Am Donnerstag, dem 30.03.2023 um 14:03 +0100 schrieb Rowland Penny via
samba:>
>
> On 30/03/2023 13:56, Corrado Ravinetto via samba wrote:
> > Ok, i added more than 50 rows like server reject md5 ecc.ecc.ecc.
> > Now logs are clean, but, before upgrade this not happened
> >
> >
>
> Which is why I said it was a bit weird.
>
> The CVE fixes went into Samba 4.16.8 and you upgraded from 4.17.x, so I
> would have expected that CVE fix to have been in your 4.17 version and
> for you to have had the lines in your log from then.
Hi Rowland, correct but also 4.17.4 was released with this fix. Maybe the
upgrade was from an
earlier version?
What is more interesting is that he did not see any effect (something not
working) only the
log entries. Not that he just opened that security whole again by removing the
errors in the
log.?
Regards
Christian