It us understood that because Samba implements parts of S4U2Self and S4U2Proxy we need to follow Microsoft with the protocol changes made recently. https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-theory/ https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-attack/ https://support.microsoft.com/en-us/topic/managing-deployment-of-kerberos-s4u-changes-for-cve-2020-17049-569d60b7-3267-e2b0-7d9b-e46d770332ab Upstream work: https://github.com/krb5/krb5/pull/1159 https://github.com/heimdal/heimdal/pull/767
Because Samba doesn't implement "Protected Users", and only implements constrained delegation in terms of the service that can be delegated to, the remaining issue appears to be that UF_NOT_DELEGATED is not honoured. UF_NOT_DELEGATED controls the forwardable flag in the ticket, which is used to work out if this particular user should not be open for constrained delegation. Does anybody else have a different reading?
Isaac, I think I understood the plan to be for Heimdal and MIT Kerberos to start to match Windows and issue a PAC for all S4U2Self tickets and to include a signature over the whole ticket (including flags) in that PAC. That will, as with Windows, prevent modification of the forwardable flag, or anything else for that matter. Can you write up the plan with a focus for particular things I can do to progress this, at least for Heimdal (as this is the production KDC for now in Samba). In another place you said it was 'just a bunch of work' but I'm not clear exactly what remains to be done so I'm lost as to being able to assist. I don't mind if that advice is either on the MR or this Samba bug. Thanks!
> I think I understood the plan to be for Heimdal and MIT Kerberos to start to match Windows and issue a PAC for all S4U2Self tickets For all tickets, unless turned off by realm configuration, request padata, or the server DB entry. There is no way to tell whether a ticket will be used as an S4U2Self evidence ticket, and that's where we need the signature.
(In reply to Andrew Bartlett from comment #1) The main issue is that UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION flag (set via samba-tool on an account) has no real effect because it can be forged. That and the UF_NOT_DELEGATED you mentioned, as the both use the same mechanism, that is the forwardable flag. How about a call to sync on this?
We don't seem to be trying to keep the fact that we are working on this very private for various good reasons, including in particular the need to land intrusive patches in the upstream projects. Given all that should we just make this bug public?
(In reply to Andrew Bartlett from comment #5) > Given all that should we just make this bug public? This has been made public as a protocol defect, so yeah we should make this bug public IMO.
Thanks, I agree. As the patches and tests for this are being developed in public and will be landed in master first, a private bug is not as useful. Removing embargo.
This bug was referenced in samba master: 4ba5e82ae53410ec9a0bc7d47b181a88c15d9387 a5186f92803009c81eca2957e1bf2eb0ff7b6dff 0e99382d73f44eed7e19e83e430938d587e762d0 c9fd8ffd8927ef42fd555e690f966f65aa01332e 943079fd94fec66cdc2ba4ea1b2beb2971473004 a99a76722d6046a5d63032e3d2bb3f791da948a6 c2bbe774ce03661666a1f48922a9ab681ef4f64b 19a2af02f57d99db8ed3c6b028c3abdf4b553700 7bc52cecb442c4bcbd39372a8b98bb033e4d1540 a5bf7aad54b7053417a24ae0918ee42ceed7bf21 af633992e31e839cdd7f77740c1f25d129be2f79 3cc9e77f38f6698aa01abca4285a520c7c0cd2ac ef5666bc51ca80e1acdadd525a9c61762756c8e3 35292bd32225b39ad7a03c3aa53027458f0671eb
This bug was referenced in samba master: a281ae09bcf35277c830c4112567c72233fd66b8 0061fa2c2a26d990ed2e47441bca8797fc9be356 2a4d53dc12aa785f696e53ae3376f67375ce455f 1f0654b8facf3b9b2288d2569a573ff3a5ca4a82 1a3426da54463c3e454c1b76c3df4e96882e6aa9 6403a09d94ab54f89d6e50601ae6b19ab7e6aae7 a5e62d681d81a422bac7bd89dc27ef2314d77457 3504e99dc5bcc206ca2964012b7fdca541555416 c226029655ca361560d93298a6729a021f2f6b75 7645dfa5bedee7ef3f7debbf0fa7600bd1c4bd79 5d3a135c2326edc9ca8f56bea24d2f52320f4fd6 2d69805b1e3a8022f1418605e5f29ae0bbaa4a06 4ecfa82e71b0dd5b71aa97973033c5c72257a0c3 035a8f198555ad1eedf8e2e6c565fbbbe4fbe7ce 59c1043be25b92db75ab5676601cb15426ef37a3 6193f7433b15579aa32b26a146287923c9d3844d 419e4061ced466ec7e5e23f815823b540ef4751c a562882b15125902c5d89f094b8c9b1150f5d010 ec95b3042bf2649c0600cafb12818c27242b5098
This bug was referenced in samba master: 12b5e72a35d632516980f6c051a5d83f913079e7 1fcde7cb6ce50e0a08097841e92476f320560664 4c67a53cdca206a118e82b356db0faf0ddc011ab 7cedd383bcc1b5652ea65817b464d6e0485c7b8b 432eba9e09849e74f4c0f2d7826d45cbd2b7ce42 b6eaf2cf44fb66d8f302d4cab050827a67de3ea4 14cd933a9d6af08deb680c9f688b166138d45ed9 054ec1a8cc4ae42918c7c06ef9c66c8a81242655 38b4b334caf1b32f1479db3ada48b2028946f5e6 9d01043042f1caac98a23cf4d9aa9a02a31a9239 f9284d8517edd9ffd96f0c24166a16366f97de8f f2f1f3a1e9269f0e7b93006bba2368a6ffbecc7c 394e8db261b10d130c5e5730989bf68f9bf4f85f 1458cd9065de34c42bd5ec63feb2f66c25103982 ea7b550a500d9e458498d37688b67dafd3d9509d c0b81f0dd54d0d71b5d0f5a870b505e82d0e85b8 5b331443d0698256ee7fcc040a1ab8137efe925d
This bug was referenced in samba v4-15-test: db294baff360f1c44c05798f6cda4584166adfd7 e52ddfbe5728487cb2c8b8ceeb2f63c5c15a7541 eb28bd54ac5c36a9392ef19c49bf97a18b81974e
This bug was referenced in samba v4-14-test: 9f79d4256f8f24127f06f0bf25092c5ca84a7d59 9d61f2f2f3eb3fd79bb2d78da8d64b0f8b66d3aa 5a90b3e832cda88339c5cebca7043e842b348e47
This bug was referenced in samba v4-14-stable (Release samba-4.14.8): 9f79d4256f8f24127f06f0bf25092c5ca84a7d59 9d61f2f2f3eb3fd79bb2d78da8d64b0f8b66d3aa 5a90b3e832cda88339c5cebca7043e842b348e47
I've integrated the changes related to this issue from upstream Heimdal into Samba's current Heimdal version, and I'm now working on further testing to ensure the fix works.
(In reply to Joseph Sutton from comment #14) Thanks Joseph, I'll check it out send you a follow up patch with some comments :)
This bug was referenced in samba master: d501ddca3b7b9c39c0b3eccf19176e3122cf5b9d 8e4b21590836dab02c1864f6ac12b3879c4bd69c ce433ff868d3cdf8e8a6e4995d89d6e036335fb6 1fd00135fa4dff4331d86b228ccc01f834476997 31817c383c2014224b1397fde610624663313246 bba8cb8dce19e47a7b813efd9a7527e38856435e cda50b5c505072989abf84c209e16ff4efe2e628 9d142dc3a452b0f06efc66f422402ee6e553ee7c ae09219c3a1c6d47817f51baf3784e8986c7478d a927cecafdd5ad6dc5189fa98cb42684c9c3b033 dcf45a151a198f7165cd332a26db78a5d8e8f8c5 a4bc712ee02f32c2d04dfc2d99d58931344e5ceb 012b6fcd1976c6570e9b92c133d8c21e543e5a4f 8f6d369d709614e2f5c0684882c62f0476bcafa2 788b3a29eea62f9f38ca8865c7cb7860bdc94bec 7fba83c6c6309a525742c38e904d3e473db99ef1 ab92dc16d20b0996b8c46714652c15019c795095 7cfc225b549108739bd86e222f2f35eb96af4ea3 8e1efd8bd3bf698dc0b6ed2081919f49b1412b53 aa2e583fdea4fd93e4e71c54630e32a1035d1e2a 0e232fa1c9e5760ae6b9a99b5e7aa5513b84aa8b bb58b4b58c66a6ada79e886dd0c44401e1c5878c 34020766bb7094d1ab5d4fc4c0ee89ccb81f39f1 248249dc0acac89d1495c3572cbd2cbe8bdca362 ef24fe982d750a42be81808379b0254d8488c559 ec4b264bdf9ab64a728212580b344fbf35c3c673 687c8f94c68af9f1e44771dfd7219eeb41382bba ee2b7e2c77f021984ec583fa0c4c756979197b0f 72265227e9c2037b63cdfb01a456a86ac8932f59 238f52bad811688624e9fd4b1595266e2149094a bd22dcd9cc4dfda827f892224eb2da4a16564176 e7c39cc44f2e16aecb01c0afc195911a474ef0b9 cf3ca6ac4567d7c7954ea4ecc8cc9dd5effcc094 dfd613661eec4b81e162f2d86a8fa9266c2fdc03 5233f002000f196875af488b4f4d1df26fca90de ebe729786806c69e95b26ffc410e887e203accb8 40e5db4aabcd32834ee524857b77d36921f6bdfe ae2c57fb0332f94ac44d0886c5edbed707ef52fe bf63221722903665e7b20991021fb5cdf4e4327e d86eee2fd0fb72e52d878ceba0c476ca58abe6cf 56ccdba54e0c7cf3409d8430ea1012e5d3d9b092 1a08399cd8169a525cc9e7aed99da84ef20e5b9c 3948701f1d0f3ccd06f6dad56ca72833d66b1d84 3dede18c5a1801023a60cc55b99022b033428350 7149eeaceb426470b1b8181749d2d081c2fb83a4 c14c61748b5a2d2a4f4de00615c476fcf381309e d5002c34ce1ffef795dc83af3175ca0e04d17dfd ccabc7f16cca5b0dcb46233e934e708167f1071b d7b03394a9012960d71489e775d40d10fd6f5232 2d09de5c41e729bccc2d7949d8a3568a95e80e76 2773379603a5a625c5d1c6e62f29c442942ff570 d6a472e953545ec3858ca969c1a4191e4f27ba63 db30b71f79864a20b38a1f812a5df833f3a92de8 75d1a7cd14b134506061ed64ddb9b99856231d2c 91e684f5dcb48b76e6a322c15acb53cbce5c275a 28a5a586c8e9cd155d676dcfcb81a2587ace99d1 3bdce12789af1e7a7aba56691f184625a432410d 02fa69c6c73c01d82807be4370e838f3e7c66f35 f6adfefbbb41b9100736134d0f975f1ec0c33c42
This bug was referenced in samba master: a7ad665e65f0701eb75cac5bc10a366ccd9689f4
This bug was referenced in samba master: d23d8e859357b0fac4d1f4a49f1dce6cf60d6216 e086c6193f6da6fcb5d0bcada2199e9bc7ad25f5 0dc69c1327f72384628a869a00482f6528b8671b 288355896a2b6f460c42559ec46ff980ab57782e 9d3a691920205f8a9dc05d0e173e25e6a335f139
This bug was referenced in samba v4-15-test: be8fb0218af1a1529cd7a349a57a11dbfaeb7368
This bug was referenced in samba v4-15-test: bc7bdc5b7e0bfb6abd051e07677d940d7070c50d 336725dc79f79f07bc991812a70a6dddcc55701d f44a5b984b74f4e0d4b4d0794cc445aa47fe1440 1d2d30748a91e45694289600c2dc6e73f0bdc390 2af3293f67d643d15de575d1f01138ed382c3f18 f730c68834c315df9f0eb3d7d788a08b87d2eee0 56f49f117bf267e6013e415d6ff68b4cb35e56c0 d413e7d79a394f9a801c9a8fdafe1b51aab22698 b0339d5a1a8248f36422d10ba36918aca01093e1 f2d6361dc332d573e63000569d7a98983e5db5e3 7b6a5c97092bcd5ce5239bccb2f025387c62c1e5 159d451d817db789b47d1b624f71465912e2ec39 cba0b1a6c48ecbfbc3c07f61a47c71f6f57018d0 3e3d205df7c92b0156942171b2298147684c2d2c e4b278566afac0aa0945e340d131620c59ae1d92 063f1cbdbe707e0f48d80914e02a2aef04a9dae0 3c77ef9dbb553d7a683251933c3c63383fa7f7f1 c8a724118e646e83499b74a95d246bc6e902fac6 278eff6115fc6ada0b005561e7a7a56f170978b1 56a567be0e4d2f485a095d6344a7c0e1f144047e ca0123d86a47e4a1a2f8a06a20e0029af0e578a6 8416eb2a8840cc13bd1d59eeddbe7082dc2377b0 3022340bf225fb5328d13e64f17157d381a34bc7 cfb16b40c740b549dffb0cdec8cbda16fd7f665a 1e44488b58de1f0cbc3434ea4e95067d1b08a525 5125f9c1a1b36e73cfa363b34a2676a68fdd694d 0cad7ba2032a400453a68d0b7a428748d037e769 182bf696e32e79fcb0195487d2b0a5709198c0de f817cbc6815220b7476ec78d8f7e1d734ef770c8 6fe3f55476be738634cbd1e8af07290b1b79758f eed5b13f4af168aa21e3f691193f2fd9ec1e33f8 53b793b9e7c54a37e44517990d4fe54add659fac 8ab6d2f0bdd85e8e7f7119f003e39a1989a551b6 73f27f9ddb0262fe46aaee10984ab78355b100a3 320847972dff91eccfc87845eb123f7ba84b28f3 2bfcb3f6b009b28a3ca48ba3b8449db67eded920 8ff6735180220e63d2088f5f7e7499cab5d48879 0da5e1029ecc03b7ae2c5f8068cbefdcf62359bc 8eda339691aad55b890bbc4785a4b01ca6e18d47 3787c21f2b72bdda4bb1a0bbf987d8ccedd83a9c 2ef8022937f933aa0f365bcab82d803e0d001993 7dba3ae4b590840f4e70b134c0d21ee8970b2162 50a5116cff2317b878882b14474c8b27edbd4a94 6270587045faa6d1b58fc1792b356e16ddbd5b6f 5ec45f3068ab3d668f0dec6c6e6ab3ba7d6a6e72 2988bc5178875a3623abc5f19eac978ea1b67501 aa08c5cfbf72eee86174d75b8366a528411ea7c7 a1228650b68c02ecafec434e05670d577b406835 eaf9f8d9ebe63463f8c0ffe40ea418740592deaa 9b781f1ca034c41f62fdaf4cf4f56190cb4821a0 825aef9f8c72dcc5ddf27e7ec1a94f363f917d92 e6eca4a04eed6025576d52d44c0cf3fc9a47f299 bfccdc3827f007174ef1e2c487ef5f61e4986e31 db559680c42526ff2f6313bb70338fba5f92123f fccb0a6ecbc6ba55445d8de9e0832b50562b6262 b09fd76791631e557bdcdbdb02b4567eb521be8b ae1bada6c1b5480bde017886f3440de489f9e331 7cb8c699284cae4aba6e9a1cc26a713b5071c0f4 e7dbc8e26e688e8cb6d858e04e1c37310f2de631 97be9339ca20e2733c1735db9d4cc7346fc2e01a c4580eb131b934a2ca64ab342f009563c453605d 71b3142aba779d5e438b5a6b7adeeb1333c02c2b 768e7ec77344ffcdd20ea2bd2e60f3ccf77b291f 4955aacc2ea2e11afc0cfaadeead83bed022070c eea7988e67f91bb2493289232fbb0d0857b645e3 5a43b4ec548b7aa008b62aedd776a7ea221f1eab d4404ecb95127bbc359af1e37797a1c3aafe95a7 e35ae2d57d869a059e16312bee8cd3b4f38e73b7 ea64b0fde2f33ab238d1774481b34a33446d3f28 41cbe50ac93436537d4d2a83798e14dbbafbf804 53d4a46fcd2a1f2d51fbb0a8450fa66fbf6f4baf 5fca67c718861fdca5c63435526fa51a46e4d09a fe35ca21cfcfe8358d7d2c358229e16cca55406a 7b44f8db99dacab7b3b6144cd63fc13eecd99325 0f4886d4db2f1979f853a6b84ac5c76b131c6666 cdef6a8416c32f9038d8b3d4523b640bfc7af024 c2a5111e71f19faae691f3216bf776aeddd80490 5f07249a6b854955b461dbeffdaf2d577272e7e4 41e4c3a8ae1115adcca64916da653ced18577463 25895e26fc4675aa0b46cb8a2869b7201fe37c81 e7f75340b628027fb1593c973de7d99b93b11a07 5284920767de1f24d3337d6329520d6ecb5f2c29 f7e487fc4d03183d455e44e1f9848ee3b09a0401 904e0855c86b81319b5cacd9cfd4af75582f2513 6b5a223e42f3631edd54588d70f7ca92e11a6e32 571991a319c6e6ca9b724ebe473163e4e1ad193d bc71b3c179dc903cd248c5b52997ecf218ab69d1 f90bc484f4968934701e886232e10e8f3094bf96 7b8d569aefc47d27a2c6a92392aba9ba48bdbd96 d8871802eb28c39aa0bbf5eb9e9584fa572f62da 9edf3d6d81097207d4e764f1f498c244dba9c7ba 8ba2b8aef8a1e55c6eda8b7306da46fbe6b62041 2e20aefce2cebf4b4b5102fe41d8a310fd69f7ad 79278289cf39764fee860588b059e2dc119eaf57 4b2890412c915d90a26a0af5d4d39a1d19d2687d 060abb2f1b4190399e68c1ae81a8a4838b1417b6 764c7d74090a7879107c6bc4a5c8e6cc6c106e70 7df64eb0189461c98cf85cc755c2dea3f03840a5 4cdcbc761c31aab9869144860ce13c95eddebe6f 329054bc43308523659ce539028738f500b305c1 e735b36fcc18faf15a00c99bad884cd48d216dc1 03ababc0de61298407ef79954d75951083cee217 1d764175725ffae8679516a6109c1c09dfbe42c7 276820695a9e5e3c87f16c79e036e44e599d86b3 2cf612f80964c804a99313baa39b537e09f4fd6d af42d3fa44c5fea9f793f03519d4ca5a186ab48b bab70b995a1f7309818fa5487f04770ac8da231c 34e3b8e09f4b671d540e9a28b2af2de2d2da6fea 3c2cf8200d209ce9c998438a0695af23777fcc0f 3f89f5d3e09fffaae9b446b184982185a41f4f35 ce53ffc660e83950030c60bc69a5d9eb5988b6b0
This bug was referenced in samba v4-14-test: dcd13ba166e8385b6e60f206acd34912a5eb09c7 0e1d6fda2067caf37415332de8da6e3712bf8620 7594ba47c19e0a288a03eb76fc7cec137c1f4024 18c892942ee450e776b19f8f212ef8aa8f1b7f6e 58f68bf357f10b3e42609b0166a56cfa292413a5 811714e4f6b32d667659810c422096fc992da11a 61739d1a33a57d54a184fd09e89f349f4e7eb385 fadecadfe2f42bc43eea50be0a479eef494d5c0a 10e46b9b74bc581ade5fde1d3936f652448b03ef 82a19ce548eac76f9ce4ca60f2b6b4c98aa87cbb 6614fee6e8b47ec8052306281fb3e5642dfbddcc 5812a13ec5febc96d718377178727327160c132f 61cc6767c32cb131e24c1f303c9d312e4d3d395c 76f1deb3cd85333bf469128d6e56996db8dde182 c2a61c2c911ca5bb928b6bd68c3eb72c7d98e0fb 8c7d78a2e1aefb9d3f4dcfd07c4bcdd95c1096d4 aff414e2a7586384d36502a8e825ac20f4a88f14 eb103f6337a6a433b204ce8640324fe0f6a1a744 71c46e032a9d0a0f9809b237c1fa09cbc4619efa 7ad68c8cc59be645b9e6506c5253eca027900ec9 690d90ba615ccbf0094fb1a93d29be1e651cc879 1e6c77a03afa9595d06141060a7a9ed58f5793a0 65a269f1e31dd402fa048d99a3676d9a6df0f87d b14183e7f35ee1536594a66664465956066723ae 459e3bd695b98f8efff4b4bc5c98ba1e2270d25f 5db1b57b20d1c8fc6f7ecf6204427a6e4e851775 10db9a0bfb05924c1e9721f5def2425abac5cd57 912bac3ba71ef07a8d5c90810e08551938f1b89f 4fc5d67f601ee02a968d69a504653fc794d12380 1301ed37c447682a32356e470ec9cf85d2416f87 bee8264f1bc9360c5bbe15e60e7b5161358efecf 02c17fe22bed720814610418cc7fedf54a49a777 f274497789601bfa62db3e6e8f5248c1b68bc00c efc3d6edd69439a72ab7b75934387f65c7c1d86e 84973c79a7926b16d47a084ee88a6e3e8ace81b5 4ace77d830bce86e29380ce7dd4568f581e35960 15c7c561f7bb29c2b436d5c34b8ce84a2579743b 39941358333cd1c9acbbcdca851f538bf41b1c91 c08defb5a7df10f2598c2ae844f6f3fe22e481b5 e71cfc36ad7b4748806c58e425672b5df9eebf5d 0fbff441fc71c167ee5ab38db6405044a421564c ac378a754bd3f7ac37005ba11040076f77a5dc0a 5cd321086ba7e87fcb8949de9769ef45880ecde8 1c1154d81ad9ad32fd2c43902073a63c7063ead4 6868628eab75e155305ac711b4b6b8ff4fbbd92d 4cf6614a16a89f74045e1eb5db288dd1cf91ea15 bb6eb577c0530540d145f3b7ec7c5e0d39c80d3a 85053e6eb2ec716046e502f304614ef8d863d3c2 91df69559c5b09f2a9d32e577e09bcefce85f303 2af40a2ddf23d843aac7637ae094ae439d14fcfb b5432f5203fc16d5cc6ebe00cf659c9a0a94580f 22477380e69e92953f74ac35f61da442e77dc834 ce2da506c772af4a28a45939f4ba25a22500848e d5566cbb6815cd0f0dcb10195edf99cc255b2b3e bd1aa18c52bb2ad6f857c9bf30bd988556fb9fe9 08608d9f50e4240fdcd4beef57eabeed825a8563 f2c1535f8b68e618f90f7cfa320c7fc61af60bbc a4e9eb693a92ed8ca5bcafb1ae2aaf02cc8e6e36 0547b4ebcdd5f25d09b47a0691e6d6b7435fd346 ca549882cf62299935a5416ab8bb9e0a0a643827 191a0e9dbb3a8b4b04168bf11c54c13482cff4e2 316df8064dea1d1b6d318231f18e8a7ae2b65bca 0bdeb9cebf0309f50ddae7e7c2f38ca740993c95 68275cdd1911c4e587f2cffd43d282b3abdbb13d bbaa1159d2dbfc0d8bcab153c9e10137507fd315 fbfdfb979f3277e6504c15faa1a8212cb657889f 2c77e1d8771e8206e699d3df687dd017c0f46e1c 0e16f882d02a5173862056e50490e8d60853cb15 d9135f31e33058d444f89bb7c54d8daf80c1f388 a608f75910526816da7d63fa7635a2ddd2884f5f d5e7162ae37f3eb7d31a211e9b49cf62509b27ba cb0b486f483ff5554fc1f7adf125698750854ce7 8537439913a93c2471abb7b1591f31493ee12c6f 72c05a708d11699b7a474e2bf2fae8304ac4b9d7 a26133b9f0a4da4f376ded0f30bb0477b772eb81 e7150fe29689df9d2df5d08fb8dc06248ba80889 1eb3f880c703f43730446236b0b4d2f88704e934 dafb8efd7f586afd18413b40b949298913c9402b 5620fbd2a3d4dbb4cac1fe5883b7d022e5c29896 2dc3b7d9a4cbea44fc59f6ec2748eba8314d7e4d fd40fbe9a39908d5a27ec2dad0c8ead4963faef4 2c65205c2387549a19318b0d50811ce87bbc0c85 1ddb8111ed540841b075749e13678c7c6ad98f9e ec438f0b6eefb83b0d09357a67d2cc6be27a90fc a5f3863aec192fbf1a7366da516475c066e5f942 271b8cebf14be3f99944b984dd96919af16c63f2 f8ac3ccdb7cf9c67b8a842e0c51faaae8aa6bee4 fbf52f34082a4ce970042d1cbfb56f9d72e3630d 0c828728e0d2c6a3f76247d12aeafa1eee991a10 761ae6dba6720bea48fdcc8bc695d5724fc00c1a 8048b6fe8cfd2887090a5aec682060b396794f6b a3864293e828dade0ff63412517530a5267d0716 77f46ab1a4a70de542fc035b20c829d4cab51082 4e4fa68e1b5fbad23d87ba2b9c85e8f8f89d917a 2d2da2af26e621e20bdb13f7a85fdb98569f9724 5c5ca93aab796dbfc1c2e428890aa6c5fa6f0b81 bf8ad7c0d292b44556c9e8b8c6118134e461a5fa 15789d27dd9ec30d4d313849cc2689c54929b13b 81e1564e3eeddb4e6f2b63af87d14302e4ad2fc7 4de575650ee1d809e9e242b4a7ea802071f0da89 a1d8f275d10cb7e311609d915132aa6f87c872fa c8bbd3d659bbe42436cf43e8e32ca8da30adce39 a2c7a5a94e68ce19ffb877d4d68ce1ceb44c622d eadd3b8844d1e4162558f443e5cd4905f12667e6 4ecd119b7c1aff7db9fc1f475121debe464391c2 c3df114577d5a535b0e0c0dc1ec4beed0907e25c 4e98f5d9d4609e88783580b6a4d752b4d54f505e 1a1f72c2e2297a39b9743b13ebb94adf027a30a1 d09fa6b47b30165769041143f210816a447f5c9f bb3fbf53ad1bd665d0a02e5459a9eef631802f4c 8034d387a8fcdd455be24a1fcb48a488bfde0f03
This bug was referenced in samba v4-14-stable (Release samba-4.14.9): dcd13ba166e8385b6e60f206acd34912a5eb09c7 0e1d6fda2067caf37415332de8da6e3712bf8620 7594ba47c19e0a288a03eb76fc7cec137c1f4024 18c892942ee450e776b19f8f212ef8aa8f1b7f6e 58f68bf357f10b3e42609b0166a56cfa292413a5 811714e4f6b32d667659810c422096fc992da11a 61739d1a33a57d54a184fd09e89f349f4e7eb385 fadecadfe2f42bc43eea50be0a479eef494d5c0a 10e46b9b74bc581ade5fde1d3936f652448b03ef 82a19ce548eac76f9ce4ca60f2b6b4c98aa87cbb 6614fee6e8b47ec8052306281fb3e5642dfbddcc 5812a13ec5febc96d718377178727327160c132f 61cc6767c32cb131e24c1f303c9d312e4d3d395c 76f1deb3cd85333bf469128d6e56996db8dde182 c2a61c2c911ca5bb928b6bd68c3eb72c7d98e0fb 8c7d78a2e1aefb9d3f4dcfd07c4bcdd95c1096d4 aff414e2a7586384d36502a8e825ac20f4a88f14 eb103f6337a6a433b204ce8640324fe0f6a1a744 71c46e032a9d0a0f9809b237c1fa09cbc4619efa 7ad68c8cc59be645b9e6506c5253eca027900ec9 690d90ba615ccbf0094fb1a93d29be1e651cc879 1e6c77a03afa9595d06141060a7a9ed58f5793a0 65a269f1e31dd402fa048d99a3676d9a6df0f87d b14183e7f35ee1536594a66664465956066723ae 459e3bd695b98f8efff4b4bc5c98ba1e2270d25f 5db1b57b20d1c8fc6f7ecf6204427a6e4e851775 10db9a0bfb05924c1e9721f5def2425abac5cd57 912bac3ba71ef07a8d5c90810e08551938f1b89f 4fc5d67f601ee02a968d69a504653fc794d12380 1301ed37c447682a32356e470ec9cf85d2416f87 bee8264f1bc9360c5bbe15e60e7b5161358efecf 02c17fe22bed720814610418cc7fedf54a49a777 f274497789601bfa62db3e6e8f5248c1b68bc00c efc3d6edd69439a72ab7b75934387f65c7c1d86e 84973c79a7926b16d47a084ee88a6e3e8ace81b5 4ace77d830bce86e29380ce7dd4568f581e35960 15c7c561f7bb29c2b436d5c34b8ce84a2579743b 39941358333cd1c9acbbcdca851f538bf41b1c91 c08defb5a7df10f2598c2ae844f6f3fe22e481b5 e71cfc36ad7b4748806c58e425672b5df9eebf5d 0fbff441fc71c167ee5ab38db6405044a421564c ac378a754bd3f7ac37005ba11040076f77a5dc0a 5cd321086ba7e87fcb8949de9769ef45880ecde8 1c1154d81ad9ad32fd2c43902073a63c7063ead4 6868628eab75e155305ac711b4b6b8ff4fbbd92d 4cf6614a16a89f74045e1eb5db288dd1cf91ea15 bb6eb577c0530540d145f3b7ec7c5e0d39c80d3a 85053e6eb2ec716046e502f304614ef8d863d3c2 91df69559c5b09f2a9d32e577e09bcefce85f303 2af40a2ddf23d843aac7637ae094ae439d14fcfb b5432f5203fc16d5cc6ebe00cf659c9a0a94580f 22477380e69e92953f74ac35f61da442e77dc834 ce2da506c772af4a28a45939f4ba25a22500848e d5566cbb6815cd0f0dcb10195edf99cc255b2b3e bd1aa18c52bb2ad6f857c9bf30bd988556fb9fe9 08608d9f50e4240fdcd4beef57eabeed825a8563 f2c1535f8b68e618f90f7cfa320c7fc61af60bbc a4e9eb693a92ed8ca5bcafb1ae2aaf02cc8e6e36 0547b4ebcdd5f25d09b47a0691e6d6b7435fd346 ca549882cf62299935a5416ab8bb9e0a0a643827 191a0e9dbb3a8b4b04168bf11c54c13482cff4e2 316df8064dea1d1b6d318231f18e8a7ae2b65bca 0bdeb9cebf0309f50ddae7e7c2f38ca740993c95 68275cdd1911c4e587f2cffd43d282b3abdbb13d bbaa1159d2dbfc0d8bcab153c9e10137507fd315 fbfdfb979f3277e6504c15faa1a8212cb657889f 2c77e1d8771e8206e699d3df687dd017c0f46e1c 0e16f882d02a5173862056e50490e8d60853cb15 d9135f31e33058d444f89bb7c54d8daf80c1f388 a608f75910526816da7d63fa7635a2ddd2884f5f d5e7162ae37f3eb7d31a211e9b49cf62509b27ba cb0b486f483ff5554fc1f7adf125698750854ce7 8537439913a93c2471abb7b1591f31493ee12c6f 72c05a708d11699b7a474e2bf2fae8304ac4b9d7 a26133b9f0a4da4f376ded0f30bb0477b772eb81 e7150fe29689df9d2df5d08fb8dc06248ba80889 1eb3f880c703f43730446236b0b4d2f88704e934 dafb8efd7f586afd18413b40b949298913c9402b 5620fbd2a3d4dbb4cac1fe5883b7d022e5c29896 2dc3b7d9a4cbea44fc59f6ec2748eba8314d7e4d fd40fbe9a39908d5a27ec2dad0c8ead4963faef4 2c65205c2387549a19318b0d50811ce87bbc0c85 1ddb8111ed540841b075749e13678c7c6ad98f9e ec438f0b6eefb83b0d09357a67d2cc6be27a90fc a5f3863aec192fbf1a7366da516475c066e5f942 271b8cebf14be3f99944b984dd96919af16c63f2 f8ac3ccdb7cf9c67b8a842e0c51faaae8aa6bee4 fbf52f34082a4ce970042d1cbfb56f9d72e3630d 0c828728e0d2c6a3f76247d12aeafa1eee991a10 761ae6dba6720bea48fdcc8bc695d5724fc00c1a 8048b6fe8cfd2887090a5aec682060b396794f6b a3864293e828dade0ff63412517530a5267d0716 77f46ab1a4a70de542fc035b20c829d4cab51082 4e4fa68e1b5fbad23d87ba2b9c85e8f8f89d917a 2d2da2af26e621e20bdb13f7a85fdb98569f9724 5c5ca93aab796dbfc1c2e428890aa6c5fa6f0b81 bf8ad7c0d292b44556c9e8b8c6118134e461a5fa 15789d27dd9ec30d4d313849cc2689c54929b13b 81e1564e3eeddb4e6f2b63af87d14302e4ad2fc7 4de575650ee1d809e9e242b4a7ea802071f0da89 a1d8f275d10cb7e311609d915132aa6f87c872fa c8bbd3d659bbe42436cf43e8e32ca8da30adce39 a2c7a5a94e68ce19ffb877d4d68ce1ceb44c622d eadd3b8844d1e4162558f443e5cd4905f12667e6 4ecd119b7c1aff7db9fc1f475121debe464391c2 c3df114577d5a535b0e0c0dc1ec4beed0907e25c 4e98f5d9d4609e88783580b6a4d752b4d54f505e 1a1f72c2e2297a39b9743b13ebb94adf027a30a1 d09fa6b47b30165769041143f210816a447f5c9f bb3fbf53ad1bd665d0a02e5459a9eef631802f4c 8034d387a8fcdd455be24a1fcb48a488bfde0f03
This bug was referenced in samba v4-15-stable (Release samba-4.15.1): db294baff360f1c44c05798f6cda4584166adfd7 e52ddfbe5728487cb2c8b8ceeb2f63c5c15a7541 eb28bd54ac5c36a9392ef19c49bf97a18b81974e be8fb0218af1a1529cd7a349a57a11dbfaeb7368 bc7bdc5b7e0bfb6abd051e07677d940d7070c50d 336725dc79f79f07bc991812a70a6dddcc55701d f44a5b984b74f4e0d4b4d0794cc445aa47fe1440 1d2d30748a91e45694289600c2dc6e73f0bdc390 2af3293f67d643d15de575d1f01138ed382c3f18 f730c68834c315df9f0eb3d7d788a08b87d2eee0 56f49f117bf267e6013e415d6ff68b4cb35e56c0 d413e7d79a394f9a801c9a8fdafe1b51aab22698 b0339d5a1a8248f36422d10ba36918aca01093e1 f2d6361dc332d573e63000569d7a98983e5db5e3 7b6a5c97092bcd5ce5239bccb2f025387c62c1e5 159d451d817db789b47d1b624f71465912e2ec39 cba0b1a6c48ecbfbc3c07f61a47c71f6f57018d0 3e3d205df7c92b0156942171b2298147684c2d2c e4b278566afac0aa0945e340d131620c59ae1d92 063f1cbdbe707e0f48d80914e02a2aef04a9dae0 3c77ef9dbb553d7a683251933c3c63383fa7f7f1 c8a724118e646e83499b74a95d246bc6e902fac6 278eff6115fc6ada0b005561e7a7a56f170978b1 56a567be0e4d2f485a095d6344a7c0e1f144047e ca0123d86a47e4a1a2f8a06a20e0029af0e578a6 8416eb2a8840cc13bd1d59eeddbe7082dc2377b0 3022340bf225fb5328d13e64f17157d381a34bc7 cfb16b40c740b549dffb0cdec8cbda16fd7f665a 1e44488b58de1f0cbc3434ea4e95067d1b08a525 5125f9c1a1b36e73cfa363b34a2676a68fdd694d 0cad7ba2032a400453a68d0b7a428748d037e769 182bf696e32e79fcb0195487d2b0a5709198c0de f817cbc6815220b7476ec78d8f7e1d734ef770c8 6fe3f55476be738634cbd1e8af07290b1b79758f eed5b13f4af168aa21e3f691193f2fd9ec1e33f8 53b793b9e7c54a37e44517990d4fe54add659fac 8ab6d2f0bdd85e8e7f7119f003e39a1989a551b6 73f27f9ddb0262fe46aaee10984ab78355b100a3 320847972dff91eccfc87845eb123f7ba84b28f3 2bfcb3f6b009b28a3ca48ba3b8449db67eded920 8ff6735180220e63d2088f5f7e7499cab5d48879 0da5e1029ecc03b7ae2c5f8068cbefdcf62359bc 8eda339691aad55b890bbc4785a4b01ca6e18d47 3787c21f2b72bdda4bb1a0bbf987d8ccedd83a9c 2ef8022937f933aa0f365bcab82d803e0d001993 7dba3ae4b590840f4e70b134c0d21ee8970b2162 50a5116cff2317b878882b14474c8b27edbd4a94 6270587045faa6d1b58fc1792b356e16ddbd5b6f 5ec45f3068ab3d668f0dec6c6e6ab3ba7d6a6e72 2988bc5178875a3623abc5f19eac978ea1b67501 aa08c5cfbf72eee86174d75b8366a528411ea7c7 a1228650b68c02ecafec434e05670d577b406835 eaf9f8d9ebe63463f8c0ffe40ea418740592deaa 9b781f1ca034c41f62fdaf4cf4f56190cb4821a0 825aef9f8c72dcc5ddf27e7ec1a94f363f917d92 e6eca4a04eed6025576d52d44c0cf3fc9a47f299 bfccdc3827f007174ef1e2c487ef5f61e4986e31 db559680c42526ff2f6313bb70338fba5f92123f fccb0a6ecbc6ba55445d8de9e0832b50562b6262 b09fd76791631e557bdcdbdb02b4567eb521be8b ae1bada6c1b5480bde017886f3440de489f9e331 7cb8c699284cae4aba6e9a1cc26a713b5071c0f4 e7dbc8e26e688e8cb6d858e04e1c37310f2de631 97be9339ca20e2733c1735db9d4cc7346fc2e01a c4580eb131b934a2ca64ab342f009563c453605d 71b3142aba779d5e438b5a6b7adeeb1333c02c2b 768e7ec77344ffcdd20ea2bd2e60f3ccf77b291f 4955aacc2ea2e11afc0cfaadeead83bed022070c eea7988e67f91bb2493289232fbb0d0857b645e3 5a43b4ec548b7aa008b62aedd776a7ea221f1eab d4404ecb95127bbc359af1e37797a1c3aafe95a7 e35ae2d57d869a059e16312bee8cd3b4f38e73b7 ea64b0fde2f33ab238d1774481b34a33446d3f28 41cbe50ac93436537d4d2a83798e14dbbafbf804 53d4a46fcd2a1f2d51fbb0a8450fa66fbf6f4baf 5fca67c718861fdca5c63435526fa51a46e4d09a fe35ca21cfcfe8358d7d2c358229e16cca55406a 7b44f8db99dacab7b3b6144cd63fc13eecd99325 0f4886d4db2f1979f853a6b84ac5c76b131c6666 cdef6a8416c32f9038d8b3d4523b640bfc7af024 c2a5111e71f19faae691f3216bf776aeddd80490 5f07249a6b854955b461dbeffdaf2d577272e7e4 41e4c3a8ae1115adcca64916da653ced18577463 25895e26fc4675aa0b46cb8a2869b7201fe37c81 e7f75340b628027fb1593c973de7d99b93b11a07 5284920767de1f24d3337d6329520d6ecb5f2c29 f7e487fc4d03183d455e44e1f9848ee3b09a0401 904e0855c86b81319b5cacd9cfd4af75582f2513 6b5a223e42f3631edd54588d70f7ca92e11a6e32 571991a319c6e6ca9b724ebe473163e4e1ad193d bc71b3c179dc903cd248c5b52997ecf218ab69d1 f90bc484f4968934701e886232e10e8f3094bf96 7b8d569aefc47d27a2c6a92392aba9ba48bdbd96 d8871802eb28c39aa0bbf5eb9e9584fa572f62da 9edf3d6d81097207d4e764f1f498c244dba9c7ba 8ba2b8aef8a1e55c6eda8b7306da46fbe6b62041 2e20aefce2cebf4b4b5102fe41d8a310fd69f7ad 79278289cf39764fee860588b059e2dc119eaf57 4b2890412c915d90a26a0af5d4d39a1d19d2687d 060abb2f1b4190399e68c1ae81a8a4838b1417b6 764c7d74090a7879107c6bc4a5c8e6cc6c106e70 7df64eb0189461c98cf85cc755c2dea3f03840a5 4cdcbc761c31aab9869144860ce13c95eddebe6f 329054bc43308523659ce539028738f500b305c1 e735b36fcc18faf15a00c99bad884cd48d216dc1 03ababc0de61298407ef79954d75951083cee217 1d764175725ffae8679516a6109c1c09dfbe42c7 276820695a9e5e3c87f16c79e036e44e599d86b3 2cf612f80964c804a99313baa39b537e09f4fd6d af42d3fa44c5fea9f793f03519d4ca5a186ab48b bab70b995a1f7309818fa5487f04770ac8da231c 34e3b8e09f4b671d540e9a28b2af2de2d2da6fea 3c2cf8200d209ce9c998438a0695af23777fcc0f 3f89f5d3e09fffaae9b446b184982185a41f4f35 ce53ffc660e83950030c60bc69a5d9eb5988b6b0
This bug was referenced in samba v4-13-test: 36f8c7080a730a4ea1e4896a8d66408eb6eb4b7c ac14815f849661c15c212f4fb0ad4a9de81ca74e 9926198bce0f1ba1d05965403d61d64ff05fea50 860f77046507cb8ec28ead1b71ad4b7c9a93743b c2cbe6e9aab347945c855c27435ce1ec87614c36 7d6ad51b20c04ba25ae553ad744ef4c928fcc32b 9b151de26530d4d5e4dfed381728fc271a064283 329fcc65aa6f69e276ae5af85b173000e36cb05f c7491a9e760a1ef9a211de93f944948def4a92bd 8c7d05440356f59f8b098fa10070c40a1cfacf10 b68eae6687b4610599c80a232beaaf0c4c97f4ff b2f980110151f2d9d55ffa03328a375a9ba46e03 286d69daf8b0afcbf83e4724a761466fb1f690f8 c106983b6faccbb797f2c8ffd6153eb1ec378e66 2850771dfcb0efdfb9736ebea2818fe194aeeaa2 d97a975e92a6008104456cc5d99ac5eb9ccc5122 e93ed34f928efa89431f3ca48a89a741d17add6b bb236fc2432316308dd4878240140f58ecc1e758 cb35919a14f8698c6b6275fb2c668d3a57829d75 a8c139de2af35ca0c243b430d6388b0327a358ac e380626903e5a68e643b740896a8ca4bcb69ab93 b619f4cb768847462751b959b3e3b4e92cb99b0e 7446e1cd80149fddbeda8461ecb4092300fd9b0f 1c05c3f7433a176203a6d49e48a1fa658fd6ff32 a54629359b664b92c7b4e208284e40c1198f2ff3 c6a2b7f196e125fc07fdf23dc7a9b40cda9781fd 3fdc427411c1b63622db5af1691b9b70ed4be833 b146689063243b930abe38004c558e1284ec598b 454a8a7e687e400b79ad4b69c8fd4b7cc4912c85 891195fa81e70e8369ee2d17f6bad981d1362315 0eccbbc27480524d05ecb9cfb77578a83ca70ff9 bce8a8bd915ac59faa9c2bd5b2b8fe56695bf058 3d1e55d06076d611a2bf98505497029ae90e3cd7 74b4bcc2b98a89bb44504a921026c87128e6727d 68da62728d242eab44e6a0d59c5c929b80692109 4c561dbb3ca2cd6a792ab80b149960fed77721d4 e238315bbdfe6b67d5014b6559d77bc2071c8b9c 6d3e996b480f4a83f4f41f48d6ea3d0851eabac3 1e4e8d883b61867fd095fc7751c978429eb000b6 466f694f2fdf5f40668f85e70315de821854cfb9 5b2c7c0930df378782becb814a8cee8837c86a8e dc44a5b6fdf4ddcf216ad48c2e3f745a604d4f10 74f90d6b1a6f4373d1ad4093070d0b80b1410b76 65ff3ff171e97214b9b0585a4cf6913f07a0bb89 279bb102fe8be500cd487e87e1dd85b22153c322 0b5f8ac5b4d665b35a5a50bf3cca9def1c9c9f7c ab9034dd8246b43290914014a261ea7625260ca2 b047ed0c87d517e2d5b600e5d1358d21c8b12439 5c1ab0b2697e6418b8aefc3bcee9bab7b41094b2 82606cd6f3140bc377f6177b6d813e659422e9e7 528c950eff9e70b6063881b6c375fce9b2efea4b 39bba78a5d014bfc30a94cfbb630ea98e8ab0e00 1506b1c29bb02231628cbe7c9e319449ee9d4c34 501d5e76a82bafd265b5fd754d75fe3372479cb1 91d385abffb95ba5aab4dbc50b89c92d2316149d d310714c22114c9dbf83ef57c7fdf0f94bb5c9a3 2052395dd89b56b3c99d2b270a9eade67d042c7f e3cd9b3649fb152ea3310d9220c5461bad08a5f8 0e33a8d82fea2dc21adebe40c5c080069805c24b 8a6c15b431c41021feb3d030983634d6951ca55e 4f6e02bf1db79887947df43964bf4ced664a70ad 896eea26d352fadee91fcd2bfa81f3622e586fab f1fad85fe183079b382eb5d59c7211de65890236 86e97e83ce4f63f613d1212a5cac3c370a4456b1 334361501a9e1eebcfb572e3179064cc403929fe cb49059ab461ecf66c0b4ae47b25b9fb8aeb9214 e56da60d01b1b4546b3d92480f89cbf591e500f1 129772e049dc15ccc3806801475d5fabb0b4aa33 5bc46c831ef0fc19ee3a4d54f379b84bddc7446a b0f9a83846baef02de7958be3c25ff7e8480d446 7f3d6f9d92598944b8940c44e05fa5565c67262a 5f72fd098f08787c42b7ea29c471f48beeb4a474 07e242da411326ea36b9d6bf286db636abe68f0e d82e7716f486154602767351136f18e232f7b3cc 8ee28d96b29845c631554fb1f3171e74028fe47f 54fb144fe9ad68a65d2acd4c78e69753db8c19c6 07ace448a5c64d9409f31d9be6dfe581bbb6a7f1 b08fd85bcb209ae249807e296d362d92bd2faa8f 90d58c72bd792d683c17aacdcfa4646963ee5ff0 d46f0d1793bed59026cb517dc7056a51fca1d5cb 2c6b918ab92fb88f179edea773b2364aad262bde 1ca795a0cb9a169dc428b966db095bf34f1bd597 518e990f496317c79148f2fc00838a0ac3bca959 91faad4ef6ba401267a2ec94a14c5fe6075d8075 6a1549a49557fa1149b30d3a626f6833e673b229 61ec92dc0964118fc6ffb5e4afa3d2ac52b22b6a 2373c1ac1ef321d51ef2939df221f00510633778 8b947965d4f86b7bbb36fd181e93430ed47a8250 f3c36a069981964baeec92efa15416491516748e 0e53c4353a28404cd57c9726f5701ab80adc8562 8b363a630e55aaf507735ecbcb0d678906c065e4 1486a8a04b0fe7ba86b0378d7e9ee78c77cbe17f 6afc41b262ed2d308a89926c4f63139f26983d91 ff31503bd41dd76c8d965b6a6c3e9904aa78c373 4114e57a371f4d873d280257c8f396945b872c4b c17bfba30011b01fa23cf5742c7d4026b42839e9 c73825d0b0131b505ee2b75f75d55c21ad1f2d05 49bcbcbb4d6130440064db6d1a0bd888891f3a8f 58bc0a4b7f1ec70e1d9e7a80dac6e85042cf7bc2 61fb0ba82c65734c6ed9b85b8dab4db72bd47fd0 e5ca4a51c80cca54d4484032268716cee139792b 6fbde5488035897f92c7996c631a1d7fb92824bd 9d3419c3068b7ae08049df83927fdf23cad3d223 5919475dc9026c527a016b226586d5bab30cac1e cb044703b29b2d80775305ebb01027199542af1d 4ff8af7d54df3ee51f13f9dbc7c80a83a9c08153 543478fe985cd962f07e14bedd30660144382c54 33537398392db0d3352ae3ca9ff7d7df866a181c 033249c56e1b6a72d717aa64f1d09d107d6b67a2 473278c1301bcefd623b10ea88f1ff7627fe7c1e fa32948c1d15ace180b5a9c7d80a1e0b25846d2a
This bug was referenced in samba v4-13-stable (Release samba-4.13.13): 36f8c7080a730a4ea1e4896a8d66408eb6eb4b7c ac14815f849661c15c212f4fb0ad4a9de81ca74e 9926198bce0f1ba1d05965403d61d64ff05fea50 860f77046507cb8ec28ead1b71ad4b7c9a93743b c2cbe6e9aab347945c855c27435ce1ec87614c36 7d6ad51b20c04ba25ae553ad744ef4c928fcc32b 9b151de26530d4d5e4dfed381728fc271a064283 329fcc65aa6f69e276ae5af85b173000e36cb05f c7491a9e760a1ef9a211de93f944948def4a92bd 8c7d05440356f59f8b098fa10070c40a1cfacf10 b68eae6687b4610599c80a232beaaf0c4c97f4ff b2f980110151f2d9d55ffa03328a375a9ba46e03 286d69daf8b0afcbf83e4724a761466fb1f690f8 c106983b6faccbb797f2c8ffd6153eb1ec378e66 2850771dfcb0efdfb9736ebea2818fe194aeeaa2 d97a975e92a6008104456cc5d99ac5eb9ccc5122 e93ed34f928efa89431f3ca48a89a741d17add6b bb236fc2432316308dd4878240140f58ecc1e758 cb35919a14f8698c6b6275fb2c668d3a57829d75 a8c139de2af35ca0c243b430d6388b0327a358ac e380626903e5a68e643b740896a8ca4bcb69ab93 b619f4cb768847462751b959b3e3b4e92cb99b0e 7446e1cd80149fddbeda8461ecb4092300fd9b0f 1c05c3f7433a176203a6d49e48a1fa658fd6ff32 a54629359b664b92c7b4e208284e40c1198f2ff3 c6a2b7f196e125fc07fdf23dc7a9b40cda9781fd 3fdc427411c1b63622db5af1691b9b70ed4be833 b146689063243b930abe38004c558e1284ec598b 454a8a7e687e400b79ad4b69c8fd4b7cc4912c85 891195fa81e70e8369ee2d17f6bad981d1362315 0eccbbc27480524d05ecb9cfb77578a83ca70ff9 bce8a8bd915ac59faa9c2bd5b2b8fe56695bf058 3d1e55d06076d611a2bf98505497029ae90e3cd7 74b4bcc2b98a89bb44504a921026c87128e6727d 68da62728d242eab44e6a0d59c5c929b80692109 4c561dbb3ca2cd6a792ab80b149960fed77721d4 e238315bbdfe6b67d5014b6559d77bc2071c8b9c 6d3e996b480f4a83f4f41f48d6ea3d0851eabac3 1e4e8d883b61867fd095fc7751c978429eb000b6 466f694f2fdf5f40668f85e70315de821854cfb9 5b2c7c0930df378782becb814a8cee8837c86a8e dc44a5b6fdf4ddcf216ad48c2e3f745a604d4f10 74f90d6b1a6f4373d1ad4093070d0b80b1410b76 65ff3ff171e97214b9b0585a4cf6913f07a0bb89 279bb102fe8be500cd487e87e1dd85b22153c322 0b5f8ac5b4d665b35a5a50bf3cca9def1c9c9f7c ab9034dd8246b43290914014a261ea7625260ca2 b047ed0c87d517e2d5b600e5d1358d21c8b12439 5c1ab0b2697e6418b8aefc3bcee9bab7b41094b2 82606cd6f3140bc377f6177b6d813e659422e9e7 528c950eff9e70b6063881b6c375fce9b2efea4b 39bba78a5d014bfc30a94cfbb630ea98e8ab0e00 1506b1c29bb02231628cbe7c9e319449ee9d4c34 501d5e76a82bafd265b5fd754d75fe3372479cb1 91d385abffb95ba5aab4dbc50b89c92d2316149d d310714c22114c9dbf83ef57c7fdf0f94bb5c9a3 2052395dd89b56b3c99d2b270a9eade67d042c7f e3cd9b3649fb152ea3310d9220c5461bad08a5f8 0e33a8d82fea2dc21adebe40c5c080069805c24b 8a6c15b431c41021feb3d030983634d6951ca55e 4f6e02bf1db79887947df43964bf4ced664a70ad 896eea26d352fadee91fcd2bfa81f3622e586fab f1fad85fe183079b382eb5d59c7211de65890236 86e97e83ce4f63f613d1212a5cac3c370a4456b1 334361501a9e1eebcfb572e3179064cc403929fe cb49059ab461ecf66c0b4ae47b25b9fb8aeb9214 e56da60d01b1b4546b3d92480f89cbf591e500f1 129772e049dc15ccc3806801475d5fabb0b4aa33 5bc46c831ef0fc19ee3a4d54f379b84bddc7446a b0f9a83846baef02de7958be3c25ff7e8480d446 7f3d6f9d92598944b8940c44e05fa5565c67262a 5f72fd098f08787c42b7ea29c471f48beeb4a474 07e242da411326ea36b9d6bf286db636abe68f0e d82e7716f486154602767351136f18e232f7b3cc 8ee28d96b29845c631554fb1f3171e74028fe47f 54fb144fe9ad68a65d2acd4c78e69753db8c19c6 07ace448a5c64d9409f31d9be6dfe581bbb6a7f1 b08fd85bcb209ae249807e296d362d92bd2faa8f 90d58c72bd792d683c17aacdcfa4646963ee5ff0 d46f0d1793bed59026cb517dc7056a51fca1d5cb 2c6b918ab92fb88f179edea773b2364aad262bde 1ca795a0cb9a169dc428b966db095bf34f1bd597 518e990f496317c79148f2fc00838a0ac3bca959 91faad4ef6ba401267a2ec94a14c5fe6075d8075 6a1549a49557fa1149b30d3a626f6833e673b229 61ec92dc0964118fc6ffb5e4afa3d2ac52b22b6a 2373c1ac1ef321d51ef2939df221f00510633778 8b947965d4f86b7bbb36fd181e93430ed47a8250 f3c36a069981964baeec92efa15416491516748e 0e53c4353a28404cd57c9726f5701ab80adc8562 8b363a630e55aaf507735ecbcb0d678906c065e4 1486a8a04b0fe7ba86b0378d7e9ee78c77cbe17f 6afc41b262ed2d308a89926c4f63139f26983d91 ff31503bd41dd76c8d965b6a6c3e9904aa78c373 4114e57a371f4d873d280257c8f396945b872c4b c17bfba30011b01fa23cf5742c7d4026b42839e9 c73825d0b0131b505ee2b75f75d55c21ad1f2d05 49bcbcbb4d6130440064db6d1a0bd888891f3a8f 58bc0a4b7f1ec70e1d9e7a80dac6e85042cf7bc2 61fb0ba82c65734c6ed9b85b8dab4db72bd47fd0 e5ca4a51c80cca54d4484032268716cee139792b 6fbde5488035897f92c7996c631a1d7fb92824bd 9d3419c3068b7ae08049df83927fdf23cad3d223 5919475dc9026c527a016b226586d5bab30cac1e cb044703b29b2d80775305ebb01027199542af1d 4ff8af7d54df3ee51f13f9dbc7c80a83a9c08153 543478fe985cd962f07e14bedd30660144382c54 33537398392db0d3352ae3ca9ff7d7df866a181c 033249c56e1b6a72d717aa64f1d09d107d6b67a2 473278c1301bcefd623b10ea88f1ff7627fe7c1e fa32948c1d15ace180b5a9c7d80a1e0b25846d2a
This bug was referenced in samba v4-15-stable (Release samba-4.15.2): 85e3788d8294e809dac17d4636e93b3ec53bce33 b11b347b1ba262600121e3156fd5e08e86ed6255
This bug was referenced in samba v4-14-stable (Release samba-4.14.10): b49fd977462c2c51755b13975ae485e749bc7206 09bd4f4104af1a1cab3edfb65084021ef33851b9
This bug was referenced in samba v4-13-test: d2eee68c8a578275be069637eae7acdaebad41fd 5837a12c8d55841ed05210e41dcc197bec88d7e0
This bug was referenced in samba v4-14-test: b49fd977462c2c51755b13975ae485e749bc7206 09bd4f4104af1a1cab3edfb65084021ef33851b9
This bug was referenced in samba v4-13-stable (Release samba-4.13.14): d2eee68c8a578275be069637eae7acdaebad41fd 5837a12c8d55841ed05210e41dcc197bec88d7e0
This bug was referenced in samba v4-15-test: 85e3788d8294e809dac17d4636e93b3ec53bce33 b11b347b1ba262600121e3156fd5e08e86ed6255
This bug was referenced in samba master: 4ac05264a762de8d3673b91d1ceb84b1f1703936
Fixed in master and backported to 4.15, 4.14 and the special last 4.13.13 maintenance release.