File _patchinfo of Package patchinfo.16550

<patchinfo incident="16550">
  <issue tracker="cve" id="2020-1472"/>
  <issue tracker="bnc" id="1176579">EMU: VUL-0: CVE-2020-1472: samba: ZeroLogon: An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon El</issue>
  <packager>scabrero</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

- ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established
 a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC) 
 (CVE-2020-1472, bsc#1176579).

- Update to samba 4.11.13
  + s3: libsmb: Fix SMB2 client rename bug to a Windows server; (bso#14403);
  + dsdb: Allow "password hash userPassword schemes = CryptSHA256" to work
    on RHEL7; (bso#14424);
  + dbcheck: Allow a dangling forward link outside our known NCs; (bso#14450);
  + lib/debug: Set the correct default backend loglevel to MAX_DEBUG_LEVEL;
    (bso#14426);
  + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428);
  + lib/util: do not install "test_util_paths"; (bso#14370);
  + lib:util: Fix smbclient -l basename dir; (bso#14345);
  + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428);
  + util: Allow symlinks in directory_create_or_exist; (bso#14166);
  + docs: Fix documentation for require_membership_of of pam_winbind;
    (bso#14358);
  + s3:winbind:idmap_ad: Make failure to get attrnames for schema mode fatal;
    (bso#14425);
</description>
</patchinfo>