samba4-4.0.0-67.AXS4.rc4

Samba is the standard Windows interoperability suite of programs for Linux and Unix.

Security issues fixed with this release:

CVE-2015-3223
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24,
as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before
4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which
allows remote attackers to cause a denial of service (infinite loop)
via crafted packets.
CVE-2015-5252
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7,
and 4.3.x before 4.3.3, when share names with certain substring
relationships exist, allows remote attackers to bypass intended
file-access restrictions via a symlink that points outside of a share.
CVE-2015-5296
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before
4.3.3 supports connections that are encrypted but unsigned, which
allows man-in-the-middle attackers to conduct encrypted-to-unencrypted
downgrade attacks by modifying the client-server data stream, related
to clidfs.c, libsmb_server.c, and smbXcli_base.c.
CVE-2015-5299
The shadow_copy2_get_shadow_copy_data function in
modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x
before 4.2.7, and 4.3.x before 4.3.3 does not verify that the
DIRECTORY_LIST access right has been granted, which allows remote
attackers to access snapshots by visiting a shadow copy directory.
CVE-2015-7540
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22
does not check return values to ensure successful ASN.1 memory
allocation, which allows remote attackers to cause a denial of service
(memory consumption and daemon crash) via crafted packets.