This update for samba fixes the following issues:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441).
- CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd
parent process. (bsc#1014442).
- CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution Vulnerability. (bsc#1014437).
This issue does not affect our packages, as the component is not built.
Non security issues fixed:
- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port (bsc#1009085)
- Add doc changes for net ads --no-dns-updates switch (bsc#991564)
- Include vfstest in samba-test (bsc#1001203).
- s3/winbindd: using default domain with user@domain.com format fails (bsc#997833).
- Fix illegal memory access after memory has been deleted (bsc#975299).
- Fix bug in tevent poll backend causing winbind to loop tightly (bsc#994500).
- Various fixes for spnego/ntlm (bsc#986675).