b69aa2 509706 ctdb_4.2.14+dfsg-0+deb8u7_amd64.deb 25cfae4f34a9db8ca2c1a4cc0e498ba97cb30bb93c0caeee0f3cb90ad84dd18c 107232 libnss-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb 2ca0a2974320c9fb74cce170c584bc1240a1786cc3d10dab1adea1f01e420b77 111390 libpam-smbpass_4.2.14+dfsg-0+deb8u7_amd64.deb e3d93a636abf7824c2ec626fc79a6ace1938507d86c0d7958cae19efd5242cb2 122752 libpam-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb 7d33993f4446267082439eaff333a9e987d13168737a7c1004d45fed3ce5d628 184730 libparse-pidl-perl_4.2.14+dfsg-0+deb8u7_amd64.deb 1691c9383d128805c779536fdb27a43d42cfac61c7820e50c3fc708e58ea8400 134708 libsmbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb bfa5a4b0d5cc00385b07510170adda306d04a5911f59493876b727b9e3aba997 145978 libsmbclient_4.2.14+dfsg-0+deb8u7_amd64.deb 4b80e579f250d0faff0d5afb01f620ade72d2743c49dbf8280c24de7ce766130 107266 libwbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 67124880d2835b17c8c75c34fc65a7fcf2a311458493bcd4d77a40066d70ffe2 121000 libwbclient0_4.2.14+dfsg-0+deb8u7_amd64.deb 08ed6ba5a465717f908dd6dd91a429494f9b222e2b7215dd224b2f7f4d9101f6 1045544 python-samba_4.2.14+dfsg-0+deb8u7_amd64.deb 3b08c6609804373a09c577967688a5a6ba3a14810a7e874519ae977c42468ab6 123008 registry-tools_4.2.14+dfsg-0+deb8u7_amd64.deb d6777788257d5ee9f977ee82f23694ab2698402c9f9efe73ceadd7a97443ce12 611090 samba-common-bin_4.2.14+dfsg-0+deb8u7_amd64.deb a3eff3c6c2cff029f80e940956c3cbf971ad8aa32f750f3d04efc1e9e6337666 264022 samba-common_4.2.14+dfsg-0+deb8u7_all.deb 066c5168c68cf28ce4fb81a575713a4cf18e9dabd11e9aa21a5fc7bc364b0b57 37364338 samba-dbg_4.2.14+dfsg-0+deb8u7_amd64.deb 6256ade46e12f0db05d88664bdefb0b3b1b1c95a697d6de7f4433e6086462857 335572 samba-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 9d536c443795230fac82df5bef7ad3733f0ef2ee5605bf29c2efaee13e53eda3 319984 samba-doc_4.2.14+dfsg-0+deb8u7_all.deb 29cbbb013f78aded9df77d3fdf43df61e1f6211f142a622b1f5bae314d402a08 301308 samba-dsdb-modules_4.2.14+dfsg-0+deb8u7_amd64.deb 53e6bd75dad1e82fa83ac6a02857dbca8ce223cb99176cb6f54c744a471a052e 5041146 samba-libs_4.2.14+dfsg-0+deb8u7_amd64.deb 82e83673184fd1a1726165a0443329ee51c73d83cf5ef32fdbe32a3558514db0 1561050 samba-testsuite_4.2.14+dfsg-0+deb8u7_amd64.deb f97e489ec1e1153457626bd8df4133545f78ec3149fc5976cfb66a32d6b9b02d 324770 samba-vfs-modules_4.2.14+dfsg-0+deb8u7_amd64.deb 11a5e5d4cde62d16ffdf5b927e32507758a69118e350b1a5a9ce3b3851ed4410 17125 samba_4.2.14+dfsg-0+deb8u7_amd64.buildinfo 0d954e83420a2caea53ff4a9558b8d01b0422cdf4214dc5e778056c2abf0f102 1013840 samba_4.2.14+dfsg-0+deb8u7_amd64.deb 3d94dcb187d6c0c84994ed5592fcb8aa507d3e17a78dbcccd1c137fbd87cd4f7 341432 smbclient_4.2.14+dfsg-0+deb8u7_amd64.deb 20404872d37aef2a6f9f25922734ee7504163fa36a78758977578528f45251ac 491548 winbind_4.2.14+dfsg-0+deb8u7_amd64.deb Files: 40c68e6cae1a93b240ad78b6341ea09e 4188 net optional samba_4.2.14+dfsg-0+deb8u7.dsc 082158481f8d6c35ff9163b5806968a4 260836 net optional samba_4.2.14+dfsg-0+deb8u7.debian.tar.xz 45f532bb45d2cdb5603325f51acc0d7c 509706 net optional ctdb_4.2.14+dfsg-0+deb8u7_amd64.deb 83eaddf3840f9fbc08b6bdb1f1747c60 107232 net optional libnss-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb 901809cd75900662750d1feecb6e3a3c 111390 admin extra libpam-smbpass_4.2.14+dfsg-0+deb8u7_amd64.deb e222c08a12e156e398b399d75bfe27cf 122752 net optional libpam-winbind_4.2.14+dfsg-0+deb8u7_amd64.deb 38294f83e3307ba1b999e10a9d1b2bd5 184730 perl optional libparse-pidl-perl_4.2.14+dfsg-0+deb8u7_amd64.deb 202769de91fdca84fc9fcc570748a10b 134708 libdevel extra libsmbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb ac57e925dc73818c82b1d7a3ba87ca6b 145978 libs optional libsmbclient_4.2.14+dfsg-0+deb8u7_amd64.deb e0ff4bd5b4094ab92f6a69449fe53f0f 107266 libdevel optional libwbclient-dev_4.2.14+dfsg-0+deb8u7_amd64.deb 29743197a52590e60c4386079dc12508 121000 libs optional libwbclient0_4.2.14+dfsg-0+deb8u7_amd64.deb f49494ed812b4fcfd7c814c823ee7ca5 1045544 python optional python-samba_4.2.14+dfsg-0+deb8u7_amd64.deb 3e83b08209594f4e37760aa8a932af5b 123008 net optional registry-tools_4.2.14+dfsg-0+deb8u7_amd64.deb ac9ce0ce5b7e0022c17a2439912f6de3 611090 net optional samba-common-bin_4.2.14+dfsg-0+deb8u7_amd64.deb 76ff2653f49827c2c37e4898bc19082f 264022 net optional samba-common_4.2.14+dfsg-0+deb8u7_all.deb bf574b4daad2d83ce8e2222edb1048bf 37364338 debug extra samba-dbg_4.2.14+dfsg-0+deb8u7_amd64.deb a1aa92dbce5396efd007ce8ab40208ff 335572 devel optional samba-dev_4.2.14+dfsg-0+deb8u7_amd64.deb fa335b6c2d2ece9e64293c236e94fc53 319984 doc optional samba-doc_4.2.14+dfsg-0+deb8u7_all.deb e1d277446b192ab916c595c6445cdd23 301308 libs optional samba-dsdb-modules_4.2.14+dfsg-0+deb8u7_amd64.deb 6d67740c85f01860e5965dfa816e31e3 5041146 libs optional samba-libs_4.2.14+dfsg-0+deb8u7_amd64.deb 601f0f2885316109ac4ea093a40855c7 1561050 net optional samba-testsuite_4.2.14+dfsg-0+deb8u7_amd64.deb 983f3f0ee267b93631ba152f34d3c7ee 324770 net optional samba-vfs-modules_4.2.14+dfsg-0+deb8u7_amd64.deb fdd4cc75c2db405204343a6b4a6ceed0 17125 net optional samba_4.2.14+dfsg-0+deb8u7_amd64.buildinfo f9274d553d12ba226c1951aa197cdd2b 1013840 net optional samba_4.2.14+dfsg-0+deb8u7_amd64.deb 8338aebe7e94e4ce4523109d52e806f4 341432 net optional smbclient_4.2.14+dfsg-0+deb8u7_amd64.deb 9d7a59edfcfb35bfe46c1ae8a271b67f 491548 net optional winbind_4.2.14+dfsg-0+deb8u7_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEqIGbPTP9weQZ135HrgOYBGZoH6UFAllnr80ACgkQrgOYBGZo H6WnTA/+K3DKBZx6W4TVkWkt9Q6EDOqJPyF8W2ZPtW6pxwoP50mSdMs80QY9qdbX sT3iWu/BowexqGNiSCWozsKypo6s/Qb7zurDA8t2m0naF911l233D5+PMpIaKXHA 0ovYS3on+m5Pk8QHhvIFI7y/HJeXWpkEK8fwmQgdAgOUMwq/nAEmLG6X185seP3a m0L9Zcu9jR6/2UxZj5s5ZCi5aL+H785aOQxeCMkscu8kfN/R1GOrGM0I1IiK/k5G ANWISx9T5tpFAyWVB7NwFm3NWWgTrGqSiy0qG8rXipEIE7biLaiGKHXnGNCkJNmo bF/iju+/A11cm4QnspQpAhSai9txk2tW3bw3R2ohJnCF4nsKt9JorNzZkN0k/Wrd TvP1AhWWLqDWNPAaY1zO8EH2cN6Tg+mcxGGeSs9r6JCwbj+rTU2JPf3Zu2JTrZNQ b/P6ZczuyOxck3AWDqRVGMiO9pCjpOnaQLl2vC4XrTSO6DDo2ncxddhDrPX4ae5D 83zueMBxAM/81VviarwY7COnpYs79OjNOgR8Am6rHQhyyn1/EJBhghPTPGkDLRPy dwtesBN+YxmbZSX08eZI8ADNG8IqIUxhDnwskqzxVB5t1tPRCVXf5Ro9XQrIXjix vk8CRfcMlGPOlbkQMwQkiVb8imPG++kZaywOnH+2lZREE9q2yXs= =Ep5I -----END PGP SIGNATURE-----
--- End Message ---
