File _patchinfo of Package patchinfo.6041

<patchinfo incident="6041">
  <issue id="1027593" tracker="bnc">samba: new default "winbind expand groups = 0" results in AD users can not change group</issue>
  <issue id="1060427" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-14746: samba: remote code execution</issue>
  <issue id="1063008" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-15275: samba: message_push_string() can leak uninitialized heap data to a client via SMB1.</issue>
  <issue id="2017-15275" tracker="cve" />
  <issue id="2017-14746" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>scabrero</packager>
  <description>

This update for samba fixes the following issues:

Security issues fixed:

- CVE-2017-14746: Fixed a use-after-free vulnerability that could be used to crash smbd or potentially execute code (bsc#1060427).
- CVE-2017-15275: Fixed a server heap memory information leak (bsc#1063008).

Non-security issues fixed:

- Update 'winbind expand groups' doc in smb.conf man page;
  (bsc#1027593).
</description>
  <summary>Security update for samba</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.6041

Places
