Accepting request 939491 from home:scabrero:branches:network:samba:STABLE

- Update to 4.15.3
  * Recursive directory delete with veto files is broken in 4.15.0;
    (bso#14878);
  * A directory containing dangling symlinks cannot be deleted by
    SMB2 alone when they are the only entry in the directory;
    (bso#14879);
  * SIGSEGV in rmdir_internals/synthetic_pathref - dirfsp is used
    uninitialized in rmdir_internals(); (bso#14892);
  * MaxQueryDuration not honoured in Samba AD DC LDAP; (bso#14694);
  * The CVE-2020-25717 username map [script] advice has undesired
    side effects for the local nt token; (bso#14901); (bsc#1192849);
  * User with multiple spaces (eg Fred<space><space>Nurk) become
    un-deletable; (bso#14902);
  * Avoid storing NTTIME_THAW (-2) as value on disk; (bso#14127);
  * smbXsrv_client_global record validation leads to crash if existing
    record points at non-existing process; (bso#14882);
  * Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call;
    (bso#14890);
  * Samba process doesn't log to logfile; (bso#14897);
  * set_ea_dos_attribute() fallback calling get_file_handle_for_metadata()
    triggers locking.tdb assert; (bso#14907);
  * Kerberos authentication on standalone server in MIT realm broken;
    (bso#14922);
  * Segmentation fault when joining the domain; (bso#14923);
  * Support for ROLE_IPA_DC is incomplete; (bso#14903);
  * rpcclient cannot connect to ncacn_ip_tcp services anymore;
    (bso#14767);
  * winexe crashes since 4.15.0 after popt parsing; (bso#14893);
  * net ads status -P broken in a clustered environment; (bso#14908);
  * Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before

OBS-URL: https://build.opensuse.org/request/show/939491
OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=654

samba-4.15.2+git.198.31589c962bd.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a0c51f46b902ca5d80f2dace17d5a359067bac1d570d331487814b0e87c66353
-size 25422254

samba-4.15.3+git.202.8c873cabef9.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5ce4fe667851395f29964e3b8719e90d93e7ca753427be1313a40303eb551d10
+size 25459614

samba.changes

@@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Fri Dec 10 17:13:28 UTC 2021 - Samuel Cabrero <scabrero@suse.de>
+
+- Update to 4.15.3
+  * Recursive directory delete with veto files is broken in 4.15.0;
+    (bso#14878);
+  * A directory containing dangling symlinks cannot be deleted by
+    SMB2 alone when they are the only entry in the directory;
+    (bso#14879);
+  * SIGSEGV in rmdir_internals/synthetic_pathref - dirfsp is used
+    uninitialized in rmdir_internals(); (bso#14892);
+  * MaxQueryDuration not honoured in Samba AD DC LDAP; (bso#14694);
+  * The CVE-2020-25717 username map [script] advice has undesired
+    side effects for the local nt token; (bso#14901); (bsc#1192849);
+  * User with multiple spaces (eg Fred<space><space>Nurk) become
+    un-deletable; (bso#14902);
+  * Avoid storing NTTIME_THAW (-2) as value on disk; (bso#14127);
+  * smbXsrv_client_global record validation leads to crash if existing
+    record points at non-existing process; (bso#14882);
+  * Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call;
+    (bso#14890);
+  * Samba process doesn't log to logfile; (bso#14897);
+  * set_ea_dos_attribute() fallback calling get_file_handle_for_metadata()
+    triggers locking.tdb assert; (bso#14907);
+  * Kerberos authentication on standalone server in MIT realm broken;
+    (bso#14922);
+  * Segmentation fault when joining the domain; (bso#14923);
+  * Support for ROLE_IPA_DC is incomplete; (bso#14903);
+  * rpcclient cannot connect to ncacn_ip_tcp services anymore;
+    (bso#14767);
+  * winexe crashes since 4.15.0 after popt parsing; (bso#14893);
+  * net ads status -P broken in a clustered environment; (bso#14908);
+  * Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before
+    smbd_smb2_ioctl_send; (bso#14788);
+  * winbindd doesn't start when "allow trusted domains" is off;
+    (bso#14899);
+  * smbclient login without password using '-N' fails with
+    NT_STATUS_INVALID_PARAMETER on Samba AD DC; (bso#14883);
+  * A schannel client incorrectly detects a downgrade connecting to
+    an AES only server; (bso#14912);
+  * Possible null pointer dereference in winbind; (bso#14921);
+  * Fix -k legacy option for client tools like smbclient, rpcclient,
+    net, etc.; (bso#14846);
+  * Add Debian 11 CI bootstrap support; (bso#14872);
+  * Crash in recycle_unlink_internal(); (bso#14888);
+
 -------------------------------------------------------------------
 Thu Nov 18 17:18:40 UTC 2021 - Samuel Cabrero <scabrero@suse.de>
 

samba.spec

@@ -184,7 +184,7 @@ BuildRequires:  liburing-devel
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-Version:        4.15.2+git.198.31589c962bd
+Version:        4.15.3+git.202.8c873cabef9
 Release:        0
 URL:            https://www.samba.org/
 Obsoletes:      samba-32bit < %{version}
@@ -318,6 +318,7 @@ Summary:        Samba libraries
 License:        GPL-3.0-or-later
 Group:          Development/Libraries/C and C++
 Requires:       krb5
+Requires:       libldb2 >= %{ldb_version}
 Recommends:     samba-libs-python3 = %{version}
 
 %description libs