Update for ldb.openSUSE_13.1_Update, samba.openS... security moderate

samba: security update

This samba update fixes the following security and non security issues:

- Fix winbind service parameter usage; (bnc#890005).

- lib/param: change the default for "winbind expand groups" to "0";

- Update to 4.1.11.
+ A malicious browser can send packets that may overwrite the heap of the
target nmbd NetBIOS name services daemon; CVE-2014-3560; (bnc#889429).

- Fix "net time" segfault; (bso#10728); (bnc#889539).

- Update to 4.1.10.
+ net/doc: Make clear that net vampire is for NT4 domains only; (bso#3263).
+ dbcheck: Add check and test for various invalid userParameters values;
+ s4:dsdb/samldb: Don't allow 'userParameters' to be modified over LDAP for
now; (bso#8077).
+ Simple use case results in "no talloc stackframe around, leaking memory"
error; (bso#8449).
+ s4:dsdb/repl_meta_data: Make sure objectGUID can't be deleted; (bso#9763).
+ dsdb: Always store and return the userParameters as a array of LE 16-bit
values; (bso#10130).
+ s4:repl_meta_data: fix array assignment in
replmd_process_linked_attribute(); (bso#10294).
+ ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory();
+ dbchecker: Verify and fix broken dn values; (bso#10536).
+ dsdb: Rename private_data to rootdse_private_data in rootdse; (bso#10582).
+ s3: libsmbclient: Work around bugs in SLES cifsd and Apple smbx SMB1
servers; (bso#10587).
+ Fix "PANIC: assert failed at ../source3/smbd/open.c(1582): ret";
+ rid_array used before status checked - segmentation fault due to null
pointer dereference; (bso#10627).
+ Samba won't start on a machine configured with only IPv4; (bso#10653).
+ msg_channel: Fix a 100% CPU loop; (bso#10663).
+ s3: smbd: Prevent file truncation on an open that fails with share mode
violation; (bso#10671); (bnc#884056).
+ s3: SMB2: Fix leak of blocking lock records in the database; (bso#10673).
+ samba-tool: Add --site parameter to provision command; (bso#10674).
+ smbstatus: Fix an uninitialized variable; (bso#10680).
+ SMB1 blocking locks can fail notification on unlock, causing client
timeout; (bso#10684).
+ s3: smbd: Locking, fix off-by one calculation in brl_pending_overlap();
+ 'RW2' smbtorture test fails when -N is set to 2 due to the
invalid status check in the second client; (bso#10687).
+ wbcCredentialCache fails if challenge_blob is not first; (bso#10692).
+ Backport ldb-1.1.17 + changes from master; (bso#10693).
+ Fix SEGV from improperly formed SUBSTRING/PRESENCE filter; (bso#10693).
+ ldb: Add a env variable to disable RTLD_DEEPBIND; (bso#10693).
+ ldb: Do not build libldb-cmdline when using system ldb; (bso#10693).
+ ldb: Fix 1138330 Dereference null return value, fix CIDs 241329, 240798,
1034791, 1034792 1034910, 1034910); (bso#10693).
+ ldb: make the successful ldb_transaction_start() message clearer;
+ ldb:pyldb: Add some more helper functions for LdbDn; (bso#10693).
+ ldb: Use of NULL pointer bugfix; (bso#10693).
+ lib/ldb: Fix compiler warnings; (bso#10693).
+ pyldb: Decrement ref counters on py_results and quiet warnings;
+ s4-openldap: Remove use of talloc_reference in ldb_map_outbound.c;
+ dsdb: Return NO_SUCH_OBJECT if a basedn is a deleted object; (bso#10694).
+ s4:dsdb/extended_dn_in: Don't force DSDB_SEARCH_SHOW_RECYCLED; (bso#10694).
+ Backport autobuild/selftest fixes from master; (bso#10696).
+ Backport drs-crackname fixes from master; (bso#10698).
+ smbd: Avoid double-free in get_print_db_byname; (bso#10699).
+ Backport access check related fixes from master; (bso#10700).
+ Backport provision fixes from master; (bso#10703).
+ s3:smb2_read: let smb2_sendfile_send_data() behave like send_file_readX();
+ s3: Fix missing braces in nfs4_acls.c.

- Add missing newline to debug message in daemon_ready(); (bnc#865627).

- BuildRequire systemd-devel, configure --with-systemd, and modify the service
files accordingly on post-12.2 systems; (bso#10517); (bnc#865627).

- Prevent file truncation on an open that fails with share mode violation;
(bso#10671); (bnc#884056).

Dependend libraries were version updated:

libtdb was updated to version 1.3.0. (lots of bugfixes, some new functionality)
libtevent was updated to 0.9.21. (lots of bugfixes, some new functionality)
libldb was updated to to 1.1.17 (lots of bugfixes, some new functionality)
libtalloc was updated to 2.1.1. (lots of bugfixes, some new functionality)

Fixed bugs
winbind service doesn't pickup /etc/sysconfig/samba parameters
VUL-0: CVE-2014-3560: samba: Samba4 unstrcpy macro length is invalid
change the default for "winbind expand groups" to "0"
Samba file corruption as a result of failed lock check
net time segfaults without the '-S server' parameter
broken smbd PID file handling
Selected Binaries