diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2016-04-16 20:06:34 +0000 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2016-04-16 20:06:34 +0000 |
commit | 1414f1647d435a7eda48d9433a022286a46d9097 (patch) | |
tree | 633f8ca00f7284130188a3f6e8e65025009f9ff2 /package/network/services/samba36/patches/011-patch-cve-2015-5296.patch | |
parent | 894aed060ee15dafea19d94157adddf38ff8e2e7 (diff) | |
download | upstream-1414f1647d435a7eda48d9433a022286a46d9097.tar.gz upstream-1414f1647d435a7eda48d9433a022286a46d9097.tar.bz2 upstream-1414f1647d435a7eda48d9433a022286a46d9097.zip |
samba: fix some security problems
This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49175
Diffstat (limited to 'package/network/services/samba36/patches/011-patch-cve-2015-5296.patch')
-rw-r--r-- | package/network/services/samba36/patches/011-patch-cve-2015-5296.patch | 28 |
1 files changed, 2 insertions, 26 deletions
diff --git a/package/network/services/samba36/patches/011-patch-cve-2015-5296.patch b/package/network/services/samba36/patches/011-patch-cve-2015-5296.patch index eaafd1c667..a309cf1b7f 100644 --- a/package/network/services/samba36/patches/011-patch-cve-2015-5296.patch +++ b/package/network/services/samba36/patches/011-patch-cve-2015-5296.patch @@ -12,11 +12,9 @@ Reviewed-by: Jeremy Allison <jra@samba.org> source3/libsmb/clidfs.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) -diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c -index 23e1471..f153b6b 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c -@@ -98,6 +98,11 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, +@@ -98,6 +98,11 @@ static struct cli_state *do_connect(TALL const char *username; const char *password; NTSTATUS status; @@ -28,7 +26,7 @@ index 23e1471..f153b6b 100644 /* make a copy so we don't modify the global string 'service' */ servicename = talloc_strdup(ctx,share); -@@ -132,7 +137,7 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, +@@ -132,7 +137,7 @@ static struct cli_state *do_connect(TALL zero_sockaddr(&ss); /* have to open a new connection */ @@ -37,26 +35,6 @@ index 23e1471..f153b6b 100644 if (c == NULL) { d_printf("Connection to %s failed\n", server_n); return NULL; --- -2.5.0 - - -From 060adb0abdeda51b8b622c6020b5dea0c8dde1cf Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher <metze@samba.org> -Date: Wed, 30 Sep 2015 21:17:02 +0200 -Subject: [PATCH 2/2] CVE-2015-5296: s3:libsmb: force signing when requiring - encryption in SMBC_server_internal() - -BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536 - -Signed-off-by: Stefan Metzmacher <metze@samba.org> -Reviewed-by: Jeremy Allison <jra@samba.org> ---- - source3/libsmb/libsmb_server.c | 13 +++++++++++-- - 1 file changed, 11 insertions(+), 2 deletions(-) - -diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c -index 45be660..167f2c9 100644 --- a/source3/libsmb/libsmb_server.c +++ b/source3/libsmb/libsmb_server.c @@ -258,6 +258,7 @@ SMBC_server_internal(TALLOC_CTX *ctx, @@ -108,5 +86,3 @@ index 45be660..167f2c9 100644 if (! NT_STATUS_IS_OK(nt_status)) { DEBUG(1,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); --- -2.5.0 |