SUSE-SU-2016:3272-1 -- SLES libdcerpc-atsvc0ID: oval:org.secpod.oval:def:89045155 | Date: (C)2021-08-03 (M)2024-02-15 |
Class: PATCH | Family: unix |
This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution Vulnerability. The component affected is not built in our packages. Non security issues fixed: - s3/client: obey "disable netbios" smb.conf param, don"t connect via NBT port; - Add doc changes for net ads --no-dns-updates switch; - Include vfstest in samba-test; . - s3/winbindd: using default domain with user at domain.com format fails . - Fix illegal memory access after memory has been deleted . - Fix bug in tevent poll backend causing winbind to loop tightly . - Various fixes for spnego/ntlm .
Platform: |
SUSE Linux Enterprise Server 12 SP2 |