diff --git a/SOURCES/samba-v4-6-fix_net_ads_changetrustpw.patch b/SOURCES/samba-v4-6-fix_net_ads_changetrustpw.patch
new file mode 100644
index 0000000..83a4985
--- /dev/null
+++ b/SOURCES/samba-v4-6-fix_net_ads_changetrustpw.patch
@@ -0,0 +1,74 @@
+From 646b3c4b920f4ae4d1289eeb10018cd9d069382a Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Wed, 9 Aug 2017 18:14:23 +0200
+Subject: [PATCH 1/2] s3:libads: Fix changing passwords with Kerberos
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
+(cherry picked from commit b81ca4f9dcbb378a95fb3ac31bfd9a1cbe505d7d)
+---
+ source3/libads/krb5_setpw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
+index 630c2e46631..bc96ac603b1 100644
+--- a/source3/libads/krb5_setpw.c
++++ b/source3/libads/krb5_setpw.c
+@@ -251,7 +251,7 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host,
+ ret = krb5_set_password(context,
+ &creds,
+ discard_const_p(char, newpw),
+- princ,
++ NULL,
+ &result_code,
+ &result_code_string,
+ &result_string);
+--
+2.14.0
+
+
+From be45f32ffb1504f36b860195b480b661699de049 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Wed, 9 Aug 2017 12:14:34 +0200
+Subject: [PATCH 2/2] blackbox: Add test for 'net ads changetrustpw'
+
+BUG: BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
+
+Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
+Autobuild-Date(master): Fri Aug 11 22:09:27 CEST 2017 on sn-devel-144
+
+(cherry picked from commit e2c0fd36ba54d984b554248aecffd3e4e7f43e1f)
+---
+ testprogs/blackbox/test_net_ads.sh | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
+index 99b886f53eb..bbd99b676bd 100755
+--- a/testprogs/blackbox/test_net_ads.sh
++++ b/testprogs/blackbox/test_net_ads.sh
+@@ -33,6 +33,8 @@ testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed
+
+ testit "testjoin" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+
++testit "changetrustpw" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
++
+ testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
+ # Test with kerberos method = secrets and keytab
+@@ -41,6 +43,8 @@ testit "join (decicated keytab)" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC
+
+ testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+
++testit "changetrustpw (dedicated keytab)" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
++
+ testit "leave (dedicated keytab)" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+ rm -f $dedicated_keytab_file
+
+--
+2.14.0
+
diff --git a/SOURCES/samba-v4.6-fix_smbpasswd_user_pwd_change.patch b/SOURCES/samba-v4.6-fix_smbpasswd_user_pwd_change.patch
new file mode 100644
index 0000000..5c66709
--- /dev/null
+++ b/SOURCES/samba-v4.6-fix_smbpasswd_user_pwd_change.patch
@@ -0,0 +1,391 @@
+From f7046a874ce3ab5d9b4024442daf03e79f25956b Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 18 Aug 2017 16:08:46 +0200
+Subject: [PATCH 1/6] s3:libsmb: Pass domain to remote_password_change()
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit 7a554ee7dcefdff599ebc6fbf4e128b33ffccf29)
+---
+ source3/include/proto.h | 3 ++-
+ source3/libsmb/passchange.c | 5 +++--
+ source3/utils/smbpasswd.c | 3 ++-
+ 3 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/source3/include/proto.h b/source3/include/proto.h
+index baa579995a5..9deb27b416b 100644
+--- a/source3/include/proto.h
++++ b/source3/include/proto.h
+@@ -834,7 +834,8 @@ bool get_dc_name(const char *domain,
+
+ /* The following definitions come from libsmb/passchange.c */
+
+-NTSTATUS remote_password_change(const char *remote_machine, const char *user_name,
++NTSTATUS remote_password_change(const char *remote_machine,
++ const char *domain, const char *user_name,
+ const char *old_passwd, const char *new_passwd,
+ char **err_str);
+
+diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
+index c89b7ca85d1..48ffba8036f 100644
+--- a/source3/libsmb/passchange.c
++++ b/source3/libsmb/passchange.c
+@@ -30,7 +30,8 @@
+ Change a password on a remote machine using IPC calls.
+ *************************************************************/
+
+-NTSTATUS remote_password_change(const char *remote_machine, const char *user_name,
++NTSTATUS remote_password_change(const char *remote_machine,
++ const char *domain, const char *user_name,
+ const char *old_passwd, const char *new_passwd,
+ char **err_str)
+ {
+@@ -55,7 +56,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
+
+ creds = cli_session_creds_init(cli,
+ user_name,
+- NULL, /* domain */
++ domain,
+ NULL, /* realm */
+ old_passwd,
+ false, /* use_kerberos */
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index 437a5e551bb..4d7a3c739bc 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -258,7 +258,8 @@ static NTSTATUS password_change(const char *remote_mach, char *username,
+ fprintf(stderr, "Invalid remote operation!\n");
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+- ret = remote_password_change(remote_mach, username,
++ ret = remote_password_change(remote_mach,
++ NULL, username,
+ old_passwd, new_pw, &err_str);
+ } else {
+ ret = local_password_change(username, local_flags, new_pw,
+--
+2.14.1
+
+
+From f215f7c53032689dbdaac96a3a16fa7d3fe3d3c5 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 18 Aug 2017 16:10:06 +0200
+Subject: [PATCH 2/6] s3:libsmb: Move prototye of remote_password_change()
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit c773844e7529b83b2633671c7bcf1e7b84ad7950)
+---
+ source3/include/proto.h | 7 -------
+ source3/libsmb/proto.h | 10 ++++++++++
+ source3/utils/smbpasswd.c | 1 +
+ 3 files changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/source3/include/proto.h b/source3/include/proto.h
+index 9deb27b416b..67e1a9d750e 100644
+--- a/source3/include/proto.h
++++ b/source3/include/proto.h
+@@ -832,13 +832,6 @@ bool get_dc_name(const char *domain,
+ fstring srv_name,
+ struct sockaddr_storage *ss_out);
+
+-/* The following definitions come from libsmb/passchange.c */
+-
+-NTSTATUS remote_password_change(const char *remote_machine,
+- const char *domain, const char *user_name,
+- const char *old_passwd, const char *new_passwd,
+- char **err_str);
+-
+ /* The following definitions come from libsmb/smberr.c */
+
+ const char *smb_dos_err_name(uint8_t e_class, uint16_t num);
+diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h
+index a583a8ee159..44f4d04cff5 100644
+--- a/source3/libsmb/proto.h
++++ b/source3/libsmb/proto.h
+@@ -31,6 +31,9 @@
+
+ struct smb_trans_enc_state;
+ struct cli_credentials;
++struct cli_state;
++struct file_info;
++struct print_job_info;
+
+ /* The following definitions come from libsmb/cliconnect.c */
+
+@@ -964,4 +967,11 @@ NTSTATUS cli_readlink(struct cli_state *cli, const char *fname,
+ TALLOC_CTX *mem_ctx, char **psubstitute_name,
+ char **pprint_name, uint32_t *pflags);
+
++/* The following definitions come from libsmb/passchange.c */
++
++NTSTATUS remote_password_change(const char *remote_machine,
++ const char *domain, const char *user_name,
++ const char *old_passwd, const char *new_passwd,
++ char **err_str);
++
+ #endif /* _LIBSMB_PROTO_H_ */
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index 4d7a3c739bc..6eb2deb7a3b 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -21,6 +21,7 @@
+ #include "secrets.h"
+ #include "../librpc/gen_ndr/samr.h"
+ #include "../lib/util/util_pw.h"
++#include "libsmb/proto.h"
+ #include "passdb.h"
+
+ /*
+--
+2.14.1
+
+
+From 7e6e01b965c838494203c964fa5ac55b355bd58a Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 18 Aug 2017 16:13:15 +0200
+Subject: [PATCH 3/6] s3:utils: Make strings const passed to password_change()
+ in smbpasswd
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit 41a31a71abe144362fc7483fabba39aafa866373)
+---
+ source3/utils/smbpasswd.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index 6eb2deb7a3b..b0e08cc0e58 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -243,8 +243,9 @@ static char *prompt_for_new_password(bool stdin_get)
+ Change a password either locally or remotely.
+ *************************************************************/
+
+-static NTSTATUS password_change(const char *remote_mach, char *username,
+- char *old_passwd, char *new_pw,
++static NTSTATUS password_change(const char *remote_mach,
++ const char *username,
++ const char *old_passwd, const char *new_pw,
+ int local_flags)
+ {
+ NTSTATUS ret;
+--
+2.14.1
+
+
+From bec5dc7c8b1bca092fa4ea87016bbfdb2750896c Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 18 Aug 2017 16:14:57 +0200
+Subject: [PATCH 4/6] s3:utils: Pass domain to password_change() in smbpasswd
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit b483340639157fe95777672f5723455c48c3c616)
+---
+ source3/utils/smbpasswd.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index b0e08cc0e58..92712e38f6b 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -244,7 +244,7 @@ static char *prompt_for_new_password(bool stdin_get)
+ *************************************************************/
+
+ static NTSTATUS password_change(const char *remote_mach,
+- const char *username,
++ const char *domain, const char *username,
+ const char *old_passwd, const char *new_pw,
+ int local_flags)
+ {
+@@ -261,7 +261,7 @@ static NTSTATUS password_change(const char *remote_mach,
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ ret = remote_password_change(remote_mach,
+- NULL, username,
++ domain, username,
+ old_passwd, new_pw, &err_str);
+ } else {
+ ret = local_password_change(username, local_flags, new_pw,
+@@ -466,7 +466,8 @@ static int process_root(int local_flags)
+ }
+ }
+
+- if (!NT_STATUS_IS_OK(password_change(remote_machine, user_name,
++ if (!NT_STATUS_IS_OK(password_change(remote_machine,
++ NULL, user_name,
+ old_passwd, new_passwd,
+ local_flags))) {
+ result = 1;
+@@ -566,8 +567,9 @@ static int process_nonroot(int local_flags)
+ exit(1);
+ }
+
+- if (!NT_STATUS_IS_OK(password_change(remote_machine, user_name, old_pw,
+- new_pw, 0))) {
++ if (!NT_STATUS_IS_OK(password_change(remote_machine,
++ NULL, user_name,
++ old_pw, new_pw, 0))) {
+ result = 1;
+ goto done;
+ }
+--
+2.14.1
+
+
+From 72dd200ce430b23a887ddfa73c2b618bf387c583 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Fri, 18 Aug 2017 16:17:08 +0200
+Subject: [PATCH 5/6] s3:utils: Make sure we authenticate against our SAM name
+ in smbpasswd
+
+If a local user wants to change his password using smbpasswd and the
+machine is a domain member, we need to make sure we authenticate against
+our SAM and not ask winbind.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit dc129a968afdac8be70f9756bd18a7bf1f4c3b02)
+---
+ source3/utils/smbpasswd.c | 32 +++++++++++++++++++++++++++-----
+ 1 file changed, 27 insertions(+), 5 deletions(-)
+
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index 92712e38f6b..556e6869da7 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -58,7 +58,7 @@ static void usage(void)
+ printf(" -c smb.conf file Use the given path to the smb.conf file\n");
+ printf(" -D LEVEL debug level\n");
+ printf(" -r MACHINE remote machine\n");
+- printf(" -U USER remote username\n");
++ printf(" -U USER remote username (e.g. SAM/user)\n");
+
+ printf("extra options when run by root or in local mode:\n");
+ printf(" -a add user\n");
+@@ -95,7 +95,7 @@ static int process_options(int argc, char **argv, int local_flags)
+
+ user_name[0] = '\0';
+
+- while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:LW")) != EOF) {
++ while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:LWS:")) != EOF) {
+ switch(ch) {
+ case 'L':
+ if (getuid() != 0) {
+@@ -519,6 +519,9 @@ static int process_nonroot(int local_flags)
+ int result = 0;
+ char *old_pw = NULL;
+ char *new_pw = NULL;
++ const char *username = user_name;
++ const char *domain = NULL;
++ char *p = NULL;
+
+ if (local_flags & ~(LOCAL_AM_ROOT | LOCAL_SET_PASSWORD)) {
+ /* Extra flags that we can't honor non-root */
+@@ -536,6 +539,15 @@ static int process_nonroot(int local_flags)
+ }
+ }
+
++ /* Allow domain as part of the username */
++ if ((p = strchr_m(user_name, '\\')) ||
++ (p = strchr_m(user_name, '/')) ||
++ (p = strchr_m(user_name, *lp_winbind_separator()))) {
++ *p = '\0';
++ username = p + 1;
++ domain = user_name;
++ }
++
+ /*
+ * A non-root user is always setting a password
+ * via a remote machine (even if that machine is
+@@ -544,8 +556,18 @@ static int process_nonroot(int local_flags)
+
+ load_interfaces(); /* Delayed from main() */
+
+- if (remote_machine == NULL) {
++ if (remote_machine != NULL) {
++ if (!is_ipaddress(remote_machine)) {
++ domain = remote_machine;
++ }
++ } else {
+ remote_machine = "127.0.0.1";
++
++ /*
++ * If we deal with a local user, change the password for the
++ * user in our SAM.
++ */
++ domain = get_global_sam_name();
+ }
+
+ if (remote_machine != NULL) {
+@@ -568,13 +590,13 @@ static int process_nonroot(int local_flags)
+ }
+
+ if (!NT_STATUS_IS_OK(password_change(remote_machine,
+- NULL, user_name,
++ domain, username,
+ old_pw, new_pw, 0))) {
+ result = 1;
+ goto done;
+ }
+
+- printf("Password changed for user %s\n", user_name);
++ printf("Password changed for user %s\n", username);
+
+ done:
+ SAFE_FREE(old_pw);
+--
+2.14.1
+
+
+From 7d8aae447a411eb4903850c30366a18d1714f7c0 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Tue, 22 Aug 2017 15:46:07 +0200
+Subject: [PATCH 6/6] s3:utils: Remove pointless if-clause for remote_machine
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975
+
+Review with: git show -U20
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Andrew Bartlet <abartlet@samba.org>
+(cherry picked from commit 4a4bfcb539b4489f397b2bc9369215b7e03e620e)
+---
+ source3/utils/smbpasswd.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
+index 556e6869da7..fb7ad283995 100644
+--- a/source3/utils/smbpasswd.c
++++ b/source3/utils/smbpasswd.c
+@@ -570,12 +570,10 @@ static int process_nonroot(int local_flags)
+ domain = get_global_sam_name();
+ }
+
+- if (remote_machine != NULL) {
+- old_pw = get_pass("Old SMB password:",stdin_passwd_get);
+- if (old_pw == NULL) {
+- fprintf(stderr, "Unable to get old password.\n");
+- exit(1);
+- }
++ old_pw = get_pass("Old SMB password:",stdin_passwd_get);
++ if (old_pw == NULL) {
++ fprintf(stderr, "Unable to get old password.\n");
++ exit(1);
+ }
+
+ if (!new_passwd) {
+--
+2.14.1
+
diff --git a/SOURCES/samba-v4.6-graceful_fsctl_validate_negotiate_info.patch b/SOURCES/samba-v4.6-graceful_fsctl_validate_negotiate_info.patch
new file mode 100644
index 0000000..74daaa8
--- /dev/null
+++ b/SOURCES/samba-v4.6-graceful_fsctl_validate_negotiate_info.patch
@@ -0,0 +1,53 @@
+From fbef6bd05629e3f5939317bd073a2281fcc3b636 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Tue, 30 May 2017 16:30:33 +0200
+Subject: [PATCH] libcli:smb2: Gracefully handle not supported for
+ FSCTL_VALIDATE_NEGOTIATE_INFO
+
+If FSCTL_VALIDATE_NEGOTIATE_INFO is not implemented, e.g. in a SMB2 only
+server then gracefully handle NT_STATUS_NOT_SUPPORTED too.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=12808
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Signed-off-by: Guenther Deschner <gd@samba.org>
+Pair-Programmed-With: Guenther Deschner <gd@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+
+Autobuild-User(master): Volker Lendecke <vl@samba.org>
+Autobuild-Date(master): Thu Jun 15 17:32:45 CEST 2017 on sn-devel-144
+
+(cherry picked from commit a4d9438ecf92614a0915b9cf61f905ea8170043a)
+---
+ libcli/smb/smbXcli_base.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
+index a7b24f01497..593edf9ce78 100644
+--- a/libcli/smb/smbXcli_base.c
++++ b/libcli/smb/smbXcli_base.c
+@@ -5321,6 +5321,21 @@ static void smb2cli_validate_negotiate_info_done(struct tevent_req *subreq)
+ tevent_req_done(req);
+ return;
+ }
++ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
++ /*
++ * The response was signed, but not supported
++ *
++ * This might be returned by older Windows versions or by
++ * NetApp SMB server implementations.
++ *
++ * See
++ *
++ * https://blogs.msdn.microsoft.com/openspecification/2012/06/28/smb3-secure-dialect-negotiation/
++ *
++ */
++ tevent_req_done(req);
++ return;
++ }
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+--
+2.13.1.518.g3df882009-goog
+
diff --git a/SPECS/samba.spec b/SPECS/samba.spec
index fe73e2e..e167c3a 100644
--- a/SPECS/samba.spec
+++ b/SPECS/samba.spec
@@ -6,7 +6,7 @@
# ctdb is enabled by default, you can disable it with: --without clustering
%bcond_without clustering
-%define main_release 8
+%define main_release 10
%define samba_version 4.6.2
%define talloc_version 2.1.9
@@ -65,10 +65,7 @@
%global with_dc 1
%endif
-%global required_mit_krb5 1.10
-%if %{with_dc}
%global required_mit_krb5 1.15.1
-%endif
%global with_clustering_support 0
@@ -128,6 +125,9 @@ Patch12: samba-v4.7-config-dynamic-rpc-port-range.patch
Patch13: samba-v4-6-fix_smbclient_session_setup_info.patch
Patch14: samba-v4-6-fix_smbclient_username_parsing.patch
Patch15: samba-v4-6-fix_winbind_normalize_names.patch
+Patch16: samba-v4-6-fix_net_ads_changetrustpw.patch
+Patch17: samba-v4.6-fix_smbpasswd_user_pwd_change.patch
+Patch18: samba-v4.6-graceful_fsctl_validate_negotiate_info.patch
Requires(pre): /usr/sbin/groupadd
Requires(post): systemd
@@ -291,6 +291,7 @@ Requires: %{name}-common = %{samba_depver}
%if %with_libwbclient
Requires: libwbclient = %{samba_depver}
%endif
+Requires: krb5-libs >= %{required_mit_krb5}
%description client-libs
The samba-client-libs package contains internal libraries needed by the
@@ -430,7 +431,6 @@ the Kerberos credentials cache of the user issuing the print job.
### LIBS
%package libs
Summary: Samba libraries
-Requires: krb5-libs >= 1.14
Requires: %{name}-client-libs = %{samba_depver}
%if %with_libwbclient
Requires: libwbclient = %{samba_depver}
@@ -2649,6 +2649,15 @@ rm -rf %{buildroot}
%endif # with_clustering_support
%changelog
+* Wed Aug 23 2017 Andreas Schneider <asn@redhat.com> - 4.6.2-10
+- resolves: #1484423 - Require at least krb5 version 1.15.1
+- resolves: #1484713 - Fix password changes for users via smbpasswd
+- resolves: #1484723 - Be more graceful on FSCTL_VALIDATE_NEGOTIATE_INFO
+ returned errors
+
+* Mon Aug 14 2017 Andreas Schneider <asn@redhat.com> - 4.6.2-9
+- resolves: #1481188 - Fix 'net ads changetrustpw'
+
* Thu Jun 22 2017 Andreas Schneider <asn@redhat.com> - 4.6.2-8
- resolves: #1459936 - Fix regression with "follow symlinks = no"