File _patchinfo of Package patchinfo.10768
<issue tracker="cve" id="2019-3880"/>
<issue tracker="bnc" id="1131060">VUL-0: EMBARGOED: CVE-2019-3880: samba: Save registry file outside share as unprivileged user in Samba 4.x</issue>
<issue tracker="bnc" id="1124223">SES Samba Gateway setups should completely disable printer sharing</issue>
<issue tracker="bnc" id="1126377">Samba AppArmor sniplet no longer updated - script needs a patch</issue>
<issue tracker="bnc" id="1114407">L3: Failed to join domain: winbind on SLES15</issue>
<issue tracker="bnc" id="1125410">VUL-0: CVE-2019-3824: samba: ldb: Out of bound read in ldb_wildcard_compare</issue>
<issue tracker="bnc" id="1131686">openSUSE-2019-1163 security update for ldb break sssd</issue>
<summary>Security update for samba</summary>
<description>This update for samba fixes the following issues:
Security issue fixed:
- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).
ldb was updated to version 1.2.4 (bsc#1125410 bsc#1131686):
- Out of bound read in ldb_wildcard_compare
- Hold at most 10 outstanding paged result cookies
- Put "results_store" into a doubly linked list
- Refuse to build Samba against a newer minor version of ldb
Non-security issues fixed:
- Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377).
- Abide to the load_printers parameter in smb.conf (bsc#1124223).
- Provide the 32bit samba winbind PAM module and its dependend 32bit libraries.