CVE-2018-16853 WHATSNEW: The Samba AD DC, when build with MIT Kerberos is experimental
authorAndrew Bartlett <abartlet@samba.org>
Tue, 6 Nov 2018 00:40:48 +0000 (13:40 +1300)
committerKarolin Seeger <kseeger@samba.org>
Wed, 28 Nov 2018 07:22:24 +0000 (08:22 +0100)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13678

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
WHATSNEW.txt

index fc43edc..23a88c2 100644 (file)
@@ -78,6 +78,17 @@ Using the default sequence the restart delays (in seconds) are:
 REMOVED FEATURES
 ================
 
+MIT Kerberos build of the AD DC
+-------------------------------
+
+While not removed, the MIT Kerberos build of the Samba AD DC is still
+considered experimental.  Because Samba will not issue security
+patches for this configuration, such builds now require the explicit
+configure option: --with-experimental-mit-ad-dc
+
+For further details see
+https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
+
 samba_backup
 ------------