Overview

File _patchinfo of Package patchinfo.10854

<patchinfo incident="10854">
  <issue tracker="cve" id="2019-3880"/>
  <issue tracker="bnc" id="1126463">Samba First Login Failed Subsequent Ones Work</issue>
  <issue tracker="bnc" id="1131060">VUL-0: CVE-2019-3880: samba: Save registry file outside share as unprivileged user in Samba 4.x</issue>
  <issue tracker="bnc" id="1114459">winbind fails to allocate enough memory for high number of entries and returns NT_STATUS_NO_MEMORY</issue>
  <issue tracker="bnc" id="1106119">SMB2 quota support not working</issue>
  <issue tracker="bnc" id="1087481">Domain join fails with "net ads join" command when STARTTLS is enabled for ldap</issue>
  <packager>npower</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

Security issue fixed:

- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).

Non-security issues fixed:

- Fixed an issue where the first login failed and subsequent ones work (bsc#1126463).
- Fixed winbind running out of memory with high number of domain groups (bsc#1114459).
- Backport changes to support quotas with SMB2 (bsc#1106119).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places