Page 1 of 1
SAMBA and KB5028166
Posted: 2023/08/03 20:42:41
by Whoever
This security update from Microsoft has broken PDC support in SAMBA.
https://bugzilla.samba.org/show_bug.cgi?id=15425
There are fixes underway in the SAMBA code, but will these make their way into CentOS 7? If not, will they go into CentOS Stream?
Re: SAMBA and KB5028166
Posted: 2023/08/03 21:47:34
by TrevorH
we are assured that an updated MS-NRPC will be published soon
Sounds like Microsoft are going to fix it.
Re: SAMBA and KB5028166
Posted: 2023/08/09 17:33:51
by Whoever
TrevorH wrote: ↑2023/08/03 21:47:34
we are assured that an updated MS-NRPC will be published soon
Sounds like Microsoft are going to fix it.
I don't think so. Microsoft just pushed out another update that contained the same breakage (KB5029244).
The "fix" is to update the specification, to document this new behavior.
Re: SAMBA and KB5028166
Posted: 2023/09/16 23:44:56
by Whoever
RedHat has pushed an update for this issue (samba-4.10.16-25.el7_9 and similar). Will we see this in CentOS?
Re: SAMBA and KB5028166
Posted: 2023/09/17 01:45:12
by TrevorH
It's in the build pipeline somewhere already.
Re: SAMBA and KB5028166
Posted: 2023/09/21 03:04:09
by Whoever
TrevorH wrote: ↑2023/09/17 01:45:12
It's in the build pipeline somewhere already.
It seems to be taking a lot of time to make its way through the build pipeline.
Re: SAMBA and KB5028166
Posted: 2023/09/21 12:09:54
by HenrykD
Out of curiosity, I installed Samba 4.10.16-25.el7_9 packages from Oracle Linux 7 in CentOS 7 and it works.
When logging in to Windows 10 with the latest KB5030211 patch (KB5028166 in July, KB5029244 in August),
there is no trust issue message.
Re: SAMBA and KB5028166
Posted: 2023/09/21 13:18:07
by TrevorH
I would suspect that 4.10.16-25 is the fixed version. The current CentOS 7 one is 4.10.16-24 though -25 is in QA nad pending release.
Re: SAMBA and KB5028166
Posted: 2023/09/23 19:18:37
by TrevorH
Released.