[Pkg-samba-maint] r1094 - in branches/sarge: . patches
Steve Langasek
vorlon at costa.debian.org
Thu Jul 13 08:14:01 UTC 2006
Author: vorlon
Date: 2006-07-13 08:14:00 +0000 (Thu, 13 Jul 2006)
New Revision: 1094
Added:
branches/sarge/patches/samba-3.0-CAN-2006-3403.patch
Modified:
branches/sarge/changelog
Log:
security fix for CAN-2006-3403 DoS
Modified: branches/sarge/changelog
===================================================================
--- branches/sarge/changelog 2006-07-11 07:00:09 UTC (rev 1093)
+++ branches/sarge/changelog 2006-07-13 08:14:00 UTC (rev 1094)
@@ -1,3 +1,11 @@
+samba (3.0.14a-3sarge2) stable-security; urgency=high
+
+ * High-urgency upload for security fix.
+ * Added debian/patches/samba-3.0-CAN-2006-3403.patch: fix for
+ CAN-2006-3403, memory exhaustion DoS agaisnt smbd. Closes: #378070.
+
+ -- Steve Langasek <vorlon at debian.org> Thu, 13 Jul 2006 03:26:08 -0700
+
samba (3.0.14a-3sarge1) stable; urgency=low
* Incorporate debian/patches/schannel-64bit-align.patch from upstream,
Added: branches/sarge/patches/samba-3.0-CAN-2006-3403.patch
===================================================================
--- branches/sarge/patches/samba-3.0-CAN-2006-3403.patch 2006-07-11 07:00:09 UTC (rev 1093)
+++ branches/sarge/patches/samba-3.0-CAN-2006-3403.patch 2006-07-13 08:14:00 UTC (rev 1094)
@@ -0,0 +1,17 @@
+Index: samba-3.0.14a/source/smbd/service.c
+===================================================================
+--- samba-3.0.14a/source/smbd/service.c (revision 16676)
++++ samba-3.0.14a/source/smbd/service.c (working copy)
+@@ -763,6 +763,11 @@
+ smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
+ }
+
++ if (conn_num_open() > 2047) {
++ *status = NT_STATUS_INSUFF_SERVER_RESOURCES;
++ return NULL;
++ }
++
+ if(lp_security() != SEC_SHARE) {
+ vuser = get_valid_user_struct(vuid);
+ if (!vuser) {
+
More information about the Pkg-samba-maint
mailing list