diff options
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch')
-rw-r--r-- | meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch new file mode 100644 index 0000000000..6fa4ef10dd --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch @@ -0,0 +1,64 @@ +From 74a508b39e6fd5036a2adc99d559bd3852f8ce8d Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Fri, 29 Jan 2016 23:34:15 +0100 +Subject: [PATCH] CVE-2018-14628: s4:setup: set the correct + nTSecurityDescriptor on the CN=Deleted Objects container + +This revealed a bug in our dirsync code, so we mark +test_search_with_dirsync_deleted_objects as knownfail. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher <metze@samba.org> +Reviewed-by: Andrew Bartlett <abartlet@samba.org> +(cherry picked from commit 7f8b15faa76d05023c987fac2c4c31f9ac61bb47) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/74a508b39e6fd5036a2adc99d559bd3852f8ce8d] + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + source4/setup/provision.ldif | 1 + + source4/setup/provision_configuration.ldif | 1 + + source4/setup/provision_dnszones_add.ldif | 1 + + 3 files changed, 3 insertions(+) + +diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif +index 5d9eba4..7f966fd 100644 +--- a/source4/setup/provision.ldif ++++ b/source4/setup/provision.ldif +@@ -34,6 +34,7 @@ isDeleted: TRUE + isCriticalSystemObject: TRUE + showInAdvancedViewOnly: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + # Computers located in "provision_computers*.ldif" + # Users/Groups located in "provision_users*.ldif" +diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif +index 53c9c85..8fcbddb 100644 +--- a/source4/setup/provision_configuration.ldif ++++ b/source4/setup/provision_configuration.ldif +@@ -14,6 +14,7 @@ description: Container for deleted objects + isDeleted: TRUE + isCriticalSystemObject: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + # Extended rights + +diff --git a/source4/setup/provision_dnszones_add.ldif b/source4/setup/provision_dnszones_add.ldif +index 860aa4b..a2d6b6b 100644 +--- a/source4/setup/provision_dnszones_add.ldif ++++ b/source4/setup/provision_dnszones_add.ldif +@@ -8,6 +8,7 @@ description: Deleted objects + isDeleted: TRUE + isCriticalSystemObject: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + dn: CN=LostAndFound,${ZONE_DN} + objectClass: top +-- +2.40.0 |