DSA-4443 samba – security update
Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberosextension used in Sambas Active Directory support was susceptible toman-in-the-middle attacks caused by incomplete checksum validation.
More info:
https://www.debian.org/security/2019/dsa-4443