File _patchinfo of Package patchinfo.5008

<patchinfo incident="5008">
  <issue id="1042419" tracker="bnc">smbclient unable to parse name from info level 260 on windows10</issue>
  <issue id="1044084" tracker="bnc">L3: samba/winbind runs out of memory after upgrade from SLES 12 SP1 to SP2</issue>
  <issue id="1050707" tracker="bnc">L3-Question: samba published printers disappear after working for some time</issue>
  <issue id="1058565" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-12151: samba: Keep required encryption across SMB3 dfs redirects</issue>
  <issue id="1058622" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-12150: samba: Some code path don't enforce smb signing, when they should.</issue>
  <issue id="1058624" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-12163: samba: Server memory information leak over SMB1</issue>
  <issue id="2017-12150" tracker="cve" />
  <issue id="2017-12151" tracker="cve" />
  <issue id="2017-12163" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>npower</packager>
  <description>This update for samba fixes several issues.

These security issues were fixed:

- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to
  file, leaking information from the server to the client (bsc#1058624).
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622).
- CVE-2017-12151: Keep required encryption across SMB3 dfs redirects (bsc#1058565).

These non-security issues were fixed:

- Fixed error where short name length was read as 2 bytes, should be 1 (bsc#1042419)
- Fixed GUID string format on GetPrinter to prevent published printers from disappearing 7 (bsc#1050707).
- Halt endless forest trust scan to prevent winbind from running out of memory (bsc#1044084).
</description>
  <summary>Security update for samba</summary>
</patchinfo>