Пакет samba-common: Информация

- Security update of Samba 4.17 with fixes of the Samba CVE for Deleted Object
  tombstones visible in AD LDAP to normal users (CVE-2018-14628).
- Security fixes:
  + CVE-2018-14628: Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
                    allow read of object tombstones over LDAP
                    (Administrator action required!)
                    https://www.samba.org/samba/security/CVE-2018-14628.html

- Revert services type from forking to notify.

- Update to security release of Samba 4.17
- Security fixes (Samba#15422, Samba#15424, Samba#15439, Samba#15473, Samba#15474):
 + CVE-2023-3961:  Unsanitized pipe names allow SMB clients to connect as root
                   to existing unix domain sockets on the file system.
                   https://www.samba.org/samba/security/CVE-2023-3961.html

 + CVE-2023-4091:  SMB client can truncate files to 0 bytes by opening files
                   with OVERWRITE disposition when using the acl_xattr Samba VFS
                   module with the smb.conf setting
                   "acl_xattr:ignore system acls = yes"
                   https://www.samba.org/samba/security/CVE-2023-4091.html

 + CVE-2023-4154:  An RODC and a user with the GET_CHANGES right can view all
                   attributes, including secrets and passwords.  Additionally,
                   the access check fails open on error conditions.
                   https://www.samba.org/samba/security/CVE-2023-4154.html

 + CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
                   server block for a user-defined amount of time, denying
                   service.
                   https://www.samba.org/samba/security/CVE-2023-42669.html

 + CVE-2023-42670: Samba can be made to start multiple incompatible RPC
                   listeners, disrupting service on the AD DC.
                   https://www.samba.org/samba/security/CVE-2023-42670.html