On [Tue, 17.11.2020 10:49], Robbie Harwood via FreeIPA-users wrote:
Alexander Bokovoy <[email protected]> writes:Details for CVE-2020-17049 are still not public so we can only guess what is the problem. It also means MIT Kerberos cannot be fixed unless we'll get to know what is the real problem. Robbie, was this raised with the upstream beyond our recent discussion on #kerberos?To my knowledge Microsoft has not been in contact with us about this vulnerability. Reporting so far suggests that it's a Microsoft-specific issue - i.e., MIT and other Kerberos implementations are not affected. Affected by the vulnerability, that is. There is of course this known issue with Linux clients; my reading of https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-20h2#1522msgdesc is that they plan to fix this on their side somehow.
Microsoft resolved this issue with the release of KB4594440: https://support.microsoft.com/en-us/help/4594440/windows-10-update-kb4594440 Cheers, Thorsten
signature.asc
Description: PGP signature
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
