From 1414f1647d435a7eda48d9433a022286a46d9097 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sat, 16 Apr 2016 20:06:34 +0000
Subject: samba: fix some security problems

This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49175
---
 .../network/services/samba36/patches/290-remove_lsa.patch | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'package/network/services/samba36/patches/290-remove_lsa.patch')

diff --git a/package/network/services/samba36/patches/290-remove_lsa.patch b/package/network/services/samba36/patches/290-remove_lsa.patch
index fe37d5dae1..6dc35753b1 100644
--- a/package/network/services/samba36/patches/290-remove_lsa.patch
+++ b/package/network/services/samba36/patches/290-remove_lsa.patch
@@ -71,3 +71,18 @@
  }
  
  size_t num_pipe_handles(struct pipes_struct *p)
+--- a/source3/rpc_server/srv_pipe.c
++++ b/source3/rpc_server/srv_pipe.c
+@@ -419,10 +419,12 @@ static bool check_bind_req(struct pipes_
+ 		context_fns->allow_connect = false;
+ 	}
+ #endif
++#ifdef LSA_SUPPORT
+ 	ok = ndr_syntax_id_equal(abstract, &ndr_table_lsarpc.syntax_id);
+ 	if (ok) {
+ 		context_fns->allow_connect = false;
+ 	}
++#endif
+ #ifdef NETLOGON_SUPPORT
+ 	ok = ndr_syntax_id_equal(abstract, &ndr_table_netlogon.syntax_id);
+ 	if (ok) {
-- 
cgit v1.2.3