This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . - CVE-2022-32742: Fixed a memory leak in SMB1 . - CVE-2022-32744: Fixed an arbitrary password change request for any AD user . The following non-security bug were fixed: ldb was updated to version 2.4.3: + Fix build problems, waf produces incorrect names for python extensions; ; samba was updated to 4.15.8: * Use pathref fd instead of io fd in vfs_default_durable_cookie; ; * Setting fruit:resource = stream in vfs_fruit causes a panic; ; * Add support for bind 9.18; ; * logging dsdb audit to specific files does not work; ; * vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted; ; * netgroups support removed; ; ; * net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; ; ; * waf produces incorrect names for python extensions with Python 3.11; ; * smbclient commands del deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; ; ; * vfs_gpfs recalls=no option prevents listing files; ; * waf produces incorrect names for python extensions with Python 3.11; ; * Compile error in source3/utils/regedit_hexedit.c; ; * ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link; ; * smbd doesn"t handle UPNs for looking up names; ; * Out-by-4 error in smbd read reply max_send clamp; - Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; ; ; - Use the canonical realm name to refresh the Kerberos tickets; ; ; - Fix smbclient commands del deltree failing with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; ; .