File _patchinfo of Package patchinfo.14814

<patchinfo incident="14814">
  <issue tracker="cve" id="2020-14383"/>
  <issue tracker="cve" id="2020-14323"/>
  <issue tracker="cve" id="2020-14318"/>
  <issue tracker="bnc" id="1177613">VUL-0: EMBARGOED: CVE-2020-14383: samba: Remote crash after adding MX records</issue>
  <issue tracker="bnc" id="1173902">VUL-1: EMBARGOED: CVE-2020-14318: samba: ChangeNotify does not check handle permissions</issue>
  <issue tracker="bnc" id="1173994">VUL-0: EMBARGOED: CVE-2020-14323: samba: Denial of service in winbindd.</issue>
  <packager>scabrero</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

Update to samba 4.11.14

- CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records (bsc#1177613).
- CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
- CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).
- lib/util: Do not install /usr/bin/test_util
- smbd: don't log success as error
- idmap_ad does not deal properly with a RFC4511 section 4.4.1 response;
- winbind: Fix a memleak
- idmap_ad: Pass tldap debug messages on to DEBUG()
- lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE
- ctdb disable/enable can fail due to race condition

This update was imported from the SUSE:SLE-15-SP2:Update update project.</description>
</patchinfo>