File _patchinfo of Package patchinfo.10768

<patchinfo incident="10768">
  <issue tracker="cve" id="2019-3880"/>
  <issue tracker="bnc" id="1131060">VUL-0: EMBARGOED: CVE-2019-3880: samba: Save registry file outside share as unprivileged user in Samba 4.x</issue>
  <issue tracker="bnc" id="1124223">SES Samba Gateway setups should completely disable printer sharing</issue>
  <issue tracker="bnc" id="1126377">Samba AppArmor sniplet no longer updated - script needs a patch</issue>
  <issue tracker="bnc" id="1114407">L3: Failed to join domain: winbind on SLES15</issue>
  <issue tracker="bnc" id="1125410">VUL-0: CVE-2019-3824: samba: ldb: Out of bound read in ldb_wildcard_compare</issue>
  <issue tracker="bnc" id="1131686">openSUSE-2019-1163 security update for ldb break sssd</issue>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

Security issue fixed:

- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).

ldb was updated to version 1.2.4 (bsc#1125410 bsc#1131686):

- Out of bound read in ldb_wildcard_compare
- Hold at most 10 outstanding paged result cookies
- Put "results_store" into a doubly linked list
- Refuse to build Samba against a newer minor version of ldb

Non-security issues fixed:

- Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377).
- Abide to the load_printers parameter in smb.conf (bsc#1124223).
- Provide the 32bit samba winbind PAM module and its dependend 32bit libraries.
openSUSE Build Service is sponsored by