File _patchinfo of Package patchinfo.25011

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.25011

<patchinfo incident="25011">
  <issue tracker="bnc" id="1199247">Samba 4.15 regrestion - netgroups dropped</issue>
  <issue tracker="bnc" id="1200964">autoyast auth-client for AD does not install required packages</issue>
  <issue tracker="bnc" id="1198255">winbind is not starting: Failed to initialize passdb backend! after updating to recent samba-winbind packages</issue>
  <issue tracker="bnc" id="1200556">smbclient - NT_STATUS_OBJECT_PATH_NOT_FOUND deleting remote file on DFS</issue>
  <issue tracker="bnc" id="1196224">User Kerberos Tickets are not refresh or get destroyed after Update to samba 4.15.4</issue>
  <issue tracker="bnc" id="1199734">Cannot join windows domain with YaST</issue>
  <issue tracker="bnc" id="1201492">VUL-0: EMBARGOED: CVE-2022-32745: samba, ldb: AD users can crash the server process with an LDAP add or modify request</issue>
  <issue tracker="bnc" id="1201493">VUL-0: EMBARGOED: CVE-2022-32744: samba, ldb: AD users can forge password change requests for any user</issue>
  <issue tracker="bnc" id="1201490">VUL-0: EMBARGOED: CVE-2022-32746: samba,ldb: Use-after-free occurring in database audit logging module</issue>
  <issue tracker="bnc" id="1201496">VUL-0: EMBARGOED: CVE-2022-32742: samba: Server memory information leak via SMB1</issue>
  <issue tracker="bnc" id="1201495">VUL-0: EMBARGOED: CVE-2022-2031: samba, ldb: AD users can bypass certain restrictions associated with changing passwords</issue>
  <issue tracker="cve" id="2022-2031"/>
  <issue tracker="cve" id="2022-32744"/>
  <issue tracker="cve" id="2022-32746"/>
  <issue tracker="cve" id="2022-32742"/>
  <issue tracker="cve" id="2022-32745"/>
  <packager>scabrero</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ldb, samba</summary>
  <description>This update for ldb, samba fixes the following issues:

- CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490).
- CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request (bsc#1201492).
- CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495).
- CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496).
- CVE-2022-32744: Fixed an arbitrary password change request for any AD user (bsc#1201493).

The following security bugs were fixed:

samba was updated to 4.15.8:

* Use pathref fd instead of io fd in vfs_default_durable_cookie;
  (bso#15042);
* Setting fruit:resource = stream in vfs_fruit causes a panic;
  (bso#15099);
* Add support for bind 9.18; (bso#14986);
* logging dsdb audit to specific files does not work; (bso#15076);
* vfs_gpfs with vfs_shadowcopy2 fail to restore file if original
  file had been deleted; (bso#15069);
* netgroups support removed; (bso#15087); (bsc#1199247);
* net ads info shows LDAP Server: 0.0.0.0 depending on contacted
  server; (bso#14674); (bsc#1199734);
* waf produces incorrect names for python extensions with Python
  3.11; (bso#15071);
* smbclient commands del &amp; deltree fail with
  NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
  (bsc#1200556);
* vfs_gpfs recalls=no option prevents listing files; (bso#15055);
* waf produces incorrect names for python extensions with Python
  3.11; (bso#15071);
* Compile error in source3/utils/regedit_hexedit.c; (bso#15091);
* ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link;
  (bso#15108);
* smbd doesn't handle UPNs for looking up names; (bso#15054);
* Out-by-4 error in smbd read reply max_send clamp; (bso#14443);

- Move pdb backends from package samba-libs to package
  samba-client-libs and remove samba-libs requirement from
  samba-winbind; (bsc#1200964); (bsc#1198255);
- Use the canonical realm name to refresh the Kerberos tickets;
  (bsc#1196224); (bso#14979);
- Fix  smbclient commands del &amp; deltree failing with
  NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
  (bsc#1200556).

ldb was updated to version 2.4.3

* Fix build problems, waf produces incorrect names for python extensions; (bso#15071);
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.25011

Places