[cifs-protocol] [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280

Jeff McCashland (He/him) jeffm at microsoft.com
Wed Apr 10 01:20:24 UTC 2024 

Sending again, as I received an error that the Samba server rejected my message as spam.

Thank you for your question. We have created SR 2404100040000280 to track this issue. One of our engineers will respond soon.

Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team

Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)

Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300



________________________________
From: Jeff McCashland (He/him) <jeffm at microsoft.com>
Sent: Tuesday, April 9, 2024 6:13 PM
To: Andrew Bartlett <abartlet at samba.org>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: [MS-KILE] PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056 - TrackingID#2404100040000280

[DocHelp to BCC, support on CC, Updated Subject w/SR ID]

Hi Andrew,

Thank you for your question. We have created SR 2404100040000280 to track this issue. One of our engineers will respond soon.


Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team

Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)

Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300



________________________________
From: Andrew Bartlett <abartlet at samba.org>
Sent: Tuesday, April 9, 2024 4:52 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>
Subject: [EXTERNAL] Looking for missing documentation (MS-KILE?) for CVE-2024-21427, CVE-2024-20674 and PAC signature changes

Kia Ora Dochelp,

Recently I saw "KB5037754: How to manage PAC Validation changes related
to CVE-2024-26248 and CVE-2024-29056" was published.

Can I have a pointer to the new NETLOGON behaviour and the new
structures for the SamLogon PAC validation, and the new required
behaviours so a Samba AD DC can handle this?

I don't see any errata that looks relevant yet.

Thanks,

Andrew Bartlett
--

Andrew Bartlett (he/him)       https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abartlet%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148287662%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=DoJv%2Fk%2FvbO065BiRFszlshQA22xOg48Dog5Slvkf%2BwU%3D&reserved=0<https://samba.org/~abartlet/>
Samba Team Member (since 2001) https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148294830%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=iqXfl5Npw3y8oT3gCVqhg1tMa7RBaWrmDS1yNY%2FDhS8%3D&reserved=0<https://samba.org/>
Samba Team Lead                https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148298984%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=7iA%2F%2FgX1QA6n04F9d7nsyTdPCEYJ1abbGket9g4b1E8%3D&reserved=0<https://catalyst.net.nz/services/samba>
Catalyst.Net Ltd


Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company

Samba Development and Support: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C02%7Cjeffm%40microsoft.com%7Cb2822682bbe44e3d0d1408dc58f0416f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638483036148301821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=NvjLgvKGmHyq%2FQkJX2DrxX62nsmQEa4G4e%2BzkgRCMJc%3D&reserved=0<https://catalyst.net.nz/services/samba>

Catalyst IT - Expert Open Source Solutions



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20240410/8bdb4b45/attachment.htm>

More information about the cifs-protocol mailing list