Security update for samba
This update for samba provides the following fixes:
- CVE-2016-2119: Prevent client-side SMB2 signing downgrade. (bsc#986869)
- Fix possible ctdb crash when opening sockets with htons(IPPROTO_RAW). (bsc#969522)
- Honor smb.conf socket options in winbind. (bsc#975131)
- Fix ntlm-auth segmentation fault with squid. (bsc#986228)
- Implement new "--no-dns-updates" option in "net ads" command. (bsc#991564)
- Fix population of ctdb sysconfig after source merge. (bsc#981566)
This update was imported from the SUSE:SLE-12-SP1:Update project.
-
Submitted by
James McDonough (jmcdough)
Fixed bugs
bnc#981566
Can't find CTDB config file (expecting /etc/sysconfig/ctdb, /etc/default/ctdb or similar)
bnc#991564
samba won't stop doing dns updates (even with allow dns updates = disabled)
bnc#986228
ntlm_auth segfault when used with --helper-protocol=squid-2.5-ntlmssp
bnc#975131
winbindd does not set SO_KEEPALIVE for outgoing connections to port 445
bnc#969522
sockets with htons(IPPROTO_RAW) and CVE-2015-8543
bnc#986869
Client side SMB2 signing downgrade
