Security update for samba
Samba was updated to 4.6.15, bringing bug and security fixes. (bsc#1110943)
Following security issues were fixed:
- CVE-2018-10919: Fix unauthorized attribute access via searches. (bsc#1095057);
Non-security bugs fixed:
- Fix ctdb_mutex_ceph_rados_helper deadlock (bsc#1102230).
- Allow idmap_rid to have primary group other than "Domain Users" (bsc#1087931).
- winbind: avoid using fstrcpy in _dual_init_connection.
- Fix ntlm authentications with "winbind use default domain = yes" (bsc#1068059).
This update was imported from the SUSE:SLE-12-SP3:Update update project.
-
Submitted by
Samuel Cabrero (scabrero)
Fixed bugs
bnc#1102230
deadlock with ctdb_mutex_ceph_rados_helper
bnc#1087931
winbind -> idmap_rid: default group always set to "Domain Users" not evaluating PrimaryGroupID ldap attribute
bnc#1110943
Update samba to 4.6.16
bnc#1068059
winbindd: do not modify credentials in NTLM passthrough (13126)
bnc#1095057
VUL-0: CVE-2018-10919: samba: Confidential attribute disclosure via substring search
