Overview

File _patchinfo of Package patchinfo.10100

<patchinfo incident="10100">
  <issue tracker="cve" id="2019-3880"/>
  <issue tracker="bnc" id="1131060">VUL-0: EMBARGOED: CVE-2019-3880: samba: Save registry file outside share as unprivileged user in Samba 4.x</issue>
  <issue tracker="bnc" id="1124223">SES Samba Gateway setups should completely disable printer sharing</issue>
  <issue tracker="bnc" id="1127153">Samba vfs_ceph strict_allocate_ftruncate calls (local FS) ftruncate and fallocate</issue>
  <issue tracker="bnc" id="1099590">Accessing a SMB share on &gt; 4.6.7 results in an INTERNAL ERROR SIGNAL 11</issue>
  <issue tracker="bnc" id="1123755">samba winbind functionality breaks after update to 4.6.16+git.124</issue>
  <rating>moderate</rating>
  <packager>dmdiss</packager>
  <category>security</category>
  <summary>Security update for samba</summary>
  <description>This update for samba fixes the following issues:

Security issue fixed:

- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).

Non-security issues fixed:

- Fix vfs_ceph ftruncate and fallocate handling (bsc#1127153).
- Abide by load_printers smb.conf parameter (bsc#1124223).
- s3:winbindd: let normalize_name_map() call find_domain_from_name_noinit() (bsc#1123755).
- s3:passdb: Do not return OK if we don't have pinfo set up (bsc#1099590).
- s3:winbind: Fix regression (bsc#1123755).

This update was imported from the SUSE:SLE-12-SP3:Update update project.</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places