Comment 4 for bug 1950363

Fixing this issue on Ubuntu 18.04 LTS is going to be problematic.

The backport to 4.10 of the patchset to fix most of the CVEs contains 686 commits. Backporting that to bionic's 4.7.6 may not be feasible.

The main issue with updating bionic to 4.13.14 is the lack of support for python 2.7. I have successfully built 4.13.14 on bionic along with required version bumps of talloc, tdb, tevent, and ldb. sssd was successfully rebuilt by adding a few patches to support newer Samba releases.

Unfortunately, freeipa has a dependency on python-samba which can't be solved.

While we can update bionic to Samba 4.13.14, this will likely break freeipa. I don't think the required python 3 dependencies are available in bionic to build a later freeipa.