Overview Repositories Revisions Requests Users Attributes Meta
Security update for samba, ldb, talloc, tdb, tevent

This update for ldb, samba, talloc, tdb, tevent fixes the following issues:

ldb was updated to 1.1.24.

+ Fix ldap \00 search expression attack dos; cve-2015-3223; (bso#11325)
+ Fix remote read memory exploit in ldb; cve-2015-5330; (bso#11599)
+ Move ldb_(un)pack_data into ldb_module.h for testing
+ Fix installation of _ldb_text.py
+ Fix propagation of ldb errors through tdb
+ Fix bug triggered by having an empty message in database during search
+ Test improvements
+ Improved python bindings
+ Validate_ldb of string(generalized-time) does not accept millisecond format ".000Z"; (bso#9810)
+ Fix logic in ldb_val_to_time()
+ Allow to register extended match rules
+ Fixes for segfaults in pyldb
+ Documentation fixes
+ Build system improvements
+ Fix a typo in the comment, ldb_flags_mod_xxx -> ldb_flag_mod_xxx
+ Fix check for third_party
+ Make the successful ldb_transaction_start() message clearer
+ Ldb-samba: fix a memory leak in ldif_canonicalise_objectcategory()
+ Ldb-samba: move pyldb-utils dependency to python_samba__ldb
+ Build: improve detection of srcdir

Samba was updated to 4.1.22.
+ Malicious request can cause samba ldap server to hang, spinning using cpu;
CVE-2015-3223; (bso#11325); (boo#958581).
+ Remote read memory exploit in ldb; cve-2015-5330; (bso#11599);
(boo#958586).
+ Insufficient symlink verification (file access outside the share);
CVE-2015-5252; (bso#11395); (boo#958582).
+ No man in the middle protection when forcing smb encryption on the client
side; CVE-2015-5296; (bso#11536); (boo#958584).
+ Currently the snapshot browsing is not secure thru windows previous version
(shadow_copy2); CVE-2015-5299; (bso#11529); (boo#958583).
+ Fix microsoft ms15-096 to prevent machine accounts from being changed into
user accounts; CVE-2015-8467; (bso#11552); (boo#958585).
+ Fix remote dos in samba (ad) ldap server; cve-2015-7540; (bso#9187);
(boo#958580).
+ Ensure attempt to ssh into locked account triggers
"Your account is disabled....." to the console; (boo#953382).
+ Prevent null pointer access in samlogon fallback when security
credentials are null; (boo#949022).

talloc was updated to 2.1.5; (boo#954658).
+ Minor build fixes
+ Point ld_library_path to the just-built libraries while calling make test.
+ Disable rpath-install and silent-rules while configure.
+ Update to 2.1.4; (boo#951660).
+ Test that talloc magic differs between processes.
+ Increment minor version due to added talloc_test_get_magic.
+ Provide tests access to talloc_magic.
+ Test magic protection measures.
+ Update the samba library distribution key file 'talloc.keyring'; (bso#945116).
+ Update to 2.1.3; (boo#939051).
+ Improved python3 bindings
+ Documentation fixes regarding talloc_reference() and talloc_unlink()

tdb was updated to version 1.3.8; (boo#954658).
+ Fix broken build with --disable-python
+ Minor build fixes
+ Disable rpath-install and silent-rules while configure.
+ Update the samba library distribution key file 'tdb.keyring'; (bso#945116).
+ Update to version 1.3.7.
+ First fix deadlock in the interaction between fcntl and mutex locking; (bso#11381)
+ Improved python3 bindings
+ Update to version 1.3.6.
+ Fix runtime detection for robust mutexes in the standalone build; (bso#11326).
+ Possible fix for the build with robust mutexes on solaris 11; (bso#11319).
+ Update to version 1.3.5.
+ Abi change: tdb_chainlock_read_nonblock() has been added, a nonblock
variant of tdb_chainlock_read()
+ Do not build test binaries if it's not a standalone build
+ Fix cid 1034842 resource leak
+ Fix cid 1034841 resource leak
+ Don't let tdb_wrap_open() segfault with name==null
+ Update to version 1.3.4.
+ Toos: allow transactions with tdb_mutex_locking
+ Test: add tdb1-run-mutex-transaction1 test
+ Allow transactions on on tdb's with tdb_mutex_locking
+ Update to version 1.3.3.
+ Test: tdb_clear_if_first | tdb_mutex_locking, o_rdonly is a valid
combination
+ Update to version 1.3.2.
+ Allow tdb_open_ex() with o_rdonly of tdb_feature_flag_mutex tdbs.
+ Fix a comment
+ Fix tdb_runtime_check_for_robust_mutexes()
+ Improve wording in a comment
+ Tdb.h needs bool type; obsoletes include_stdbool_bso10625.patch
+ Tdb_wrap: make mutexes easier to use
+ Tdb_wrap: only pull in samba-debug
+ Tdb_wrap: standalone compile without includes.h
+ Tdb_wrap: tdb_wrap.h doesn't need struct loadparm_context
- Update to version 1.3.1.
+ Tools: fix a compiler warning
+ Defragment the freelist in tdb_allocate_from_freelist()
+ Add "freelist_size" sub-command to tdbtool
+ Use tdb_freelist_merge_adjacent in tdb_freelist_size()
+ Add tdb_freelist_merge_adjacent()
+ Add utility function check_merge_ptr_with_left_record()
+ Simplify tdb_free() using check_merge_with_left_record()
+ Add utility function check_merge_with_left_record()
+ Improve comments for tdb_free().
+ Factor merge_with_left_record() out of tdb_free()
+ Fix debug message in tdb_free()
+ Reduce indentation in tdb_free() for merging left
+ Increase readability of read_record_on_left()
+ Factor read_record_on_left() out of tdb_free()
+ Build: improve detection of srcdir.

tevent was update to version 0.9.26; (boo#954658).
+ New tevent_thread_proxy api
+ Minor build fixes
+ Update the samba library distribution key file 'tevent.keyring'; (bso#945116).
+ Update to 0.9.25.
+ Fix compile error in solaris ports backend.
+ Fix access after free in tevent_common_check_signal(); (bso#11308).
+ Improve pytevent bindings.
+ Testsuite fixes.
+ Improve the documentation of the tevent_add_fd() assumtions. it must be
talloc_free'ed before closing the fd! (bso##11141); (bso#11316).
+ Update to 0.9.24.
+ Ignore unexpected signal events in the same way the epoll backend does.
+ Update to 0.9.23.
+ Update the tevent_data.dox tutrial stuff to fix some errors, including
white space problems.
+ Use tevent_req_simple_recv_unix in a few places.
+ Update to 0.9.22.
+ Remove unused exit_code in tevent_select.c
+ Remove unused exit_code in tevent_poll.c
+ Build: improve detection of srcdir
+ Lib: tevent: make tevent_sig_increment atomic.
+ Update flags in tevent pkgconfig file
+ Utilize doxygen to generate the api documentation and package it.

Fixed bugs
bnc#939050
openSUSE comes with ldb 1.1.20 while 1.1.21 is available
bnc#939051
openSUSE comes with talloc 2.1.2 while 2.1.3 is available
bnc#949022
samba: winbind crash -> netlogon_creds_client_authenticator
bnc#951660
openSUSE comes with talloc 2.1.3 while 2.1.4 is available
bnc#958585
VUL-0: CVE-2015-8467: samba: Microsoft MS15-096 / CVE-2015-2535 needs matching fix in Samba
bnc#958584
VUL-0: CVE-2015-5296: samba: No man in the middle protection when forcing smb encryption on the client side
bnc#958586
VUL-0: CVE-2015-5330: samba: Remote read memory exploit in LDB
bnc#953382
samba+ssh: no failure message on login try if account is disabled in AD
bnc#958580
VUL-0: CVE-2015-7540: samba: Bogus LDAP request cause samba to use all the memory and be ookilled
bnc#958583
VUL-0: CVE-2015-5299: samba: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2)
bnc#958582
VUL-0: CVE-2015-5252: samba: Insufficient symlink verification (file access outside the share)
bnc#958581
VUL-0: CVE-2015-3223: samba: LDAP \00 search expression attack DoS in Samba 4.x
bnc#954658
ldb, talloc, tdb, and/ or tevent need to be updated
CVE-CVE-2015-8467
CVE-CVE-2015-5299
CVE-CVE-2015-7540
CVE-CVE-2015-5252
CVE-CVE-2015-3223
CVE-CVE-2015-5330
CVE-CVE-2015-5296
Selected Binaries
openSUSE Build Service is sponsored by
Places