SUSE-SU-2016:3298-1 -- SLES samba, ldapsmb, libldb1, libsmbclient0, libtalloc2, libtdb1, libtevent0, libwbclient0| ID: oval:org.secpod.oval:def:89045368 | Date: (C)2021-08-03 (M)2022-09-02 |
| Class: PATCH | Family: unix |
This update for samba provides the following fixes: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Prevent denial of service due to a client triggered crash in the winbindd parent process. Non security issues fixed: - Allow SESSION KEY setup without signing. - Fix crash bug in tevent_queue_immediate_trigger. - Don"t fail when using default domain with user at domain.com format. - Prevent core, make sure response-extra_data.data is always cleared out
| Platform: |
| SUSE Linux Enterprise Server 11 SP4 |
| Product: |
| samba |
| ldapsmb |
| libldb1 |
| libsmbclient0 |
| libtalloc2 |
| libtdb1 |
| libtevent0 |
| libwbclient0 |
