[Pkg-samba-maint] r1396 - in branches/samba/etch/debian: . patches
bubulle at alioth.debian.org
bubulle at alioth.debian.org
Tue May 22 20:45:56 UTC 2007
Author: bubulle
Date: 2007-05-22 20:45:56 +0000 (Tue, 22 May 2007)
New Revision: 1396
Added:
branches/samba/etch/debian/patches/security-CVE-2007-2444_fixed-force-group.patch
Modified:
branches/samba/etch/debian/changelog
branches/samba/etch/debian/patches/series
Log:
Now back to 3.0.24-6etch2
Modified: branches/samba/etch/debian/changelog
===================================================================
--- branches/samba/etch/debian/changelog 2007-05-22 20:44:38 UTC (rev 1395)
+++ branches/samba/etch/debian/changelog 2007-05-22 20:45:56 UTC (rev 1396)
@@ -1,3 +1,13 @@
+samba (3.0.24-6etch2) stable-security; urgency=high
+
+ * The fix for CVE-2007-2444 broke the behaviour of "force group" when
+ for forced group is a local Unix group for domain member servers
+ Applied an upstream patch (security-CVE-2007-244_fixed-force-group.patch)
+ that is part of samba 3.0.25a.
+ Closes: #424629
+
+ -- Christian Perrier <bubulle at debian.org> Sat, 19 May 2007 07:24:19 +0200
+
samba (3.0.24-6etch1) stable-security; urgency=high
* Security fixes:
Added: branches/samba/etch/debian/patches/security-CVE-2007-2444_fixed-force-group.patch
===================================================================
--- branches/samba/etch/debian/patches/security-CVE-2007-2444_fixed-force-group.patch (rev 0)
+++ branches/samba/etch/debian/patches/security-CVE-2007-2444_fixed-force-group.patch 2007-05-22 20:45:56 UTC (rev 1396)
@@ -0,0 +1,58 @@
+=== modified file 'source/smbd/uid.c'
+--- samba-3.0.24.orig/source/smbd/uid.c 2007-05-12 16:45:55 +0000
++++ samba-3.0.24/source/smbd/uid.c 2007-05-18 17:33:11 +0000
+@@ -151,7 +151,9 @@
+ char group_c;
+ BOOL must_free_token = False;
+ NT_USER_TOKEN *token = NULL;
+-
++ int num_groups = 0;
++ gid_t *group_list = NULL;
++
+ if (!conn) {
+ DEBUG(2,("change_to_user: Connection not open\n"));
+ return(False);
+@@ -190,14 +192,14 @@
+ if (conn->force_user) /* security = share sets this too */ {
+ uid = conn->uid;
+ gid = conn->gid;
+- current_user.ut.groups = conn->groups;
+- current_user.ut.ngroups = conn->ngroups;
++ group_list = conn->groups;
++ num_groups = conn->ngroups;
+ token = conn->nt_user_token;
+ } else if (vuser) {
+ uid = conn->admin_user ? 0 : vuser->uid;
+ gid = vuser->gid;
+- current_user.ut.ngroups = vuser->n_groups;
+- current_user.ut.groups = vuser->groups;
++ num_groups = vuser->n_groups;
++ group_list = vuser->groups;
+ token = vuser->nt_user_token;
+ } else {
+ DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
+@@ -230,8 +232,8 @@
+ */
+
+ int i;
+- for (i = 0; i < current_user.ut.ngroups; i++) {
+- if (current_user.ut.groups[i] == conn->gid) {
++ for (i = 0; i < num_groups; i++) {
++ if (group_list[i] == conn->gid) {
+ gid = conn->gid;
+ gid_to_sid(&token->user_sids[1], gid);
+ break;
+@@ -243,6 +245,12 @@
+ }
+ }
+
++ /* Now set current_user since we will immediately also call
++ set_sec_ctx() */
++
++ current_user.ut.ngroups = num_groups;
++ current_user.ut.groups = group_list;
++
+ set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
+ token);
+
+
Modified: branches/samba/etch/debian/patches/series
===================================================================
--- branches/samba/etch/debian/patches/series 2007-05-22 20:44:38 UTC (rev 1395)
+++ branches/samba/etch/debian/patches/series 2007-05-22 20:45:56 UTC (rev 1396)
@@ -23,3 +23,4 @@
security-CVE-2007-2444.patch
security-CVE-2007-2446.patch
security-CVE-2007-2447.patch
+security-CVE-2007-2444_fixed-force-group.patch
More information about the Pkg-samba-maint
mailing list