-
Wed Jun 01 2016 Andreas Schneider <asn@redhat.com> - 4.2.10-6.2
- related: #1333794 - Fix issues caused by security tightening for Badlock
o ntlm_auth issues and segfault
o rpcclient doesn't respect "client ipc *" options
o fix anonymous authentication if signing is mandatory
-
Fri May 06 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-6.1
- Fix issues caused by security tightening for Badlock:
- Only validate MIC when "map to guest" is set
- NetApp SMB servers don't negotiate NTLMSSP_SIGN
- Anonymous connections don't work anymore
- wbinfo -u or 'net ads search' don't work anymore
- Handle empty session in client code
- resolves: #1333794
-
Tue Apr 12 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-6
- Fix domain member winbind not being able to talk to trusted domains' DCs
- relates: #1322690
-
Mon Apr 11 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-5
- Fix crash in smb.conf processing
- relates: #1322690
-
Fri Apr 08 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-4
- Fix LDAP SASL bind with arcfour-hmac-md5
- resolves: #1322690
-
Thu Apr 07 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-3
- Make sure the package owns /var/lib/samba and uses it for cache purposes
- resolves: #1322690
-
Wed Apr 06 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-2
- Remove ldb modules and internal libraries for DC when not packaging DC build
- resolves: #1322690
-
Mon Apr 04 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-1
- resolves: #1322690
-
Fri Mar 04 2016 Andreas Schneider <asn@redhat.com> - 4.2.3-12
- resolves: #1314672 - Fix CVE-2015-7560
-
Fri Dec 11 2015 Guenther Deschner <gdeschner@redhat.com> - 4.2.3-11
- resolves: #1290710
- CVE-2015-3223 Remote DoS in Samba (AD) LDAP server
- CVE-2015-5299 Missing access control check in shadow copy code
- CVE-2015-5252 Insufficient symlink verification in smbd
- CVE-2015-5296 Samba client requesting encryption vulnerable to
downgrade attack