Errata overview
Errata ID 35
Date 2015-12-16
Source package samba
Fixed in version 2:4.3.3-1.812.201512111459
This updates Samba to version 4.3.3 and addresses the following issues:
* Samba 4.3.3 fixes a couple of security issues, see CVE list
* In certain situations samba restart left samba in a non-functional state.
* When closing sessions the smbd server processes exited with a memory
  corruption error.
* Samba could expose Windows DCs to MS15-096 Denial of service via the
  creation of multiple machine accounts. Pure Samba domains as in UCS
  are not affected directly (CVE-2015-2535)
* Malicious request can cause Samba LDAP server to hang consuming CPU time
* Insufficient symlink verification (file access outside of share)
* Samba client requesting encryption vulnerable to downgrade attack
* Missing access control check in the VFS shadow_copy2 module could allow
  unauthorized users to access snapshots (CVE-2015-5299)
* Remote read of uninitialized memory from Samba LDAP server (CVE-2015-5330)
Additional notes
CVE ID CVE-2015-2535
UCS Bug number #40132