aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch')
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch64
1 files changed, 64 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch
new file mode 100644
index 0000000000..6fa4ef10dd
--- /dev/null
+++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch
@@ -0,0 +1,64 @@
+From 74a508b39e6fd5036a2adc99d559bd3852f8ce8d Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Fri, 29 Jan 2016 23:34:15 +0100
+Subject: [PATCH] CVE-2018-14628: s4:setup: set the correct
+ nTSecurityDescriptor on the CN=Deleted Objects container
+
+This revealed a bug in our dirsync code, so we mark
+test_search_with_dirsync_deleted_objects as knownfail.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Andrew Bartlett <abartlet@samba.org>
+(cherry picked from commit 7f8b15faa76d05023c987fac2c4c31f9ac61bb47)
+
+CVE: CVE-2018-14628
+
+Upstream-Status: Backport [https://github.com/samba-team/samba/commit/74a508b39e6fd5036a2adc99d559bd3852f8ce8d]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ source4/setup/provision.ldif | 1 +
+ source4/setup/provision_configuration.ldif | 1 +
+ source4/setup/provision_dnszones_add.ldif | 1 +
+ 3 files changed, 3 insertions(+)
+
+diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
+index 5d9eba4..7f966fd 100644
+--- a/source4/setup/provision.ldif
++++ b/source4/setup/provision.ldif
+@@ -34,6 +34,7 @@ isDeleted: TRUE
+ isCriticalSystemObject: TRUE
+ showInAdvancedViewOnly: TRUE
+ systemFlags: -1946157056
++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR}
+
+ # Computers located in "provision_computers*.ldif"
+ # Users/Groups located in "provision_users*.ldif"
+diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif
+index 53c9c85..8fcbddb 100644
+--- a/source4/setup/provision_configuration.ldif
++++ b/source4/setup/provision_configuration.ldif
+@@ -14,6 +14,7 @@ description: Container for deleted objects
+ isDeleted: TRUE
+ isCriticalSystemObject: TRUE
+ systemFlags: -1946157056
++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR}
+
+ # Extended rights
+
+diff --git a/source4/setup/provision_dnszones_add.ldif b/source4/setup/provision_dnszones_add.ldif
+index 860aa4b..a2d6b6b 100644
+--- a/source4/setup/provision_dnszones_add.ldif
++++ b/source4/setup/provision_dnszones_add.ldif
+@@ -8,6 +8,7 @@ description: Deleted objects
+ isDeleted: TRUE
+ isCriticalSystemObject: TRUE
+ systemFlags: -1946157056
++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR}
+
+ dn: CN=LostAndFound,${ZONE_DN}
+ objectClass: top
+--
+2.40.0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-01 10:00:44 +0000