Key
- Yakawedzerwa kuchengetedzwa kwenjodzi
ZeroLogon (CVE-2020-1472) inobvumira munhu anorwisa kuti awane kodzero dzekutonga pane domain controller pane masisitimu asingashandise iyo "server schannel = hongu" kuseta. - Iyo shoma Python vhezheni inodiwa yakawedzerwa kubva kuPython 3.5 kuenda kuPython 3.6. Iko kugona kuvaka sevha yefaira nePython 2 ichiri kuwanikwa (usati wamhanya ./configure uye 'ita', unofanirwa kuseta shanduko yemamiriro ekunze 'PYTHON=python2'), asi mubazi rinotevera ichabviswa uye Python 3.6 ichave. zvinodiwa pakuungana.
- Iyo "wide links = hongu" mashandiro, ayo anobvumira vatariri vefaira sevha kuti vagadzire zvinongedzo zvekufananidzira kune imwe nzvimbo iri kunze kweiyo SMB / CIFS partition, yakabviswa kubva smbd kuenda kune yakaparadzana "vfs_widelinks" module. Parizvino, iyi module inotakurwa otomatiki kana "wide links = hongu" parameter iripo muzvirongwa. Mune ramangwana, zvakarongwa kubvisa rutsigiro rwe "wide links = hongu" nekuda kwenyaya dzekuchengetedza, uye vashandisi vesamba vanokurudzirwa zvakanyanya kuchinja kubva ku "wide links = hongu" kushandisa "mount --bind" kukwira kunze iyo faira system.
- Classic mode domain controller rutsigiro rwakadzimwa. Vashandisi veNT4-senge domain controllers ('classic') vanofanirwa kushandura kushandisa Samba Active Directory domain controllers kuti vakwanise kushanda neazvino maWindows vatengi.
- Nzira dzechokwadi dzakadzikiswa dzisina kuchengeteka dzinogona kushandiswa chete neSMBv1 protocol: "domain logon", "raw NTLMv2 auth", "client plaintext auth", "client NTLMv2 auth", "client lanman auth" uye "client shandisa spnego".
- Tsigiro ye "ldap ssl ads" sarudzo yabviswa pa smb.conf. Iyo "server chiteshi" sarudzo inotarisirwa kubviswa mukuburitswa kunotevera.
Source: opennet.ru