Errata overview
Errata ID 148
Date 2014-07-14
Source package samba
Fixed in version 4.1.0-1.652.201407091607
* These four security vulnerabilities have been fixed:
  * Denial of service (infinite CPU loop) in nmbd
  * Denial of service (daemon crash) in the smbd file server daemon
  * Information leak in shadow_copy VFS module (not used in the default
  * Incorrect parsing of the require_membership_of option in Winbind
* Additionally this update fixes an issue which caused a problem for the
  Windows DPAPI. To users it appeared as if stored credentials for Windows
  applications would not be remembered any longer by the applications
  after they changed the logon password for their account. Domains
  affected by this need to manually remove the object
  "CN=BCKUPKEY_PREFERRED Secret" from the Samba directory service after
  the update to make Samba internally generate a new ticket for the 
  Backupkey protocol.
Additional notes
CVE ID CVE-2014-0244
UCS Bug number #35192