openSUSE-SU-2018:1727-1

Описание

Samba was updated to 4.6.14, fixing bugs and security issues:

Version update to 4.6.14 (bsc#1093664):

• vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425).
• Fix memory leak in vfs_ceph; (bso#13424).
• winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection; (bso#13294).
• s3:smb2_server: correctly maintain request counters for compound requests; (bso#13215).
• s3: smbd: Unix extensions attempts to change wrong field in fchown call; (bso#13375).
• s3:smbd: map nterror on smb2_flush errorpath; (bso#13338).
• vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async; (bso#13297).
• s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir(); (bso#13270).
• s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here; (bso#13244).
• s3:libsmb: allow -U'\administrator' to work; (bso#13206).
• CVE-2018-1057: s4:dsdb: fix unprivileged password changes; (bso#13272); (bsc#1081024).
• s3:smbd: Do not crash if we fail to init the session table; (bso#13315).
• libsmb: Use smb2 tcon if conn_protocol >= SMB2_02; (bso#13310).
• smbXcli: Add 'force_channel_sequence'; (bso#13215).
• smbd: Fix channel sequence number checks for long-running requests; (bso#13215).
• s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions; (bso#13197).
• s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions; (bso#13197).
• samba: Only use async signal-safe functions in signal handler; (bso#13240).
• subnet: Avoid a segfault when renaming subnet objects; (bso#13031).

• Fix vfs_ceph with 'aio read size' or 'aio write size' > 0; (bsc#1093664).
  • vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425).
  • Fix memory leak in vfs_ceph; (bso#13424).

This update was imported from the SUSE:SLE-12-SP3:Update update project.