- Update to 4.3.3.

+ Malicious request can cause Samba LDAP server to hang, spinning using CPU;
    CVE-2015-3223; (bso#11325); (bnc#958581).
  + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
    (bnc#958586).
  + Insufficient symlink verification (file access outside the share);
    CVE-2015-5252; (bso#11395); (bnc#958582).
  + No man in the middle protection when forcing smb encryption on the client
    side; CVE-2015-5296; (bso#11536); (bnc#958584).
  + Currently the snapshot browsing is not secure thru windows previous version
    (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
  + Fix Microsoft MS15-096 to prevent machine accounts from being changed into
    user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).

OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=514

patches.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:478260fef1d481e5855738953e1be347a4e40707f3558df2296403435fa3871d
-size 29327
+oid sha256:bb5481a387e33c5d227939bfa8d307f081772bc1213e9af4ac884eef2b651325
+size 29379

samba.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Fri Dec 11 16:49:16 UTC 2015 - lmuelle@suse.com
+
+- Update to 4.3.3.
+  + Malicious request can cause Samba LDAP server to hang, spinning using CPU;
+    CVE-2015-3223; (bso#11325); (bnc#958581).
+  + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
+    (bnc#958586).
+  + Insufficient symlink verification (file access outside the share);
+    CVE-2015-5252; (bso#11395); (bnc#958582).
+  + No man in the middle protection when forcing smb encryption on the client
+    side; CVE-2015-5296; (bso#11536); (bnc#958584).
+  + Currently the snapshot browsing is not secure thru windows previous version
+    (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
+  + Fix Microsoft MS15-096 to prevent machine accounts from being changed into
+    user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
+
 -------------------------------------------------------------------
 Tue Dec  1 16:48:13 UTC 2015 - lmuelle@suse.com
 

samba.spec

@@ -122,7 +122,7 @@ BuildRequires:  libavahi-devel
 BuildRequires:  systemd
 BuildRequires:  systemd-devel
 %endif
-%define	samba_ver 4.3.2
+%define	samba_ver 4.3.3
 %define	samba_ver_suffix %nil
 %if "%{samba_ver_suffix}" == ""
 %define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz
@@ -144,11 +144,11 @@ BuildRequires:  systemd-devel
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-%define SOURCE_TIMESTAMP 3535
+%define SOURCE_TIMESTAMP 3551
 %define BRANCH %{version}
 %global with_mitkrb5 1
 %global with_dc 0
-Version:        4.3.2
+Version:        4.3.3
 Release:        0
 Url:            http://www.samba.org/
 Provides:       samba-gplv3 = %{version}

vendor-files.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:d0d7c9b656193c2a8d439b6f7cc9fccb9031ea457ed835c1594bbe6546d519f1
-size 53061
+oid sha256:82eb94dc104074b3e08554dbaf0a4a7b7f83cfdb6d510d0f198f2f95be2a99ff
+size 52928