samba (2:4.10.0+dfsg-0ubuntu3) eoan; urgency=medium
* SECURITY UPDATE: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum
- debian/patches/CVE-2018-16860-1.patch: add test for S4U2Self with
unkeyed checksum in selftest/knownfail.d/mitm-s4u2self,
source4/torture/krb5/kdc-canon-heimdal.c.
- debian/patches/CVE-2018-16860-2.patch: reject PA-S4U2Self with
unkeyed checksum in selftest/knownfail.d/mitm-s4u2self,
source4/heimdal/kdc/krb5tgs.c.
- CVE-2018-16860
-- Marc Deslauriers <email address hidden> Tue, 14 May 2019 09:10:24 -0400