diff options
Diffstat (limited to 'package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch')
-rw-r--r-- | package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch b/package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch deleted file mode 100644 index 17b020d88a..0000000000 --- a/package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch +++ /dev/null @@ -1,29 +0,0 @@ -From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001 -From: Volker Lendecke <vl@samba.org> -Date: Mon, 8 May 2017 21:40:40 +0200 -Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with / - inside - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780 - -Signed-off-by: Volker Lendecke <vl@samba.org> -Reviewed-by: Jeremy Allison <jra@samba.org> -Reviewed-by: Stefan Metzmacher <metze@samba.org> ---- - source3/rpc_server/srv_pipe.c | 5 +++++ - 1 file changed, 5 insertions(+) - ---- a/source3/rpc_server/srv_pipe.c -+++ b/source3/rpc_server/srv_pipe.c -@@ -473,6 +473,11 @@ bool is_known_pipename(const char *cli_f - pipename += 1; - } - -+ if (strchr(pipename, '/')) { -+ DEBUG(1, ("Refusing open on pipe %s\n", pipename)); -+ return false; -+ } -+ - if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { - DEBUG(10, ("refusing spoolss access\n")); - return false; |