Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________
An update that solves three vulnerabilities and has one errata is now available.
Description:
Samba was updated to fix three security issues.
These security issues were fixed:
* CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bso#11688, bsc#973031). * CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bso#11749, bsc#973032). * CVE-2015-5252: Insufficient symlink verification (allowed file access outside the share) (bso#11395, bnc#958582).
This non-security issue was fixed:
* Allow "delete readonly = yes" to correctly override deletion of a file (bsc#913087, bso#5073)