Description: | Summary: The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2015:0386-1 advisory.
Vulnerability Insight: Samba has been updated to fix one security issue:
* CVE-2015-0240: Don't call talloc_free on an uninitialized pointer (bnc#917376).
Additionally, these non-security issues have been fixed:
* Realign the winbind request structure following require_membership_of field expansion (bnc#913001). * Reuse connections derived from DFS referrals (bso#10123, fate#316512). * Set domain/workgroup based on authentication callback value (bso#11059). * Fix spoolss error response marshalling (bso#10984). * Fix spoolss EnumJobs and GetJob responses (bso#10905, bnc#898031). * Fix handling of bad EnumJobs levels (bso#10898). * Fix small memory-leak in the background print process (bnc#899558). * Prune idle or hung connections older than 'winbind request timeout' (bso#3204, bnc#872912). * Build: disable mmap on s390 systems (bnc#886193, bnc#882356). * Only update the printer share inventory when needed (bnc#883870). * Avoid double-free in get_print_db_byname (bso#10699).
Security Issues:
* CVE-2015-0240
Affected Software/OS: 'Samba' package(s) on SUSE Linux Enterprise Server 11 SP2.
Solution: Please install the updated package(s).
CVSS Score: 10.0
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
|