Overview

File _patchinfo of Package patchinfo.213

<patchinfo incident="samba">
  <packager>lijews</packager>
  <issue tracker="bso" id="10064"></issue>
  <issue tracker="bso" id="10073"></issue>
  <issue tracker="bso" id="9678"></issue>
  <issue tracker="bso" id="9994"></issue>
  <issue tracker="bso" id="10076"></issue>
  <issue tracker="bso" id="10097"></issue>
  <issue tracker="bso" id="10106"></issue>
  <issue tracker="bso" id="10114"></issue>
  <issue tracker="bso" id="5917"></issue>
  <issue tracker="bso" id="9615"></issue>
  <issue tracker="bso" id="9899"></issue>
  <issue tracker="bso" id="10139"></issue>
  <issue tracker="bso" id="10127"></issue>
  <issue tracker="bso" id="8955"></issue>
  <issue tracker="bso" id="10167"></issue>
  <issue tracker="bso" id="10187"></issue>
  <issue tracker="bso" id="10194"></issue>
  <issue tracker="cve" id="CVE-2013-4475"></issue>
  <issue tracker="bnc" id="848101">VUL-0: CVE-2013-4475: samba: No access check verification on stream files.</issue>
  <issue tracker="bso" id="10229"></issue>
  <issue tracker="bnc" id="838472">Client trying to delete print job fails: Samba returns: WERR_INVALID_PRINTER_NAME</issue>
  <issue tracker="bnc" id="849226">upstream fixes tracker bug for Oct/Nov 2013 update</issue>
  <issue tracker="bso" id="9993"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>update for samba</summary>
  <description>the following security issues were fixed in samba:
- ACLs are not checked on opening an alternate data stream on a file or
  directory; CVE-2013-4475; (bso#10229); (bnc#848101).

- Fix memleak in reload_printers_full(); (bso#9993).

- Valid utf8 filenames cause "invalid conversion error" messages; (bso#10139).
- s3: smb2 breaks "smb encryption = mandatory"; (bso#10167).
- Missing talloc_free can leak stackframe in error path; (bso#10187).
- Offline logon cache not updating for cross child domain group membership;
  (bso#10194).
- The preceding bugs are tracked by (bnc#849226) too.

- Make Samba work on site with Read Only Domain Controller; (bso#5917).
- Give machine password changes 10 minutes of time; (bso#8955).
- NetrServerPasswordSet2 timeout is too short; (bso#8955).
- Fix fallback to ncacn_np in cm_connect_lsat(); (bso#9615); (bso#9899).
- s3-winbind: Do not delete an existing valid credential cache; (bso#9994).
- 'net ads join': Fix segmentation fault in
  create_local_private_krb5_conf_for_domain; (bso#10073).
- Fix variable list in man vfs_crossrename; (bso#10076).
- MacOSX 10.9 will not follow path-based DFS referrals handed out by Samba;
  (bso#10097).
- Honour output buffer length set by the client for SMB2 GetInfo requests;
  (bso#10106).
- Handle Dropbox (write-only-directory) case correctly in pathname lookup;
  (bso#10114).
- Fix 'smbstatus' as non-root user; (bso#10127).
- The preceding bugs are tracked by (bnc#849226) too.

- Windows 8 Roaming profiles fail; (bso#9678).
- Linux kernel oplock breaks can miss signals; (bso#10064).
- The preceding bugs are tracked by (bnc#849226) too.

- Verify source tar ball gpg signature.

- Store and return the correct spoolss jobid in notifications; (bnc#838472).


- Reload snums before processing the printer list. (bnc#817880).</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places