| Description: | Summary:
The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2015:0386-1 advisory.
Vulnerability Insight:
Samba has been updated to fix one security issue:
* CVE-2015-0240: Don't call talloc_free on an uninitialized pointer
(bnc#917376).
Additionally, these non-security issues have been fixed:
* Realign the winbind request structure following
require_membership_of field expansion (bnc#913001).
* Reuse connections derived from DFS referrals (bso#10123,
fate#316512).
* Set domain/workgroup based on authentication callback value
(bso#11059).
* Fix spoolss error response marshalling (bso#10984).
* Fix spoolss EnumJobs and GetJob responses (bso#10905, bnc#898031).
* Fix handling of bad EnumJobs levels (bso#10898).
* Fix small memory-leak in the background print process (bnc#899558).
* Prune idle or hung connections older than 'winbind request timeout'
(bso#3204, bnc#872912).
* Build: disable mmap on s390 systems (bnc#886193, bnc#882356).
* Only update the printer share inventory when needed (bnc#883870).
* Avoid double-free in get_print_db_byname (bso#10699).
Security Issues:
* CVE-2015-0240
Affected Software/OS:
'Samba' package(s) on SUSE Linux Enterprise Server 11 SP2.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
