Samba was updated to fix three security issues.
These security issues were fixed:
* CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP
authentication (bso#11688, bsc#973031).
* CVE-2016-2111: Domain controller netlogon member computer could have
been spoofed (bso#11749, bsc#973032).
* CVE-2015-5252: Insufficient symlink verification (allowed file access
outside the share) (bso#11395, bnc#958582).
This non-security issue was fixed:
* Allow "delete readonly = yes" to correctly override deletion of a
file (bsc#913087, bso#5073)
Security Issues:
* CVE-2016-2110
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110</a>>
* CVE-2016-2111
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111</a>>
* CVE-2015-5252
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252</a>>
Contraindications: