search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 4acabb3) | patch
CVE-2023-0922 set default ldap client sasl wrapping to seal
commit6736fc0cff07162299ee68aabef81c3d0cda204d
authorRob van der Linde <rob@catalyst.net.nz>
Mon, 27 Feb 2023 01:06:23 +0000 (27 14:06 +1300)
committerJule Anger <janger@samba.org>
Mon, 20 Mar 2023 09:04:44 +0000 (20 10:04 +0100)
tree597a388c9522a032e6329aac4fbabb615493c0eatree | snapshot (tar.gz zip)
parent4acabb3c285615c7a5b6155760a9f301b190a9d7commit | diff
CVE-2023-0922 set default ldap client sasl wrapping to seal

This avoids sending new or reset passwords in the clear
(integrity protected only) from samba-tool in particular.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15315

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml diff | blob | blame | history
lib/param/loadparm.c diff | blob | blame | history
python/samba/tests/auth_log.py diff | blob | blame | history
source3/param/loadparm.c diff | blob | blame | history
Samba GIT mirror