Nov. 22, 2022 Evgeny Sinelnikov 4.16.7-alt1
- Update to maintenance release of Samba 4.16 (Samba#15203)
- Security fixes:
+ CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against
integer overflows when parsing a PAC on a 32-bit system, which
allowed an attacker with a forged PAC to corrupt the heap.
https://www.samba.org/samba/security/CVE-2022-42898.html
Workaround and mitigations:
* No workaround on 32-bit systems as an AD DC
* file servers are only impacted if in a non-AD domain
* 64-bit systems are not exploitable