Overview

File _patchinfo of Package patchinfo.3827

<patchinfo incident="3827">
  <issue id="975299" tracker="bnc">Segfault from smbtorture in opendir</issue>
  <issue id="986675" tracker="bnc">L3: SUSE-12-SP1-2016-604 - breaks NTLM passthrough in Mozilla Firefox</issue>
  <issue id="1014442" tracker="bnc">VUL-0: EMBARGOED: CVE-2016-2126: samba: denial of service due to a client triggered crash in the winbindd parent</issue>
  <issue id="1014441" tracker="bnc">VUL-0: EMBARGOED: CVE-2016-2125: samba: don't send delegated credentials to all servers</issue>
  <issue id="1009085" tracker="bnc">SMBCLIENT tries netbios over port 139 even after "disable netbios" parameter is used.</issue>
  <issue id="994500" tracker="bnc">After updating to SLES 12 SP1 from SLES 11 SP4 Winbind is causing high utilization.</issue>
  <issue id="991564" tracker="bnc">samba won't stop doing dns updates (even with allow dns updates = disabled)</issue>
  <issue id="997833" tracker="bnc">Login to smb with and without domain</issue>
  <issue id="1014437" tracker="bnc">VUL-0: EMBARGOED: CVE-2016-2123: samba: Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnera</issue>
  <issue id="1001203" tracker="bnc">Include vfstest in samba-test</issue>
  <issue id="2016-2125" tracker="cve" />
  <issue id="2016-2126" tracker="cve" />
  <issue id="2016-2123" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jmcdough</packager>
  <description>
This update for samba fixes the following issues:

Security issues fixed:

- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441).
- CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd
  parent process. (bsc#1014442).
- CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution Vulnerability. (bsc#1014437).
  This issue does not affect our packages, as the component is not built.

Non security issues fixed:

- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port (bsc#1009085)
- Add doc changes for net ads --no-dns-updates switch (bsc#991564)
- Include vfstest in samba-test (bsc#1001203).
- s3/winbindd: using default domain with user@domain.com format fails (bsc#997833).
- Fix illegal memory access after memory has been deleted (bsc#975299).
- Fix bug in tevent poll backend causing winbind to loop tightly (bsc#994500).
- Various fixes for spnego/ntlm (bsc#986675).
</description>
  <summary>Security update for samba</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places