FreeIPA 4.10.1 Denial Of Service / Information Disclosure

Summary: Specially crafted HTTP requests can read files in the DC server. And use keytab files for authorization for different kerberos principals. Tested FreeIPA version: ipa-server-4.10.1 Details The "user" parameter in the HTTP URI "/sip/session/loginpassword" is inserted into the "run" functi...

samba security, bug fix, and enhancement update

4.15.5-5 - resolves: rhbz2064325 - Fix 'create krb5 conf = yes' when a KDC has a single IP address. 4.15.5-4 - resolves: rhbz2057503 - Fix winbind kerberos ticket refresh 4.15.5-3 - related: rhbz1979959 - Fix typo in testparm output 4.15.5-2 - resolves: rhbz1979959 - Improve idmap autorid sanity...

samba security and bug fix update

4.10.16-17 - related: 2019673 - Add missing checks for IPA DC server role 4.10.16-16 - resolves: 2019661 - Fix CVE-2016-2124 - resolves: 2019673 - Fix CVE-2020-25717 - resolves: 2021428 - Add missing PAC buffer types to krb5pac.idl...

SUSE-SU-2020:1132-1 Security update for samba

This update for samba fixes the following issues: - CVE-2020-10704: Fixed a stack overflow in the AD DC CLDAP server bsc1169851...