samba security and bug fix update

[3.6.23-51.0.1]

• Remove use-after-free talloc_tos() inlined function problem (John Haxby) [orabug 18253258]
  [3.6.24-51]
• resolves: #1513877 - Fix memory leak in winbind
  [3.6.24-50]
• resolves: #1553018 - Fix CVE-2018-1050
  [3.6.24-49]
• resolves: #1536053 - Fix regression with non-wide symlinks to directories
  [3.6.24-48]
• resolves: #1519884 - Fix segfault in winbind when querying groups
  [3.6.24-47]
• resolves: #1413484 - Fix guest login with signing required
  [3.6.24-46]
• resolves: #1509455 - Fix regression of CVE-2017-2619
  [3.6.24-45]
• resolves: #1491211 - CVE-2017-2619 CVE-2017-12150 CVE-2017-12163
  [3.6.24-44]
• resolves: #1451105 - Fix trusted domain handling in winbind
• resolves: #1431000 - Fix crash while trying to authenticate with a disabled
  account
• resolves: #1467395 - Add ‘winbind request timeout’ option
  [3.6.23-43]
• resolves: #1450783 - Fix CVE-2017-7494
  [3.6.23-42]
• resolves: #1391256 - Performance issues with vfs_dirsort and extended
  attributes
  [3.6.23-41]
• resolves: #1413672 - Auth regression after secret changed
  [3.6.23-40]
• resolves: #1405356 - CVE-2016-2125 CVE-2016-2126
  [3.6.23-39]
• resolves: #1297805 - Fix issues with printer unpublishing from AD
  [3.6.23-38]
• resolves: #1347843 - Fix RPC queryUserList returning NO_MEMORY for
  empty list
  [3.6.23-37]
• resolves: #1380151 - Fix memory leak in idmap_ad module
• resolves: #1333561 - Fix smbclient connection issues to DFS shares
• resolves: #1372611 - Allow ntlmsssp session key setup without signing
  (Workaround for broken NetApp and EMC NAS)
  [3.6.23-35]
• resolves: #1282289 - Fix winbind memory leak with each cached creds login
  [3.6.23-34]
• resolves: #1327697 - Fix netlogon credential checks
• resolves: #1327746 - Fix dcerpc trailer verificaton
  [3.6.23-33]
• related: #1322687 - Update CVE patchset
  [3.6.23-32]
• related: #1322687 - Update manpages
  [3.6.23-31]
• related: #1322687 - Update CVE patchset
  [3.6.23-30]
• related: #1322687 - Update CVE patchset
  [3.6.23-29]
• resolves: #1322687 - Fix CVE-2015-5370
• resolves: #1322687 - Fix CVE-2016-2110
• resolves: #1322687 - Fix CVE-2016-2111
• resolves: #1322687 - Fix CVE-2016-2112
• resolves: #1322687 - Fix CVE-2016-2115
• resolves: #1322687 - Fix CVE-2016-2118 (Known as Badlock)
  [3.6.23-28]
• resolves: #1305870 - Fix symlink verification
  [3.6.23-27]
• resolves: #1314671 - Fix CVE-2015-7560
  [3.6.23-26]
• resolves: #1211744 - Fix DFS client access with Windows Server 2008
  [3.6.23-25]
• resolves: #1242614 - Fix unmappable S-1-18-1 sid truncates group lookups
  [3.6.23-24]
• resolves: #1271763 - Fix segfault in NTLMv2_generate_names_blob()
• resolves: #1261265 - Add ‘–no-dns-updates’ option for ‘net ads join’
  [3.6.23-23]
• resolves: #1290707 - CVE-2015-5299
• related: #1290707 - CVE-2015-5296
• related: #1290707 - CVE-2015-5252
• related: #1290707 - CVE-2015-5330
  [3.6.23-22]
• resolves: #1232021 - Do not overwrite smb.conf manpage
• resolves: #1216060 - Document netbios name length limitations
• resolves: #1234249 - Fix ‘map to guest = Bad Uid’ option
• resolves: #1219570 - Fix ‘secuirtiy = server’ (obsolete) share access
• resolves: #1211657 - Fix stale cache entries if a printer gets renamed
  [3.6.23-21]
• resolves: #1252180 - Fix ‘force group’ with ‘winbind use default domain’.
• resolves: #1250100 - Fix segfault in pam_winbind if option parsing fails
• resolves: #1222985 - Fix segfault with ‘mangling method = hash’ option
  [3.6.23-20]
• resolves: #1164269 - Fix rpcclient timeout command.
  [3.6.23-19]
• resolves: #1201611 - Fix ‘force user’ with ‘winbind use default domain’.
  [3.6.23-18]
• resolves: #1194549 - Fix winbind caching issue and support SID compression.
  [3.6.23-17]
• resolves: #1192211 - Fix restoring shadow copy snapshot with SMB2.
  [3.6.23-16]
• resolves: #1117059 - Fix nss group enumeration with unresolved groups.
  [3.6.23-15]
• resolves: #1165750 - Fix guid retrieval for published printers.
• resolves: #1163383 - Fix ‘net ads join -k’ with existing keytab entries.
• resolves: #1195456 - Fix starting daemons on read only filesystems.
• resolves: #1138552 - Fix CPU utilization when re-reading the printcap info.
• resolves: #1144916 - Fix smbclient NTLMv2 authentication.
• resolves: #1164336 - Document ‘sharesec’ command for
  ‘access based share enum’ option.
  [3.6.23-14]
• related: #1191339 - Update patchset for CVE-2015-0240.
  [3.6.23-13]
• resolves: #1191339 - CVE-2015-0240: RCE in netlogon.
  [3.6.23-12]
• resolves: #1127723 - Fix samlogon secure channel recovery.
  [3.6.23-11]
• resolves: #1129006 - Add config variables to set spoolss os version.
  [3.6.23-10]
• resolves: #1124835 - Fix dropbox share.
  [3.6.23-9]
• related: #1053886 - Fix receiving the gecos field with winbind.
  [3.6.23-8]
• resolves: #1110733 - Fix write operations as guest with ‘security = share’.
• resolves: #1053886 - Fix receiving the gecos field with winbind.
  [3.6.23-7]
• resolves: #1107777 - Fix SMB2 with ‘case sensitive = True’
  [3.6.23-6]
• resolves: #1105500 - CVE-2014-0244: DoS in nmbd.
• resolves: #1108841 - CVE-2014-3493: DoS in smbd with unicode path names.
  [3.6.23-5]
• related: #1061301 - Only link glusterfs libraries to vfs module.
  [3.6.23-4]
• resolves: #1051656 - Fix gecos field copy debug warning.
• resolves: #1061301 - Add glusterfs vfs module.
• resolves: #1087472 - Fix libsmbclient crash when HOME variable isnt set.
• resolves: #1099443 - ‘net ads testjoin’ fails with IPv6.
• resolves: #1100670 - Fix ‘force user’ with ‘security = ads’.
• resolves: #1096522 - Fix enabling SMB2 causes file operations to fail.
  [3.6.23-3]
• resolves: #1081539 - Add timeout option to smbclient.
  [3.6.23-2]
• resolves: #1022534 - Do not build Samba with fam support.
• resolves: #1059301 - Fix nbt query with many components.
• resolves: #1057332 - Fix force user with guest account.
• resolves: #1021706 - Fix %G substitution in ‘template homedir’.
• resolves: #1040472 - Fix group expansion in service path.
• resolves: #1069570 - Fix memory leak reading printer list.
• resolves: #1067607 - Fix wbinfo -i with one-way trusts.
• resolves: #1050887 - Fix 100% CPU utilization in winbindd when trying to
  free memory in winbindd_reinit_after_fork.
• resolves: #1029000 - Fix ‘force user’ with ‘security = ads’.
  [3.6.23-1]
• resolves: #1073356 - Fix CVE-2013-4496, CVE-2012-6150 and CVE-2013-6442.
• resolves: #1018038 - Fix CVE-2013-4408.
  [3.6.22-1]
• resolves: #1003921 - Rebase Samba to 3.6.22.
• resolves: #1035332 - Fix force user with ‘security = user’.