SUSE-SU-2016:0164-1 -- SLES ldapsmb, libldb1, libsmbclient0, libtalloc2, libtdb1, libtevent0, libwbclient0, sambaID: oval:org.secpod.oval:def:89045327 | Date: (C)2021-08-03 (M)2022-09-22 |
Class: PATCH | Family: unix |
This update for Samba fixes the following security issues: - CVE-2015-5330: Remote read memory exploit in LDB - CVE-2015-5252: Insufficient symlink verification - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side - CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version Non-security issues fixed: - Prevent null pointer access in samlogon fallback when security credentials are null - Ensure samlogon fall-back requests are rerouted after kerberos failure - Ensure Your account is disabled message is displayed when attempting to ssh into locked account - Address unrecoverable winbind failure: key length too large - Take resource group sids into account when caching netsamlogon data - Fix lookup of groups with Local Domain scope from Active Directory - dependency issue with samba-winbind
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
ldapsmb |
libldb1 |
libsmbclient0 |
libtalloc2 |
libtdb1 |
libtevent0 |
libwbclient0 |
samba |