Security update for samba
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147).
Bugfixes:
- Don't package man pages for VFS modules that aren't built (bsc#993707).
- sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416).
- Document "winbind: ignore domains" parameter; (bsc#1019416).
- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).
This update was imported from the SUSE:SLE-12-SP1:Update update project.
-
Submitted by
James McDonough (jmcdough)
Fixed bugs
bnc#993692
custom app segfaults due to winbindd_free_response creating a core
bnc#993707
Samba rpm includes man pages for VFS modules which aren't packaged
bnc#1019416
"winbind:ignore domains" is a valid parameter for smb.conf but is not documented in the man page
bnc#1024416
samba/winbind high utilization, request for samba.org bugfix 12105
bnc#1027147
VUL-0: CVE-2017-2619: samba: symlink race permits opening files outside share directory
