Samba 4.16.7 (gzipped)
Signature
Patch (gzipped) against Samba 4.16.6
Signature
==============================
Release Notes for Samba 4.16.7
November 15, 2022
==============================
This is a security release in order to address the following defects:
o CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against
integer overflows when parsing a PAC on a 32-bit system, which
allowed an attacker with a forged PAC to corrupt the heap.
https://www.samba.org/samba/security/CVE-2022-42898.html
Changes since 4.16.6
--------------------
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15203: CVE-2022-42898
o Nicolas Williams <nico@twosigma.com>
* BUG 15203: CVE-2022-42898