Errata overview
Errata ID 497
Date 2019-05-14
Source package samba
Fixed in version 2:4.7.8-1A~
This update addresses the following issue:
* The checksum validation in the S4U2Self handler in
  the embedded Heimdal KDC did not first confirm that the
  checksum was keyed, allowing replacement of the
  requested target (client) principal.
  For details and possible mitigations see
Additional notes
CVE ID CVE-2018-16860
UCS Bug number #49433