Update Info


Security update for samba

Type: security
Severity: moderate
Issued: 2018-12-10
This update for samba fixes the following issues:

Update to samba version 4.7.11.

Security issues fixed:

- CVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server (bsc#1116319).
- CVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal (bsc#1116320).
- CVE-2018-16851: Fixed NULL pointer de-reference in Samba AD DC LDAP server (bsc#1116322).
- CVE-2018-16853: Mark MIT support for the AD DC experimental (bsc#1116324).

Non-security issues fixed:

- Fixed do not take over stderr when there is no log file (bsc#1101499).
- Fixed ctdb_mutex_ceph_rados_helper deadlock; (bsc#1102230).
- Fixed ntlm authentications with "winbind use default domain = yes"; (bsc#1068059).
- Fixed idmap_rid to have primary group other than "Domain Users"; (bsc#1087931).
- Fixed windows domain with one way trust that was not working (bsc#1087303).



  • samba-4.7.11+git.140.6bd0e5b30d8-4.21.1