File _patchinfo of Package patchinfo.4298

<patchinfo incident="4298">
  <issue id="993692" tracker="bnc">custom app segfaults due to  winbindd_free_response creating a core</issue>
  <issue id="993707" tracker="bnc">Samba rpm includes man pages for VFS modules which aren't packaged</issue>
  <issue id="1019416" tracker="bnc">&quot;winbind:ignore domains&quot; is a valid parameter for smb.conf but is not documented in the man page</issue>
  <issue id="1024416" tracker="bnc">samba/winbind high utilization, request for samba.org bugfix 12105</issue>
  <issue id="1027147" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-2619: samba: symlink race permits opening files outside share directory</issue>
  <issue id="2017-2619" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jmcdough</packager>
  <description>
This update for samba fixes the following issues:

Security issues fixed:
- CVE-2017-2619: Symlink race permits opening files outside share directory (bsc#1027147).

Bugfixes:
- Don't package man pages for VFS modules that aren't built (bsc#993707).
- sync_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416).
- Document "winbind: ignore domains" parameter; (bsc#1019416).
- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).
</description>
  <summary>Security update for samba</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.4298

Places
