Overview

File _patchinfo of Package patchinfo.8932

<patchinfo incident="8932">
  <issue tracker="bnc" id="1102230">deadlock with ctdb_mutex_ceph_rados_helper</issue>
  <issue tracker="bnc" id="1087931">winbind -&gt; idmap_rid: default group always set to "Domain Users" not evaluating PrimaryGroupID ldap attribute</issue>
  <issue tracker="bnc" id="1110943">Update samba to 4.6.16</issue>
  <issue tracker="bnc" id="1068059">winbindd: do not modify credentials in NTLM passthrough (13126)</issue>
  <issue tracker="bnc" id="1095057">VUL-0: CVE-2018-10919: samba: Confidential attribute disclosure via substring search</issue>
  <issue tracker="cve" id="2018-10919"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>scabrero</packager>
  <description>

Samba was updated to 4.6.15, bringing bug and security fixes. (bsc#1110943)

Following security issues were fixed:

- CVE-2018-10919: Fix unauthorized attribute access via searches. (bsc#1095057);

Non-security bugs fixed:

- Fix ctdb_mutex_ceph_rados_helper deadlock (bsc#1102230).
- Allow idmap_rid to have primary group other than "Domain Users" (bsc#1087931).
- winbind: avoid using fstrcpy in _dual_init_connection.
- Fix ntlm authentications with "winbind use default domain = yes" (bsc#1068059).

This update was imported from the SUSE:SLE-12-SP3:Update update project.</description>
  <summary>Security update for samba</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places