Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libndr-standard0-4.11.3+git.102.3e2882ca77e-1.1 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

Name: libndr-standard0 Distribution: openSUSE Tumbleweed
Version: 4.11.3+git.102.3e2882ca77e Vendor: openSUSE
Release: 1.1 Build date: Tue Dec 24 22:18:47 2019
Group: System/Libraries Build host: lamb22
Size: 2528840 Source RPM: samba-4.11.3+git.102.3e2882ca77e-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://www.samba.org/
Summary: NDR marshallers for the standard set of DCE/RPC interfaces
This subpackage contains NDR encoders/decoders for the set of standard
DCE/RPC interfaces found on Windows and Samba servers.

Provides

Requires

License

GPL-3.0-or-later

Changelog

* Tue Dec 10 2019 Noel Power <nopower@suse.com>
  - Update to samba 4.11.3
    + CVE-2019-14861: DNSServer RPC server crash, an authenticated user
      can crash the DCE/RPC DNS management server by creating records
      with matching the zone name; (bso#14138); (bsc#1158108).
    + CVE-2019-14870: DelegationNotAllowed not being enforced, the
      DelegationNotAllowed Kerberos feature restriction was not being
      applied when processing protocol transition requests (S4U2Self),
      in the AD DC KDC; (bso#14187); (bsc#1158109).
* Tue Oct 29 2019 Jim McDonough <jmcdonough@suse.com>
  - Update to samba 4.11.2
    + CVE-2019-10218: Client code can return filenames containing
      path separators; (bsc#1144902); (bso#14071).
    + CVE-2019-14833: Samba AD DC check password script does not
      receive the full password; (bso#12438).
    + CVE-2019-14847: User with "get changes" permission can crash
      AD DC LDAP server via dirsync; (bso#14040).
  - Fixes from 4.11.1
    + Overlinking libreplace against librt and pthread against every
      binary or library causes issues; (bso#14140);
    + kpasswd fails when built with MIT Kerberos; (bso#14155);
    + Fix spnego fallback from kerberos to ntlmssp in smbd server;
      (bso#14106);
    + Stale file handle error when using mkstemp on a share; (bso#14137);
    + non-AES schannel broken; (bso#14134);
    + Joining Active Directory should not use SAMR to set the password;
      (bso#13884);
    + smbclient can blunder into the SMB1 specific cli_RNetShareEnum()
      call on an SMB2 connection; (bso#14152);
    + Deleted records can be resurrected during recovery; (bso#14147);
    + getpwnam and getpwuid need to return data for ID_TYPE_BOTH group;
      (bso#14141);
    + winbind does not list forest trusts with additional trust
      attributes; (bso#14130);
    + fault report points to outdated documentation; (bso#14139);
    + pam_winbind with krb5_auth or wbinfo -K doesn't work for users of
      trusted domains/forests; (bso#14124);
    + classicupgrade results in uncaught exception - a bytes-like object
      is required, not 'str'; (bso#14136);
    + pod2man is not longer required, stop checking at build time;
      (bso#14131);
    + Exit code of ctdb nodestatus should not be influenced by deleted
      nodes; (bso#14129);
    + username/password authentication doesn't work with CUPS and
      smbspool; (bso#14128);
    + smbc_readdirplus() is incompatible with smbc_telldir() and
      smbc_lseekdir(); (bso#14094);
* Sat Oct 05 2019 James McDonough <jmcdonough@suse.com>
  - Update to samba 4.11.0
    + For details on all items see WHATSNEW.txt in samba-doc
      package
    + Python2 runtime support removed; python 3.4 or later required
    + Security improvements:
    - SMB1 disabled by default
    - lanman and plaintext authentication deprecated
    - winbind: PAM_AUTH and NTLM_AUTH events logged
    - GnuTLS 3.2 required; system FIPS mode setting honored
    + CephFS Snapshot integration, exposed as previous file
      versions
    + ctdb changes:
    - onnode -o option removed
    - ctdbd logs when using more than 90% of a CPU thread
    - CTDB_MONITOR_SWAP_USAGE variable removed
    + AD Domain controller improvements:
    - Upgrade AD databse format
    - BIND9_FLATFILE deprecated
    - default process model chagned to prefork
    - bind9 dns operation duration logging
    - Default schema updated to 2012_R2; function level is
      unchanged
    - many performance improvements
    + Configuration webserver support removed
* Tue Sep 03 2019 Samuel Cabrero <scabrero@suse.de>
  - Update to samba 4.10.8
    + CVE-2019-10197: user escape from share path definition;
      (bso#14035); (bsc#1141267);
* Fri Aug 30 2019 Noel Power <nopower@suse.com>
  - Fix build on newer systems by modifying samba.spec to use
    consistent non-relative paths for pammodules in configure line
    and specification of pam_winbind.so library to package.
* Tue Aug 27 2019 Noel Power <nopower@suse.com>
  - Update to samba 4.10.7
    + Unable to create or rename file/directory inside shares
      configured with vfs_glusterfs_fuse module; (bso#14010).
    + build: Allow build when '--disable-gnutls' is set; (bso#13844)
    + samba-tool: Add 'import samba.drs_utils' to fsmo.py;
      (bso#13973).
    + Fix 'Error 32 determining PSOs in system' message on old DB
      with FL upgrade; (bso#14008).
    + s4/libnet: Fix joining a Windows pre-2008R2 DC; (bso#14021)
    + join: Use a specific attribute order for the DsAddEntry
      nTDSDSA object; (bso#14046).
    + vfs_catia: Pass stat info to synthetic_smb_fname();
      (bso#14015).
    + lookup_name: Allow own domain lookup when flags == 0;
      (bso#14091).
    + s4 librpc rpc pyrpc: Ensure tevent_context deleted last;
      (bso#13932).
    + DEBUGC and DEBUGADDC doesn't print into a class specific log
      file; (bso#13915).
    + Request to keep deprecated option "server schannel",
      VMWare Quickprep requires "auto"; (bso#13949).
    + dbcheck: Fallback to the default tombstoneLifetime of 180 days;
      (bso#13967).
    + dnsProperty fails to decode values from older Windows versions;
      (bso#13969).
    + samba-tool: Use only one LDAP modify for dns partition fsmo
      role transfer; (bso#13973).
    + third_party: Update waf to version 2.0.17; (bso#13960).
    + netcmd: Allow 'drs replicate --local' to create partitions;
      (bso#14051).
    + ctdb-config: Depend on /etc/ctdb/nodes file; (bso#14017).
* Wed Aug 07 2019 npower <nopower@suse.com>
  - Prepare for use future use of kernel keyrings, modify
    /etc/pam.d/samba to include  pam_keyinit.so; (bsc#1144059).
* Thu Aug 01 2019 Samuel Cabrero <scabrero@suse.de>
  - Update samba-winbind script to work with systemd; (bsc#1132739);
  - Drop samba dhcpcd hook scripts
  - Update to samba 4.10.6
    + s3: winbind: Fix crash when invoking winbind idmap scripts;
      (bso#13956).
    + smbd does not correctly parse arguments passed to dfree and quota
      scripts; (bso#13964).
    + samba-tool dns: use bytes for inet_ntop; (bso#13965).
    + samba-tool domain provision: Fix --interactive module in python3;
      (bso#13828).
    + ldb_kv: Skip @ records early in a search full scan; (bso#13893).
    + docs: Improve documentation of "lanman auth" and "ntlm auth"
      connection; (bso#13981).
    + python/ntacls: Use correct "state directory" smb.conf option instead
      of "state dir"; (bso#14002).
    + registry: Add a missing include; (bso#13840).
    + Fix SMB guest authentication; (bso#13944).
    + AppleDouble conversion breaks Resourceforks; (bso#13958).
    + vfs_fruit makes direct use of syscalls like mmap() and pread();
      (bso#13968).
    + s3:mdssvc: Fix flex compilation error; (bso#13987).
    + s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly; (bso#13872).
    + dsdb:samdb: schemainfo update with relax control; (bso#13799).
    + s3:util: Move static file_pload() function to lib/util; (bso#13964).
    + smbd: Fix a panic; (bso#13957).
    + ldap server: Generate correct referral schemes; (bso#12478).
    + s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value;
      (bso#13941).
    + s4 dsdb: Fix use after free in samldb_rename_search_base_callback;
      (bso#13942).
    + dsdb/repl: we need to replicate the whole schema before we can apply it;
      (bso#12204).
    + ldb: Release ldb 1.5.5; (bso#12478).
    + Schema replication fails if link crosses chunk boundary backwards;
      (bso#13713).
    + 'samba-tool domain schemaupgrade' uses relax control and skips the
      schemaInfo update provision; (bso#13799).
    + dsdb_audit: avoid printing "... remote host [Unknown] SID [(NULL SID)]
      ..."; (bso#13916).
    + python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to
      get the ACL; (bso#13917).
    + s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary;
      (bso#13947).
    + Using Kerberos credentials to print using spoolss doesn't work;
      (bso#13939).
    + wafsamba: Use native waf timer; (bso#13998).
    + ctdb-scripts: Fix tcp_tw_recycle existence check; (bso#13984).
* Wed Jun 19 2019 Noel Power <nopower@suse.com>
  - Update to samba-4.10.5 (including updates for 4.10.4, 4.10.3)
    + CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found
      in DnssrvOperation2; (bso#13922); (bsc#1137815).
    + CVE-2019-12436 dsdb/paged_results: Ignore successful results
      without messages; (bso#13951); (bsc#1137816).
  - Update to samba-4.10.4
    + s3: SMB1: Don't allow recvfile on stream fsp's; (bso#13938).
    + py/provision: Fix for Python 2.6; (bso#13882).
    + netcmd: Fix 'passwordsettings --max-pwd-age' command;
      (bso#13873).
    + s3-libnet_join: 'net ads join' to child domain fails when
      using "-U admin@forestroot"; (bso#13861).
    + vfs_ceph: Explicitly enable libcephfs POSIX ACL support;
      (bso#13896); (bsc#1130245).
    + vfs_ceph: Fix cephwrap_flistxattr() debug message;
      (bso#13940); (bsc#1134697).
    + ctdb-common: Avoid race between fd and signal events;
      (bso#13895).
    + ctdb-common: Fix memory leak in run_proc; (bso#13943).
    + lib: Initialize getline() arguments; (bso#13892).
    + winbind: Fix overlapping id ranges; (bco#13903).
    + lib util debug: Increase format buffer to 4KiB; (bso#13902).
    + nsswitch pam_winbind: Fix Asan use after free; (bso#13927).
    + s4 lib socket: Ensure address string owned by parent struct;
      (bso#13929).
    + s3 rpc_client: Fix Asan stack use after scope; (bso#13936).
    + s3:smbd: Handle IO_REPARSE_TAG_DFS in
      SMB_FIND_FILE_FULL_DIRECTORY_INFO; (bso#10097).
    + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#10344).
    + smb2_sesssetup: avoid STATUS_PENDING responses for session setup;
      (bso#12845).
    + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#13698).
    + smb2_sesssetup: avoid STATUS_PENDING responses for session
      setup; (bso#13796).
    + dbcheck: Fix the err_empty_attribute() check; (bso#13843).
    + vfs_snapper: Drop unneeded fstat handler; (bso#13858).
    + vfs_default: Fix vfswrap_offload_write_send()
      NT_STATUS_INVALID_VIEW_SIZE check; (bso#13862).
    + smb2_server: Grant all 8192 credits to clients; (bso#13863).
    + smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling;
      (bso#13919).
    + s3/vfs_glusterfs: Dynamically determine NAME_MAX; (bso#13872).
    + s3: modules: ceph: Use current working directory instead of
      share path; (bso#13918); (bsc#1134452).
    + winbind: Use domain name from lsa query for sid_to_name cache
      entry; (bso#13831).
    + memcache: Increase size of default memcache to 512k;
      (bso#13865).
    + docs: Update smbclient manpage for "--max-protocol";
      (bso#13857).
    + s3:utils: If share is NULL in smbcacls, don't print it;
      (bso#13937).
    + s3:smbspool: Fix regression printing with Kerberos credentials;
      (bso#13939).
    + ctdb-scripts: CTDB restarts failed NFS RPC services by hand,
      which is incompatible with systemd; (bso#13860).
    + ctdb-daemon: Revert "We can not assume that just because we
      could complete a TCP handshake"; (bso#13888).
    + ctdb-daemon: Never use 0 as a client ID; (bso#13930).
    + ctdb-common: Fix memory leak; (bso#13943).
    + s3:debug: Enable logging for early startup failures;
      (bso#13904)
  - Update to samba-4.10.3
    + CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed
      checksum; (bso#13685); (bsc#1134024).
* Tue May 14 2019 David Disseldorp <ddiss@suse.com>
  - Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697).
  - Add ceph_snapshots VFS module; (jsc#SES-183).
* Wed May 08 2019 David Disseldorp <ddiss@suse.com>
  - Fix vfs_ceph realpath; (bso#13918); (bsc#1134452).
* Wed Apr 17 2019 npower <nopower@suse.com>
  - Update to samba-4.10.2:
    + CVE-2019-3870 (World writable files in
      Samba AD DC private/ dir); (bso#13834).
    + CVE-2019-3880 (Save registry file outside share as
      unprivileged user); (bso#13851).
    + py/kcc_utils: py2.6 compatibility; (bso#13837).
    + libcli: permit larger values of DataLength in
      SMB2_ENCRYPTION_CAPABILITIES of negotiate response;
      (bso#13869).
    + regfio: Improve handling of malformed registry hive files;
      (bso#13840).
    + ctdb-version: Simplify version string usage; (bso#13789).
    + lib: Make fd_load work for non-regular files; (bso#13859).
    + dbcheck: in the middle of the tombstone garbage collection
      causes replication failures,
      dbcheck: add --selftest-check-expired-tombstones cmdline
      option; (bso#13816).
    + ndr_spoolss_buf: Fix out of scope use of stack variable in
      NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818).
    + s4/messaging: Fix undefined reference in linking
      libMESSAGING-samba4.so; (bso#13854).
    + acl_read: Fix regression for empty lists; (bso#13836).
    + s4:dlz make b9_has_soa check dc=@ node; (bso#13841).
    + s3:client: Fix printing via smbspool backend with kerberos
      auth; (bso#13832).
    + s4:librpc: Fix installation of Samba; (bso#13847).
    + s3:lib: Fix the debug message for adding cache entries;
      (bso#13848).
    + s3:utils: Add 'smbstatus -L --resolve-uids' to show username;
      (bso#13793).
    + s3:lib: Fix the debug message for adding cache entries;
      (bso#13848).
    + s3:waf: Fix the detection of makdev() macro on Linux;
      (bso#13853).
    * ctdb-build: Drop creation of .distversion in tarball;
      (bso#13789).
    * ctdb-packaging: Test package requires tcpdump, ctdb package
      should not own system library directory;  (bso#13838).
  - Update to samba-4.10.1:
    + py/kcc_utils: py2.6 compatibility; (bso#13837);
    + libcli: permit larger values of DataLength in
      SMB2_ENCRYPTION_CAPABILITIES of negotiate response; (bso#13869);
    + regfio: Improve handling of malformed registry hive files; (bso#13840);
    + ctdb-version: Simplify version string usage; (bso#13789);
    + lib: Make fd_load work for non-regular files; (bso#13859);
    + dbcheck in the middle of the tombstone garbage collection causes
      replication failures, dbcheck: add --selftest-check-expired-tombstones
      cmdline option; (bso#13816);
    + ndr_spoolss_buf: Fix out of scope use of stack variable in
      NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818);
    + s4/messaging: Fix undefined reference in linking
      libMESSAGING-samba4.so; (bso#13854);
    + acl_read: Fix regression for empty lists; (bso#13836);
    + s4:dlz make b9_has_soa check dc=@ node; (bso#13841);
    + s3:client: Fix printing via smbspool backend with kerberos auth; (bso#13832);
    + s4:librpc: Fix installation of Samba; (bso#13847);
    + s3:lib: Fix the debug message for adding cache entries; (bso#13848);
    + s3:utils: Add 'smbstatus -L --resolve-uids' to show username; (bso#13793);
    + s3:lib: Fix the debug message for adding cache entries; (bso#13848);
    + s3:waf: Fix the detection of makdev() macro on Linux; (bso#13853);
    + ctdb-build: Drop creation of .distversion in tarball; (bso#13789);
    + ctdb-packaging: Test package requires tcpdump, ctdb package
      should not own system library directory; (bso#13838);
  - Update to samba-4.10.0:
    + s4-server: Open and close a transaction on sam.ldb at startup; (bso#13760);
    + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812);
    + s4/scripting/bin: Open unicode files with utf8 encoding and write
    + unicode string.
    + sambaundoguididx: Use the right escaped oder unescaped sam ldb
      files; (bso#13759);
    + Fix idmap cache pollution with S-1-22- IDs on winbind hickup; (bso#13813);
    + passdb: Update ABI to 0.27.2.
    + lib/winbind_util: Add winbind_xid_to_sid for --without-winbind; (bso#13813);
    + lib:util: Move debug message for mkdir failing to log level 1; (bso#13823);
* Sun Apr 14 2019 David Disseldorp <ddiss@suse.com>
  - Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245).
* Tue Apr 02 2019 npower <nopower@suse.com>
  - CVE-2019-3880: Save registry file outside share as unprivileged
    user; (bso#13851); (bsc#1131060 ).
* Wed Mar 27 2019 David Mulder <dmulder@suse.com>
  - Update to samba-4.9.5
    + audit_logging: Remove debug log header and JSON Authentication:
      prefix; (bso#13714);
    + Fix upgrade from 4.7 (or earlier) to 4.9; (bso#13760);
    + s3: lib: nmbname: Ensure we limit the NetBIOS name correctly; (bso#
      CID: 1433607; (bso#11495);
    + smbd: uid: Don't crash if 'force group' is added to an existing
      share connection; (bso#13690);
    + s3: VFS: vfs_fruit. Fix the NetAtalk deny mode compatibility
      code; (bso#13770);
    + s3: SMB1 POSIX mkdir does case insensitive name lookup; (bso#13803);
    + s3:utils/smbget fix recursive download with empty source
      directories; (bso#13199);
    + samba-tool drs showrepl: Do not crash if no dnsHostName found; (bso#13716);
    + s3:libsmb: cli_smb2_list() can sometimes fail initially on a
      connection; (bso#13736);
    + join: Throw CommandError instead of Exception for simple errors; (bso#13747);
    + ldb: Avoid inefficient one-level searches; (bso#13762);
    + s3: libsmb: use smb2cli_conn_max_trans_size() in
      cli_smb2_list(); (bso#13736);
    + tldap: Avoid use after free errors; (bso#13776);
    + Fix idmap xid2sid cache churn; (bso#13802);
    + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812);
    + s3-smbd: Avoid assuming fsp is always intact after close_file
      call; (bso#13720);
    + s3-vfs-fruit: Add close call; (bso#13725);
    + s3-smbd: Use fruit:model string for mDNS registration; (bso#13746);
    + s3-vfs: add glusterfs_fuse vfs module; (bso#13774);
    + printing: Check lp_load_printers() prior to pcap cache update; (bso#13766);
    + vfs_ceph: vfs_ceph strict_allocate_ftruncate calls (local FS)
      ftruncate and fallocate; (bso#13807);
    + lib/audit_logging: Actually create talloc; (bso#13737);
    + netcmd/user: python[3]-gpgme unsupported and replaced by
      python[3]-gpg; (bso#13728);
    + dns: Changing onelevel search for wildcard to subtree; (bso#13738);
    + samba-tool: Don't print backtrace on simple DNS errors; (bso#13721);
    + sambaundoguididx: Use the right escaped oder unescaped sam ldb
      files; (bso#13759);
    + ctdb: Print locks latency in machinereadable stats; (bso#13742);
    + messages_dgm: Messaging gets stuck when pids are recycled; (bso#13786);
    + audit_logging: auth_json_audit required auth_json; (bso#13715);
    + man pages: Document prefork process model; (bso#13765);
    + CVE-2019-3824 ldb: Release ldb 1.4.6; (bso#13773);
    + s3:auth: ignore create_builtin_guests() failing without a valid
      idmap configuration; (bso#13697);
    + s3:auth_winbind: Ignore a missing winbindd as NT4 PDC/BDC
      without trusts; (bso#13722);
    + s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd
      is not available; (bso#13723);
    + s4:server: Add support for 'smbcontrol samba shutdown' and
      'smbcontrol <pid> debug/debuglevel'; (bso#13752);
    + Python: Ensure ldb.Dn can doesn't rencoded str with py2; (bso#13616);
    + vfs_glusterfs: Adapt to changes in libgfapi signatures; (bso#13330);
    + s3-vfs: Use ENOATTR in errno comparison for getxattr; (bso#13774);
    + notifyd: Fix SIGBUS on sparc; (bso#13704);
    + waf: Check for libnscd; (bso#13787);
    + s3:vfs: Correctly check if OFD locks should be enabled or not; (bso#13770);
    + lib/util: Count a trailing line that doesn't end in a newline; (bso#13717);
    + Recovery lock bug fixes; (bso#13800);
    + s3: net: Do not set NET_FLAGS_ANONYMOUS with -k; (bso#13726);
    + s3:libsmb: Honor disable_netbios option in smbsock_connect_send; (bso#13727);
    + vfs_fileid: Fix get_connectpath_ino; (bso#13741);
    + vfs_fileid: Fix fsname_norootdir algorithm; (bso#13744);
* Mon Mar 04 2019 David Disseldorp <ddiss@suse.com>
  - Fix vfs_ceph ftruncate and fallocate handling; (bso#13807); (bsc#1127153).
* Fri Feb 22 2019 Samuel Cabrero <scabrero@suse.de>
  - Fix update-apparmor-samba-profile script after apparmor switched
    to using named profiles. The change is backwards compatible;
    (bsc#1126377);
* Thu Feb 07 2019 David Mulder <dmulder@suse.com>
  - LoadParm().load_default() fails with "Unable to load default file";
    (bsc#1089758);
* Thu Feb 07 2019 ddiss@suse.com
  - Abide by load_printers smb.conf parameter; (bso#13766); (bsc#1124223);
* Mon Feb 04 2019 Samuel Cabrero <scabrero@suse.de>
  - s3:winbindd: let normalize_name_map() call find_domain_from_name_noinit();
    (bso#13173); (bsc#1123755);
  - s3:winbind: Fix regression introduced with bso #12851;
    (bso#12851); (bsc#1123755);
* Tue Jan 08 2019 nopower@suse.com
  - Update to samba-4.9.4
    + libcli/smb: Don't overwrite status code; (bso#9175).
    + wbinfo --group-info 'NT AUTHORITY\System' does not work; (bso#12164).
    + Session setup reauth fails to sign response; (bso#13661).
    + vfs_fruit: Validation of writes on AFP_AfpInfo stream; (bso#13677).
    + vfs_shadow_copy2: Nicely deal with attempts to open previous
      version for writing; (bso#13688).
    + Restoring previous version of stream with vfs_shadow_copy2 fails
      with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name; (bso#13455).
    + CVE-2018-16853: Fix S4U2Self crash with MIT KDC build; (bso#13571).
    + s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs; (bso#13708)
    + PEP8: fix E231: missing whitespace after ','.
    + winbindd: Fix crash when taking profiles;(bso#13629)
    + CVE-2018-14629 dns: Fix CNAME loop prevention using counter
      regression; (bso#13600)
    + 'samba-tool user syscpasswords' fails on a domain with many DCs; (bso#13686).
    + CVE-2018-16853: Do not segfault if client is not set; (bso#13571).
    + lib:util: Fix DEBUGCLASS pointer initializiation; (bso#13679)
    + ctdb-daemon: Exit with error if a database directory does not
      exist; (bso#13696).
    + s3:libads: Add net ads leave keep-account option; (bso#13498).
* Thu Dec 20 2018 David Mulder <dmulder@suse.com>
  - s3:passdb: Do not return OK if we don't have pinfo set up;
    (bsc#1099590); (bso#13376);
* Thu Dec 06 2018 Jan Engelhardt <jengelh@inai.de>
  - Drop more %if..%endif guards which are idempotent.
  - Drop requires on ldconfig which are already auto-discovered.
  - Do not ignore errors from useradd/groupadd.
* Thu Nov 29 2018 David Mulder <dmulder@suse.com>
  - Remove python2 build dependency from samba-libs; (bsc#1116900);
* Wed Nov 28 2018 Samuel Cabrero <scabrero@suse.de>
  - Update update-apparmor-samba-profile script to ignore the shares's
    paths containing substitution variables in any place, not only at the
    beginning of the path.
* Mon Nov 19 2018 Samuel Cabrero <scabrero@suse.de>
  - Update to samba-4.9.3
    + CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD
      Internal DNS server; (bso#13600); (bsc#1116319);
    + CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT; (bso#13628);
      (bsc#1116320);
    + CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server;
      (bso#13674); (bsc#1116322);
    + CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers;
      (bso#13669); (bsc#1116321);
    + CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos
      configuration (unsupported); (bso#13678); (bsc#1116324);
    + CVE-2018-16857: Bad password count in AD DC not always effective;
      window; (bso#13683); (bsc#1116323);
* Thu Nov 08 2018 Samuel Cabrero <scabrero@suse.de>
  - s3: winbind: Remove fstring from wb_acct_info struct; (bsc#1114459);
  - Use foreground execution mode for systemd samba daemons; (bsc#1112223);
* Thu Nov 08 2018 Samuel Cabrero <scabrero@suse.de>
  - Update to samba-4.9.2
    + dsdb: Add comments explaining the limitations of our current backlink
      behaviour; (bso#13418);
    + Fix problems running domain backups (handling SMBv2, sites); (bso#13621);
    + testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3;
      (bso#13465);
    + Make vfs_fruit able to cleanup AppleDouble files; (bso#13642);
    + File saving issues with vfs_fruit on samba >= 4.8.5; (bso#13646);
    + Enabling vfs_fruit looses FinderInfo; (bso#13649);
    + Cancelling of SMB2 aio reads and writes returns wrong error
      NT_STATUS_INTERNAL_ERROR; (bso#13667);
    + Fix CTDB recovery record resurrection from inactive nodes and simplify
      vacuuming; (bso#13641);
    + examples: Fix the smb2mount build; (bso#13465);
    + libtevent: Fix build due to missing open_memstream on Illiumos;
      (bso#13629);
    + winbindd_cache: Fix timeout calculation for sid<->name cache; (bso#13662);
    + dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path;
      (bso#13653);
    + Extended DN SID component missing for member after switching group
      membership; (bso#13418);
    + Return STATUS_SESSION_EXPIRED error encrypted, if the request was
      encrypted; (bso#13624);
    + python: Allow forced signing via smb.SMB(); (bso#13621);
    + lib:socket: If returning early, set ifaces; (bso#13665);
    + ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept utf8
      encoded unicode; (bso#13616);
    + smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute;
      (bso#13673);
    + waf: Add -fstack-clash-protection; (bso#13601);
    + winbind: Fix segfault if an invalid passdb backend is configured;
      (bso#13668);
    + Fix bugs in CTDB event handling; (bso#13659);
    + Misbehaving nodes are sometimes not banned; (bso#13670);
* Mon Oct 29 2018 dmulder@suse.com
  - lib:socket: If returning early, set ifaces; (bso#13665); (bsc#1111373);
* Tue Oct 23 2018 dmulder@suse.com
  - winbind requires latest version of libtevent-util0 to start
* Fri Oct 12 2018 dmulder@suse.com
  - Backport latest gpo code from master
    + Read policy from local gpt cache
    + Offline policy application
    + Make group policy extensible via register/unregister gpext
    + gpext's run via a process_group_policy method
* Mon Oct 08 2018 Samuel Cabrero <scabrero@suse.de>
  - Update to 4.6.16; (bsc#1110943);
    + CVE-2018-10919: Fix unauthorized attribute access via searches;
      (bso#13434);
* Wed Sep 26 2018 jmcdonough@suse.com
  - Enable profiling data collection
* Tue Sep 25 2018 dmulder@suse.com
  - Change samba-kdc package name to samba-ad-dc
  - Move samba-ad-dc.service to the samba-ad-dc package
* Mon Sep 24 2018 Samuel Cabrero <scabrero@suse.de>
  - Update to samba-4.9.1
    + s3: nmbd: Stop nmbd network announce storm; (bso#13620);
    + s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds;
      (bso#13597);
    + CTDB recovery lock has some race conditions; (bso#13617);
    + s3-rpc_client: Advertise Windows 7 client info; (bso#13597);
    + ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page; (bso#13610);
* Thu Sep 13 2018 dmulder@suse.com
  - Tumbleweed doesn't define the sle_version macro, so we must
    include a check for suse_version also. Otherwise python3 is
    disabled on Tumbleweed.
* Thu Sep 13 2018 Samuel Cabrero <scabrero@suse.de>
  - Update to samba-4.9.0
    + samba_dnsupdate: Honor 'dns zone scavenging' option, only update if
      needed; (bso#13605);
    + wafsamba: Fix 'make -j<jobs>'; (bso#13606);
* Mon Sep 10 2018 dmulder@suse.com
  - Update to samba-4.9.0rc5
    + s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only
      returns absolute pathnames; (bso#13565);
    + s3: util: Do not take over stderr when there is no log file; (bso#13578);
    + Durable Reconnect fails because cookie.allow_reconnect is not
      set; (bso#13549);
    + krb5-samba: Interdomain trust uses different salt principal; (bso#13539);
    + vfs_fruit: Don't unlink the main file; (bso#13441);
    + smbd: Fix a memleak in async search ask sharemode; (bso#13602);
    + Fix Samba GPO issue when Trust is enabled; (bso#11517);
    + samba-tool: Add "virtualKerberosSalt" attribute to
      'user getpassword/syncpasswords'; (bso#13539);
    + Fix CTDB configuration issues; (bso#13589);
    + ctdbd logs an error until it can successfully connect to
      eventd; (bso#13592);
* Wed Aug 29 2018 dmulder@suse.com
  - Update to samba-4.9.0rc4
    + s3: smbd: Ensure get_real_filename() copes with empty
      pathnames; (bso#13585);
    + samba domain backup online/rename commands force user to specify
      password on CLI; (bso#13566);
    + wafsamba/samba_abi: Always hide ABI symbols which must be
      local; (bso#13579);
    + Fix a panic if fruit_access_check detects a locking conflict; (bso#13584);
    + Fix memory and resource leaks; (bso#13567);
    + python: Fix print in dns_invalid.py; (bso#13580);
    + Aliasing issue causes incorrect IPv6 checksum; (bso#13588);
    + Fix CTDB configuration issues; (bso#13589);
    + s3: vfs: time_audit: fix handling of token_blob in
      smb_time_audit_offload_read_recv(); (bso#13568);
* Mon Aug 27 2018 vcizek@suse.com
  - Add missing zlib-devel dependency which was previously pulled in
    by libopenssl-devel
* Tue Aug 21 2018 dmulder@suse.com
  - Update to samba-4.9.0rc3+git.22.3fff23ae36e
    + CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against
      returns from malicious servers; (bso#13453);
    + CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query
      with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140; (bso#13374);
    + CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when
      not servicePrincipalName is set on a user; (bso#13552);
    + CVE-2018-10919: acl_read: Fix unauthorized attribute access via
      searches; (bso#13434);
    + ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler; (bso#13540);
    + CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it
      is disabled via "ntlm auth"; (bso#13360);
    + s3-tldap: do not install test_tldap; (bso#13529);
    + ctdb_mutex_ceph_rados_helper: Fix deadlock via lock renewals; (bso#13540);
    + CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in
      ltdb_index_dn_attr(); (bso#13374);
    + ctdb-eventd: Fix CID 1438155; (bso#13554);
    + Fix CIDs 1438243, (Unchecked return value) 1438244
      (Unsigned compared against 0), 1438245 (Dereference before null check) and
      1438246 (Unchecked return value); (bso#13553);
    + ctdb: Fix a cut&paste error; (bso#13554);
    + systemd: Only start smb when network interfaces are up; (bso#13559);
    + Fix quotas don't work with SMB2; (bso#13553);
    + s3/smbd: Ensure quota code is only called when quota support
      detected; (bso#13563);
    + s3/libsmb: Explicitly set delete_on_close token for rmdir; (bso#13204);
    + s3:waf: Install eventlogadm to /usr/sbin; (bso#13561);
    + Shorten description in vfs_linux_xfs_sgid manual; (bso#13562);
* Mon Aug 20 2018 ddiss@suse.com
  - Update to 4.6.15
    + Fix ctdb_mutex_ceph_rados_helper deadlock; (bso#13540); (bsc#1102230);
    + Allow idmap_rid to have primary group other than "Domain Users";
      (bsc#1087931).
* Mon Aug 20 2018 dmulder@suse.com
  - Update to samba-4.9.0rc2+git.21.a1069afb007
    + s3: smbd:  Using "sendfile = yes" with SMB2 can cause CPU spin; (bso#13537);
    + s3: smbd: Fix path check in smbd_smb2_create_durable_lease_check();
      (bso#13535);
    + samba-tool trust: Support discovery via netr_GetDcName; (bso#13538);
    + s4-dsdb: Only build dsdb Python modules for AD DC; (bso#13542);
    + Fix portability issues on freebsd; (bso#13520);
    + DNS wildcard search does not handle multiple labels correctly; (bso#13536);
    + samba-tool domain trust: Fix trust compatibility to Windows
      Server 1709 and FreeIPA; (bso#13308);
    + Fix portability issues on freebsd; (bso#13520);
    + ctdb-protocol: Fix CTDB compilation issues; (bso#13545);
    + ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT
      option; (bso#13546);
    + ctdb-doc: Provide an example script for migrating old
      configuration; (bso#13550);
    + ctdb-event: Implement event tool "script list" command; (bso#13551);
* Tue Aug 14 2018 nopower@suse.com
  - Update to samba-4.8.4+git.37.a7a861d7982;
    + CVE-2018-1139:  Weak authentication protocol allowed;
      (bsc#1095048); (bsc#13360);
    + CVE-2018-1140:  Denial of Service Attack on DNS and LDAP server;
      (bsc#1095056); (bso#13466); (bso#13374);
    + CVE-2018-10858: Insufficient input validation on client directory
      listing in libsmbclient; (bsc#1103411); (bso#13453);
    + CVE-2018-10918: Denial of Service Attack on AD DC DRSUAPI server;
      (bsc#1103414); (bso#13552);
    + CVE-2018-10919: Confidential attribute disclosure from the AD
      LDAP server; (bsc#1095057); (bso#13434);
    + s3:winbind: winbind normalize names' doesn't work for users;
      (bso#12851);
    + winbind: Fix UPN handling in canonicalize_username(); (bso#13369);
    + s3: smbd: Fix SMB2-FLUSH against directories; (bso#13428);
    + samdb: Fix building Samba with gcc 8.1; (bso#13437);
    + s3:utils: Do not segfault on error in DoDNSUpdate();  (bso#13440);
    + smbd: Flush dfree memcache on service reload; (bso#13446);
    + ldb: Save a copy of the index result before calling the
    + lib/util: No Backtrace given by Samba's AD DC by default;
      (bso#13454).
    + s3: smbd: printing: Re-implement delete-on-close semantics for
      print files missing since 3.5.x; (bso#13457).
    + python: Fix talloc frame use in make_simple_acl(); (bso#13474).
    + krb5_wrap: Fix keep_old_entries logic for older Kerberos
      libraries;(bso#13478).
    + krb5_plugin: Add winbind localauth plugin for MIT Kerberos;
      (bso#13480).
* Wed Aug 01 2018 scabrero@suse.de
  - CVE-2018-10858: Insufficient input validation on client directory
    listing in libsmbclient; (bso#13453); (bsc#1103411);
  - s3: winbind: Fix 'winbind normalize names' in wb_getpwsid();
    (bso#12851);
  - winbind: avoid using fstrcpy in _dual_init_connection;
    (bso#13294); (bsc#1087303);
  - Fix ntlm authentications with "winbind use default domain = yes";
    (bso#13126); (bsc#1068059);
  - net: fix net ads keytab handling; (bso#13166); (bsc#1067700);
  - fix vfs_ceph flock stub; (bso#13506).
* Tue May 29 2018 scabrero@suse.de
  - Add missing package descriptions; (bsc#1093864);
  - Fix dependency issue between samba-python and samba-kdc; (bsc#1062876);
  - Call update-apparmor-samba-profile when running samba-ad-dc;
    (bsc#1092099);
* Wed May 23 2018 ddiss@suse.com
  - Fix vfs_ceph with "aio read size" or "aio write size" > 0;
    (bsc#1093664).
    + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425).
    + Fix memory leak in vfs_ceph; (bso#13424).
  - Update to 4.6.14
    + winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection;
      (bso#13294).
    + s3:smb2_server: correctly maintain request counters for compound
      requests; (bso#13215).
    + s3: smbd: Unix extensions attempts to change wrong field in fchown
      call; (bso#13375).
    + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338).
    + vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async;
      (bso#13297).
    + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
      support fdopendir(); (bso#13270).
    + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we
      don't own it here; (bso#13244).
    + s3:libsmb: allow -U"\\administrator" to work; (bso#13206).
    + CVE-2018-1057: s4:dsdb: fix unprivileged password changes;
      (bso#13272); (bsc#1081024).
    + s3:smbd: Do not crash if we fail to init the session table;
      (bso#13315).
    + libsmb: Use smb2 tcon if conn_protocol >= SMB2_02; (bso#13310).
    + smbXcli: Add "force_channel_sequence"; (bso#13215).
    + smbd: Fix channel sequence number checks for long-running requests;
      (bso#13215).
    + s3:smb2_server: allow logoff, close, unlock, cancel and echo on
      expired sessions; (bso#13197).
    + s3:smbd: return the correct error for cancelled SMB2 notifies on
      expired sessions; (bso#13197).
    + samba: Only use async signal-safe functions in signal handler;
      (bso#13240).
    + subnet: Avoid a segfault when renaming subnet objects; (bso#13031).
* Wed May 23 2018 jmcdonough@suse.com
  - Update to 4.8.2
    + After update to 4.8.0 DC failed with "Failed to find our own
      NTDS Settings objectGUID" (bso#13335).
    + fix incorrect reporting of stream dos  attributes on a
      directory (bso#13380).
    + vfs_ceph: add asynchronous fsync; fake synchronous call (bso#13412).
    + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425)
    + vfs_ceph: Fix memory leak; (bso#13424).
    + libsmbclient: Fix hard-coded connection error return of
      ETIMEDOUT; (bso#13419).
    + s4-lsa: Fix use-after-free in LSA server; (bso#13420).
    + winbindd: Do re-connect if the RPC call fails in the passdb
      case; (bso#13430).
    + cleanupd: Sends MSG_SMB_UNLOCK twice to interested peers; (bso#13416).
    + cleanupd: Use MSG_SMB_BRL_VALIDATE to signal cleanupd
      unclean process shutdown; (bso#13414).
    + ctdb-client: Remove ununsed functions from old client code;
      (bso#13411).
    + printing: Return the same error code as windows does on upload
      failures; (bso#13395).
    + nsswitch: Fix memory leak in winbind_open_pipe_sock() when the
      privileged pipe is not accessable; (bso#13400).
    + s4:lsa_lookup: remove TALLOC_FREE(state) after all
      dcesrv_lsa_Lookup{Names,Sids}_base_map() calls; (bso#13420).
    + rpc_server: Fix NetSessEnum with stale sessions; (bso#13407).
    + s3:smbspool: Fix cmdline argument handling; (bso#13417).
* Fri Apr 27 2018 scabrero@suse.de
  - Move libdfs-server-ad-samba4.so library from kdc to libs package, as it is
    required by some client libs; (bsc#1074135);
  - Update to 4.8.1; (bsc#1091179);
    + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error,
      we don't own it here; (bso#13244);
    + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
      support fdopendir(); (bso#13270);
    + Round-tripping ACL get/set through vfs_fruit will increase the number of
      ACE entries without limit; (bso#13319);
    + s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit
      issues; (bso#13347);
    + s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without
      delete access; (bso#13358);
    + s3: smbd: Fix memory leak in vfswrap_getwd(); (bso#13372);
    + s3: smbd: Unix extensions attempts to change wrong field in fchown call;
      (bso#13375);
    + ms_schema/samba-tool visualize: Fix python2.6 incompatibility;
      (bso#13337);
    + Fix invocation of gnutls_aead_cipher_encrypt(); (bso#13352);
    + Windows 10 cannot logon on Samba NT4 domain; (bso#13328);
    + winbindd: Recover loss of netlogon secure channel in case the peer DC is
      rebooted; (bso#13332);
    + s3:smbd: Don't use the directory cache for SMB2/3; (bso#13363);
    + ctdb-client: Fix bugs in client code; (bso#13356);
    + ctdb-scripts: Drop "net serverid wipe" from 50.samba event script;
      (bso#13359);
    + s3: lib: messages: Don't use the result of sec_init() before calling
      sec_init(); (bso#13368);
    + libads: Fix the build '--without-ads'; (bso#13273);
    + winbind: Keep "force_reauth" in invalidate_cm_connection, add
      'smbcontrol disconnect-dc'; (bso#13332);
    + vfs_virusfilter: Fix CIDs 1428738-1428740; (bso#13343);
    + dsdb: Fix CID 1034966 Uninitialized scalar variable; (bso#13367);
    + rpc_server: Fix core dump in dfsgetinfo; (bso#13370);
    + smbclient: Fix notify; (bso#13382);
    + Fix smbd panic if the client-supplied channel sequence number wraps;
      (bso#13215);
    + Windows 10 cannot logon on Samba NT4 domain; (bso#13328);
    + lib/util: Remove unused '#include <sys/syscall.h>' from tests/tfork.c;
      (bso#13342);
    + Fix build errors with cc from developerstudio 12.5 on Solaris;
      (bso#13343);
    + Fix the picky-developer build on FreeBSD 11; (bso#13344);
    + s3:modules: Fix the build of vfs_aixacl2.c; (bso#13345);
    + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338);
    + lib:replace: Fix linking when libtirpc-devel overwrites system headers;
      (bso#13341);
    + winbindd: 'wbinfo --name-to-sid' returns misleading result on invalid
      query; (bso#13312);
    + s3:passdb: Do not return OK if we don't have pinfo set up; (bso#13376);
    + Allow AESNI to be used on all processor supporting AESNI; (bso#13302);
* Wed Apr 11 2018 aaptel@suse.com
  - Use new foreground execution flags for systemd samba daemons;
    (bsc#1088574); (bsc#1071090); (bsc#1065551);
    + Add %post scriptlet to clear old sysconfig flags
  - Update vendor-files to commit 880b3e7.
    + Set samba sysconfig template variables to ""
    + Add required daemon flags directly to systemd unit
* Mon Mar 26 2018 jengelh@inai.de
  - Specfile cleanup
    + Remove %if..%endif guards which don't affect the build
    + Remove redundant %clean section
    + Replace old $RPM_* shell vars with macros
* Thu Mar 22 2018 dimstar@opensuse.org
  - BuildRequire pkgconfig(systemd) and pkgconfig(libsystemd) in
    place of systemd and systemd-devel: Allow OBS to optimize the
    workload by allowing the usage of the 'build-optimized' systemd
    packages.
* Thu Mar 22 2018 dmulder@suse.com
  - Enable building samba with python3, and create a samba-python3 package.
* Thu Mar 15 2018 jmcdonough@suse.com
  - Update to 4.8
    + New GUID Index mode in sam.ldb for the AD DC
    + GPO support for samba KDC
    + Time machine support with vfs_fruit
    + Encrypted secrets
    + AD Replication visualization
    + Improved trust support
    - ability to not scan global trust list
    - AD external trusts have limited support
    - verbose trusted domain listing
    + VirusFilter VFS module
    + NT4-style replication removed
    + vfs_aio_linux removed
* Tue Mar 13 2018 david.mulder@suse.com
  - Disable samba-pidl package, due to the removal of dependency
    perl-Parse-Yapp; (bsc#1085150);
* Tue Mar 13 2018 jmcdonough@suse.com
  - Update to 4.7.6;
    + CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally;
      (bso#11343); (bsc#1081741);
    + CVE-2018-1057: Authenticated users can change other users' password;
      (bso#13272); (bsc#1081024).
* Wed Mar 07 2018 jmcdonough@suse.com
  - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally;
    (bso#11343); (bsc#1081741);
* Tue Mar 06 2018 ddiss@suse.com
  - Update to 4.6.13; (bsc#1084191)
    + ceph_statx configure time check doesn't work with a non-default
    - -with-libcephfs path; (bso#13250).
    - follow up fix for libceph-common detection; (bso#13277).
    + Fail to copy file with empty FinderInfo from Windows client to Samba
      share with fruit; (bso#13181).
    + vfs_ceph uses a local statvfs() call to determine FS capabilities;
      (bso#13208).
    + smbd tries to release not leased oplock during oplock II downgrade;
      (bso#13193).
    + smbd panic when chdir returns error during exit; (bso#13189).
    + ctdb_recovery_helper crashes if recovery process times out; (bso#13188).
    + POSIX ACL support is broken on hpux and possibly other big-endian OSs;
      (bso#13176).
    + Kerberos: PKINIT: Can't decode algorithm parameters in
      clientPublicValue; (bso#12986).
    + g_lock conflict detection broken when processing stale entries.;
      (bso#13195).
    + The KDC on an RWDC doesn't send error replies in some situations;
      (bso#13132).
* Mon Feb 26 2018 aaptel@suse.com
  - Disable python until full python3 port is done; (bsc#1082139);
    + Remove contents of package samba-python
    + Remove contents of package libsamba-policy0
    + Remove contents of package libsamba-policy-devel
    + Remove library libsamba-python-samba4.so from samba-libs package
    + Remove library libsamba-net-samba4.so from samba-libs package
    + Remove smbtorture binary and manpage from samba-test
* Fri Feb 23 2018 dmulder@suse.com
  - samba fails to build with glibc2.27; (bsc#1081042);
* Mon Feb 12 2018 scabrero@suse.com
  - Update to 4.7.5; (bsc#1080545);
    + smbd tries to release not leased oplock during oplock II downgrade;
      (bso#13193);
    + Fix copying file with empty FinderInfo from Windows client to Samba share
      with fruit; (bso#13181);
    + build: Deal with recent glibc sunrpc header removal; (bso#10976);
    + Make Samba work with tirpc and libnsl2; (bso#13238);
    + vfs_ceph: Add fs_capabilities hook to avoid local statvfs; (bso#13208);
      (bsc#1075206);
    + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue;
      (bso#12986);
    + ctdb-recovery-helper: Deregister message handler in error paths;
      (bso#13188);
    + samba: Only use async signal-safe functions in signal handler; (bso#13240);
    + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue;
      (bso#12986);
    + repl_meta_data: Fix linked attribute corruption on databases
      with unsorted links on expunge. dbcheck: Add functionality to fix the
      corrupt database; (bso#13228);
    + Fix smbd panic when chdir returns error during exit; (bso#13189);
    + Make Samba work with tirpc and libnsl2; (bso#13238);
    + Fix POSIX ACL support on HPUX and possibly other big-endian OSs;
      (bso#13176);
* Fri Feb 09 2018 scabrero@suse.com
  - Update to 4.7.4; (bsc#1080545);
    + s3: smbclient: Implement 'volume' command over SMB2; (bso#13140);
    + s3: libsmb: Fix valgrind read-after-free error in
      cli_smb2_close_fnum_recv(); (bso#13171);
    + s3: libsmb: Fix reversing of oldname/newname paths when creating a
      reparse point symlink on Windows from smbclient; (bso#13172);
    + Build man page for vfs_zfsacl.8 with Samba; (bso#12934);
    + repl_meta_data: Allow delete of an object with dangling backlinks;
      (bso#13095);
    + s4:samba: Fix default to be running samba as a deamon; (bso#13129);
    + Performance regression in DNS server with introduction of DNS wildcard,
      ldb: Release 1.2.3; (bso#13191);
    + vfs_zfsacl: Fix compilation error; (bso#6133);
    + "smb encrypt" setting changes are not fully applied until full smbd
      restart; (bso#13051);
    + winbindd: Fix idmap_rid dependency on trusted domain list; (bso#13052);
    + vfs_fruit: Proper VFS-stackable conversion of FinderInfo; (bso#13155);
    + winbindd: Dependency on trusted-domain list in winbindd in critical auth
      codepath; (bso#13173);
    + repl_meta_data: Fix removing of backlink on deleted objects; (bso#13120);
    + ctdb: sock_daemon leaks memory; (bso#13153);
    + TCP tickles not getting synchronised on CTDB restart; (bso#13154);
    + winbindd: winbind parent and child share a ctdb connection; (bso#13150);
    + pthreadpool: Fix deadlock; (bso#13170);
    + pthreadpool: Fix starvation after fork; (bso#13179);
    + messaging: Always register the unique id; (bso#13180);
    + s4/smbd: set the process group; (bso#13129);
    + Fix broken linked attribute handling; (bso#13095);
    + The KDC on an RWDC doesn't send error replies in some situations;
      (bso#13132);
    + libnet_join: Fix 'net rpc oldjoin'; (bso#13149);
    + g_lock conflict detection broken when processing stale entries;
      (bso#13195);
    + s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired
      sessions; (bso#13197);
    + s3:libads: net ads keytab list fails with "Key table name malformed";
      (bso#13166); (bsc#1067700);
    + Fix crash in pthreadpool thread after failure from pthread_create;
      (bso#13170);
    + s4:samba: Allow samba daemon to run in foreground; (bso#13129);
      (bsc#1065551);
    + third_party: Link the aesni-intel library with "-z noexecstack";
      (bso#13174);
    + vfs_glusterfs: include glusterfs/api/glfs.h without relying on "-I"
      options; (bso#13125);

Files

/usr/lib64/libndr-standard.so.0
/usr/lib64/libndr-standard.so.0.0.1


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Jan 22 23:55:42 2020