[Samba] Latest Ubuntu 16.04 samba upgrade breaks external ldap auth (CVE-2020-10704)
Andrew Bartlett
abartlet at samba.org
Wed Apr 29 09:10:26 UTC 2020
On Wed, 2020-04-29 at 08:57 +0100, Rowland penny via samba wrote:
> On 29/04/2020 08:26, Lorenzo Milesi via samba wrote:
> > Latest Samba4 upgrade (4.3.11+dfsg-0ubuntu0.16.04.26) broke external LDAP auth probably with the following error:
> >
> > LDAP request size (81) exceeds (0)
> >
> > samba-tool outputs the following when ran:
> >
> > Unknown parameter encountered: "ldap max anonymous request size"
> > Ignoring unknown parameter "ldap max anonymous request size"
> > Unknown parameter encountered: "ldap max authenticated request size"
> > Ignoring unknown parameter "ldap max authenticated request size"
> > Unknown parameter encountered: "ldap max search request size"
> > Ignoring unknown parameter "ldap max search request size"
> >
> > These params aren't defined anywhere, and even if placed in smb.conf the error won't change.
> >
> > Any workaround for this old version?
> >
> > thanks
> >
> >
> > https://changelogs.ubuntu.com/changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.26/changelog
> >
> If you are having problems with this on 4.3.11, then you need to raise a
> bug report to Ubuntu.
>
> Samba has provided patches for 4.10, 4.11 and 4.12, Ubuntu must have
> backported these to 4.3.11
Rowland is correct here.
>From the description this looks like an untested backport.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list