[Samba] CVE-2022-38023 and Samba versions
Jim Brand
JHBRAND at up.com
Fri Jun 9 19:28:15 UTC 2023
Just to clarify we are only running Samba file servers. And we would certainly add the workarounds in smb.conf
But will we have problems communicating with Windows domain controllers if we are still running samba-4.10 after July 2023? Per
https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25
the July Windows updates will enforce RPC sealing and RPC signing will not be allowed. Does Samba 4.10.16-20/24 use the sealing or the signing netlogon protocol talking to Windows DCs?
Thanks,
Jim
This email and any attachments may contain information that is confidential and/or privileged for the sole use of the intended recipient. Any use, review, disclosure, copying, distribution or reliance by others, and any forwarding of this email or its contents, without the express permission of the sender is strictly prohibited by law. If you are not the intended recipient, please contact the sender immediately, delete the e-mail and destroy all copies.
More information about the samba
mailing list