Security update for samba, ldb, talloc, tdb, tevent (important)

This update for ldb, samba, talloc, tdb, tevent fixes the following issues:

ldb was updated to 1.1.24.

• Fix ldap \00 search expression attack dos; cve-2015-3223; (bso#11325)
• Fix remote read memory exploit in ldb; cve-2015-5330; (bso#11599)
• Move ldb_(un)pack_data into ldb_module.h for testing
• Fix installation of _ldb_text.py
• Fix propagation of ldb errors through tdb
• Fix bug triggered by having an empty message in database during search
• Test improvements
• Improved python bindings
• Validate_ldb of string(generalized-time) does not accept millisecond
  format ".000Z"; (bso#9810)
• Fix logic in ldb_val_to_time()
• Allow to register extended match rules
• Fixes for segfaults in pyldb
• Documentation fixes
• Build system improvements
• Fix a typo in the comment, ldb_flags_mod_xxx -> ldb_flag_mod_xxx
• Fix check for third_party
• Make the successful ldb_transaction_start() message clearer
• Ldb-samba: fix a memory leak in ldif_canonicalise_objectcategory()
• Ldb-samba: move pyldb-utils dependency to python_samba__ldb
• Build: improve detection of srcdir

Samba was updated to 4.1.22.

• Malicious request can cause samba ldap server to hang, spinning using
  cpu; CVE-2015-3223; (bso#11325); (boo#958581).
• Remote read memory exploit in ldb; cve-2015-5330; (bso#11599);
  (boo#958586).
• Insufficient symlink verification (file access outside the share);
  CVE-2015-5252; (bso#11395); (boo#958582).
• No man in the middle protection when forcing smb encryption on the
  client side; CVE-2015-5296; (bso#11536); (boo#958584).
• Currently the snapshot browsing is not secure thru windows previous
  version (shadow_copy2); CVE-2015-5299; (bso#11529); (boo#958583).
• Fix microsoft ms15-096 to prevent machine accounts from being changed
  into user accounts; CVE-2015-8467; (bso#11552); (boo#958585).
• Fix remote dos in samba (ad) ldap server; cve-2015-7540; (bso#9187);
  (boo#958580).
• Ensure attempt to ssh into locked account triggers "Your account is
  disabled…" to the console; (boo#953382).
• Prevent null pointer access in samlogon fallback when security
  credentials are null; (boo#949022).

talloc was updated to 2.1.5; (boo#954658).

• Minor build fixes
• Point ld_library_path to the just-built libraries while calling make
  test.
• Disable rpath-install and silent-rules while configure.
• Update to 2.1.4; (boo#951660).
• Test that talloc magic differs between processes.
• Increment minor version due to added talloc_test_get_magic.
• Provide tests access to talloc_magic.
• Test magic protection measures.
• Update the samba library distribution key file ‘talloc.keyring’;
  (bso#945116).
• Update to 2.1.3; (boo#939051).
• Improved python3 bindings
• Documentation fixes regarding talloc_reference() and talloc_unlink()

tdb was updated to version 1.3.8; (boo#954658).

• Fix broken build with --disable-python
• Minor build fixes
• Disable rpath-install and silent-rules while configure.
• Update the samba library distribution key file ‘tdb.keyring’;
  (bso#945116).
• Update to version 1.3.7.
• First fix deadlock in the interaction between fcntl and mutex locking;
  (bso#11381)
• Improved python3 bindings
• Update to version 1.3.6.
• Fix runtime detection for robust mutexes in the standalone build;
  (bso#11326).
• Possible fix for the build with robust mutexes on solaris 11;
  (bso#11319).
• Update to version 1.3.5.
• Abi change: tdb_chainlock_read_nonblock() has been added, a nonblock
  variant of tdb_chainlock_read()
• Do not build test binaries if it’s not a standalone build
• Fix cid 1034842 resource leak
• Fix cid 1034841 resource leak
• Don’t let tdb_wrap_open() segfault with name==null
• Update to version 1.3.4.
• Toos: allow transactions with tdb_mutex_locking
• Test: add tdb1-run-mutex-transaction1 test
• Allow transactions on on tdb’s with tdb_mutex_locking
• Update to version 1.3.3.
• Test: tdb_clear_if_first | tdb_mutex_locking, o_rdonly is a valid
  combination
• Update to version 1.3.2.
• Allow tdb_open_ex() with o_rdonly of tdb_feature_flag_mutex tdbs.
• Fix a comment
• Fix tdb_runtime_check_for_robust_mutexes()
• Improve wording in a comment
• Tdb.h needs bool type; obsoletes include_stdbool_bso10625.patch
• Tdb_wrap: make mutexes easier to use
• Tdb_wrap: only pull in samba-debug
• Tdb_wrap: standalone compile without includes.h
• Tdb_wrap: tdb_wrap.h doesn’t need struct loadparm_context

• Update to version 1.3.1.

• Tools: fix a compiler warning
• Defragment the freelist in tdb_allocate_from_freelist()
• Add "freelist_size" sub-command to tdbtool
• Use tdb_freelist_merge_adjacent in tdb_freelist_size()
• Add tdb_freelist_merge_adjacent()
• Add utility function check_merge_ptr_with_left_record()
• Simplify tdb_free() using check_merge_with_left_record()
• Add utility function check_merge_with_left_record()
• Improve comments for tdb_free().
• Factor merge_with_left_record() out of tdb_free()
• Fix debug message in tdb_free()
• Reduce indentation in tdb_free() for merging left
• Increase readability of read_record_on_left()
• Factor read_record_on_left() out of tdb_free()
• Build: improve detection of srcdir.

tevent was update to version 0.9.26; (boo#954658).

• New tevent_thread_proxy api
• Minor build fixes
• Update the samba library distribution key file ‘tevent.keyring’;
  (bso#945116).
• Update to 0.9.25.
• Fix compile error in solaris ports backend.
• Fix access after free in tevent_common_check_signal(); (bso#11308).
• Improve pytevent bindings.
• Testsuite fixes.
• Improve the documentation of the tevent_add_fd() assumtions. it must be
  talloc_free’ed before closing the fd! (bso##11141); (bso#11316).
• Update to 0.9.24.
• Ignore unexpected signal events in the same way the epoll backend does.
• Update to 0.9.23.
• Update the tevent_data.dox tutrial stuff to fix some errors, including
  white space problems.
• Use tevent_req_simple_recv_unix in a few places.
• Update to 0.9.22.
• Remove unused exit_code in tevent_select.c
• Remove unused exit_code in tevent_poll.c
• Build: improve detection of srcdir
• Lib: tevent: make tevent_sig_increment atomic.
• Update flags in tevent pkgconfig file
• Utilize doxygen to generate the api documentation and package it.