[Pkg-samba-maint] r1094 - in branches/sarge: . patches

[Steve Langasek]

Author: vorlon
Date: 2006-07-13 08:14:00 +0000 (Thu, 13 Jul 2006)
New Revision: 1094

Added:
   branches/sarge/patches/samba-3.0-CAN-2006-3403.patch
Modified:
   branches/sarge/changelog
Log:
security fix for CAN-2006-3403 DoS

Modified: branches/sarge/changelog
===================================================================
--- branches/sarge/changelog	2006-07-11 07:00:09 UTC (rev 1093)
+++ branches/sarge/changelog	2006-07-13 08:14:00 UTC (rev 1094)
@@ -1,3 +1,11 @@
+samba (3.0.14a-3sarge2) stable-security; urgency=high
+
+  * High-urgency upload for security fix.
+  * Added debian/patches/samba-3.0-CAN-2006-3403.patch: fix for
+    CAN-2006-3403, memory exhaustion DoS agaisnt smbd.  Closes: #378070.
+
+ -- Steve Langasek <vorlon at debian.org>  Thu, 13 Jul 2006 03:26:08 -0700
+
 samba (3.0.14a-3sarge1) stable; urgency=low
 
   * Incorporate debian/patches/schannel-64bit-align.patch from upstream,

Added: branches/sarge/patches/samba-3.0-CAN-2006-3403.patch
===================================================================
--- branches/sarge/patches/samba-3.0-CAN-2006-3403.patch	2006-07-11 07:00:09 UTC (rev 1093)
+++ branches/sarge/patches/samba-3.0-CAN-2006-3403.patch	2006-07-13 08:14:00 UTC (rev 1094)
@@ -0,0 +1,17 @@
+Index: samba-3.0.14a/source/smbd/service.c
+===================================================================
+--- samba-3.0.14a/source/smbd/service.c (revision 16676)
++++ samba-3.0.14a/source/smbd/service.c (working copy)
+@@ -763,6 +763,11 @@
+ 		smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
+ 	}
+
++	if (conn_num_open() > 2047) {
++		*status = NT_STATUS_INSUFF_SERVER_RESOURCES;
++		return NULL;
++	}
++
+ 	if(lp_security() != SEC_SHARE) {
+ 		vuser = get_valid_user_struct(vuid);
+ 		if (!vuser) {
+