ChangeLog for: 2017-09-21 02:23:24

n/samba-4.6.8-x86_64-1.txz:  Upgraded.
  This is a security release in order to address the following defects:
  SMB1/2/3 connections may not require signing where they should. A man in the
  middle attack may hijack client connections.
  SMB3 connections don't keep encryption across DFS redirects. A man in the
  middle attack can read and may alter confidential documents transferred via
  a client connection, which are reached via DFS redirect when the original
  connection used SMB3.
  Server memory information leak over SMB1. Client with write access to a share
  can cause server memory contents to be written into a file or printer.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2017-12150.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
    https://www.samba.org/samba/security/CVE-2017-12151.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
    https://www.samba.org/samba/security/CVE-2017-12163.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
  (* Security fix *)