summaryrefslogtreecommitdiff
path: root/source4
Commit message (Expand)AuthorAgeFilesLines
* kdc: avoid re-encoding KDC-REQ-BODYLuke Howard2022-12-153-36/+5
* CVE-2022-37966 s4:kdc: apply restrictions of "kdc supported enctypes"Stefan Metzmacher2022-12-141-2/+10
* CVE-2022-37966 param: let "kdc default domain supportedenctypes = 0" mean the...Stefan Metzmacher2022-12-141-1/+5
* CVE-2022-37966 s4:kdc: announce PA-SUPPORTED-ETYPES like windows.Stefan Metzmacher2022-12-143-70/+152
* CVE-2022-37966 s4:libnet: allow python bindings to force setting an nthash vi...Stefan Metzmacher2022-12-141-3/+15
* CVE-2022-37966 s4:libnet: add support LIBNET_SET_PASSWORD_SAMR_HANDLE_18 to s...Stefan Metzmacher2022-12-142-0/+76
* CVE-2022-37966 s4:libnet: initialize libnet_SetPassword() arguments explicitl...Stefan Metzmacher2022-12-142-2/+4
* CVE-2022-37966 s4:kdc: use the strongest possible keysStefan Metzmacher2022-12-141-15/+8
* CVE-2022-37966 s4:pydsdb: add ENC_HMAC_SHA1_96_AES256_SKStefan Metzmacher2022-12-141-0/+1
* CVE-2022-37966 kdc: Assume trust objects support AES by defaultJoseph Sutton2022-12-141-1/+2
* CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HM...Andrew Bartlett2022-12-148-24/+286
* CVE-2022-37966 s4:torture: Expect referral ticket enc-part encrypted with AES...Joseph Sutton2022-12-141-19/+31
* CVE-2022-37966 Fix enctype selection issues for PAC and other authz-data sign...Nicolas Williams2022-12-141-24/+33
* CVE-2022-37966 selftest: Run S4U tests against FL2003 DCJoseph Sutton2022-12-141-2/+7
* CVE-2022-37966 selftest: Add tests for Kerberos session key behaviour since E...Joseph Sutton2022-12-141-4/+12
* CVE-2022-37966 third_party/heimdal: Fix error message typoJoseph Sutton2022-12-141-1/+1
* CVE-2022-37967 Add new PAC checksumJoseph Sutton2022-12-146-35/+188
* CVE-2022-37966 HEIMDAL: Look up the server keys to combine with clients etype...Andrew Bartlett2022-12-141-1/+1
* CVE-2022-37966 tests/krb5: Add a test requesting tickets with various encrypt...Joseph Sutton2022-12-141-0/+4
* CVE-2022-37966 s4:kdc: Move supported enc-type handling out of samba_kdc_mess...Andrew Bartlett2022-12-141-35/+40
* CVE-2022-37966 s4:kdc: Set supported enctypes in KDC entryJoseph Sutton2022-12-142-4/+27
* CVE-2022-38023 s4:rpc_server/netlogon: implement "server schannel require sea...Stefan Metzmacher2022-12-141-1/+243
* CVE-2022-38023 s4:rpc_server/netlogon: add a per connection cache to dcesrv_n...Stefan Metzmacher2022-12-141-40/+153
* CVE-2022-38023 s4:rpc_server/netlogon: make sure all dcesrv_netr_LogonSamLogo...Stefan Metzmacher2022-12-141-7/+29
* CVE-2022-38023 s4:rpc_server/netlogon: split out dcesrv_netr_check_schannel()...Stefan Metzmacher2022-12-141-33/+51
* CVE-2022-38023 s4:rpc_server/netlogon: debug 'reject md5 servers' and 'allow ...Stefan Metzmacher2022-12-141-0/+121
* CVE-2022-38023 s4:rpc_server/netlogon: add 'server reject md5 schannel:COMPUT...Stefan Metzmacher2022-12-141-3/+55
* CVE-2022-38023 s4:rpc_server/netlogon: defer downgrade check until we found t...Stefan Metzmacher2022-12-141-23/+53
* CVE-2022-38023 s4:rpc_server/netlogon: split out dcesrv_netr_ServerAuthentica...Stefan Metzmacher2022-12-131-47/+67
* CVE-2022-38023 s4:torture: use NETLOGON_NEG_SUPPORTS_AES by defaultStefan Metzmacher2022-12-134-18/+27
* CVE-2022-38023 s4:rpc_server/netlogon: improve CVE-2020-1472(ZeroLogon) debug...Stefan Metzmacher2022-12-131-41/+106
* CVE-2022-38023 s4:rpc_server/netlogon: re-order checking in dcesrv_netr_creds...Stefan Metzmacher2022-12-131-22/+19
* CVE-2022-38023 s4:rpc_server/netlogon: add talloc_stackframe() to dcesrv_netr...Stefan Metzmacher2022-12-131-13/+19
* CVE-2022-38023 s4:rpc_server/netlogon: add a lp_ctx variable to dcesrv_netr_c...Stefan Metzmacher2022-12-131-3/+4
* CVE-2022-38023 s4:rpc_server/netlogon: 'server schannel != yes' warning to dc...Stefan Metzmacher2022-12-131-11/+15
* CVE-2022-45141 source4/heimdal: Fix check-desNicolas Williams2022-12-071-3/+12
* CVE-2022-45141 source4/heimdal: Fix TGS ticket enc-part key selectionNicolas Williams2022-12-071-5/+2
* CVE-2022-44640 source4/heimdal: Fix use-after-free when decoding PA-ENC-TS-ENCJoseph Sutton2022-12-071-1/+2
* CVE-2022-44640 HEIMDAL: asn1: Invalid free in ASN.1 codecNicolas Williams2022-12-072-6/+13
* CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64 on systems where 'unsi...Stefan Metzmacher2022-11-231-1/+1
* CVE-2022-42898 source4/heimdal: PAC parse integer overflowsJoseph Sutton2022-11-151-199/+384
* CVE-2022-42898 source4/heimdal: Round #2 of scan-build warnings cleanupNicolas Williams2022-11-151-0/+1
* CVE-2022-42898 source4/heimdal: Add krb5_ret/store_[u]int64()Nicolas Williams2022-11-153-16/+133
* CVE-2022-42898 source4/heimdal: Add bswap64()Nicolas Williams2022-11-153-0/+23
* CVE-2022-3437 source4/heimdal: Pass correct length to _gssapi_verify_pad()Joseph Sutton2022-10-241-2/+2
* CVE-2022-3437 source4/heimdal: Check for overflow in _gsskrb5_get_mech()Joseph Sutton2022-10-241-0/+2
* CVE-2022-3437 source4/heimdal: Check buffer length against overflow for DES{,...Joseph Sutton2022-10-241-0/+14
* CVE-2022-3437 source4/heimdal: Check the result of _gsskrb5_get_mech()Joseph Sutton2022-10-241-0/+4
* CVE-2022-3437 source4/heimdal: Avoid undefined behaviour in _gssapi_verify_pad()Joseph Sutton2022-10-241-3/+3
* CVE-2022-3437 source4/heimdal: Don't pass NULL pointers to memcpy() in DES un...Joseph Sutton2022-10-241-6/+8
View Lorry Controller Status