git.samba.org / abartlet / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4c7f847) | patch
CVE-2022-38023 docs-xml/smbdotconf: change 'reject md5 clients' default to yes
authorStefan Metzmacher <metze@samba.org>
Thu, 24 Nov 2022 17:26:18 +0000 (18:26 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 13 Dec 2022 13:07:29 +0000 (13:07 +0000)
commitc8e53394b98b128ed460a6111faf05dfbad980d1
treefe661c07e7adf340e12ba72de623cb678e3f033ctree
parent4c7f84798acd1e3218209d66d1a92e9f42954d51commit | diff
CVE-2022-38023 docs-xml/smbdotconf: change 'reject md5 clients' default to yes

AES is supported by Windows Server >= 2008R2, Windows (Client) >= 7 and Samba >= 4.0,
so there's no reason to allow md5 clients by default.
However some third party domain members may need it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
docs-xml/smbdotconf/logon/rejectmd5clients.xml diff | blob | history
lib/param/loadparm.c diff | blob | history
selftest/target/Samba4.pm diff | blob | history
source3/param/loadparm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.