HCE1-SA-2024-0046 Important HCE 1.1 Security Fix(es): Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets. (CVE-2020-25721) Netlogon RPC Elevation of Privilege Vulnerability (CVE-2022-38023) A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. (CVE-2020-25719) HCE 1.1 ctdb-4.10.16-25.hce1c.x86_64.rpm libsmbclient-4.10.16-25.hce1c.x86_64.rpm libwbclient-4.10.16-25.hce1c.x86_64.rpm samba-4.10.16-25.hce1c.x86_64.rpm samba-client-4.10.16-25.hce1c.x86_64.rpm samba-client-libs-4.10.16-25.hce1c.x86_64.rpm samba-common-4.10.16-25.hce1c.noarch.rpm samba-common-libs-4.10.16-25.hce1c.x86_64.rpm samba-common-tools-4.10.16-25.hce1c.x86_64.rpm samba-libs-4.10.16-25.hce1c.x86_64.rpm samba-python-4.10.16-25.hce1c.x86_64.rpm samba-winbind-4.10.16-25.hce1c.x86_64.rpm samba-winbind-modules-4.10.16-25.hce1c.x86_64.rpm