samba: security update
Samba was updated to 3.6.7 fixing bugs and security issues:
- The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1
are affected by a cross-site request forgery; CVE-2013-0214; (bnc#799641).
- The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 4.0.1
could possibly be used in clickjacking attacks; CVE-2013-0213; (bnc#800982).
It also contains various other bugfixes merged by our Samba team.
-
Submitted by
Lars Müller (lmuelle)
Fixed bugs
bnc#764577
samba: Smbclient memory corruption
bnc#783384
"Source Timestamp" clutters up diff for samba.spec
bnc#783719
samba "wide links = yes" does not work after upgrade from OpenSuse 11.2
bnc#792340
samba-winbind depends on dropped /etc/init.d/nscd
bnc#799641
VUL-0: CVE-2013-0214: samba: Potential XSRF in SWAT
bnc#800982
VUL-0: CVE-2013-0213: samba: Clickjacking issue in SWAT
