The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 4.0.1 was affected by a cross-site request
forgery; CVE-2013-0214; (bnc#799641).
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 4.0.1 could possibly be used in clickjacking
attacks; CVE-2013-0213; (bnc#800982).
Also the following bugs have been fixed:
- Don’t clutter the spec file diff view; (bnc#783384).
- s3: Fix uninitialized memory read in talloc_free();
(bnc#764577).
- Attempt to use samlogon validation level 6;
(bso#7945); (bnc#741623).
- Add PreReq /etc/init.d/nscd to the winbind package;
(bnc#759731).
- Recover from ncacn_ip_tcp ACCESS_DENIED/SEC_PKG_ERROR
lsa errors; (bso#7944); (bnc#755663).
- Fix lsa_LookupSids3 and lsa_LookupNames4 arguments.