Errata overview
Errata ID 360
Date 2016-12-19
Source package samba
Fixed in version 2:4.5.1-1.849.201612152121
This update fixes the following issues:
* Overflow in Samba NDR parsing function ndr_pull_dnsp_name causes
  vulnerability to remote code execution (CVE-2016-2123).
* Unconditional privilege delegation to Kerberos servers in trusted realms
* Flaws in Kerberos PAC validation can trigger privilege elevation
* Samba has been updated to version 4.5.3. The Debian package version
  doesn't reflect this and stays at 2:4.5.1-1.849.
* Rejoining a DC Backup or DN Slave failed in UCS 4.1-4 because samba-tool
  domain join didn't support the option --keep existing any longer.
Additional notes
CVE ID CVE-2016-2123
UCS Bug number #43132