[Pkg-samba-maint] r3985 - in branches/samba/squeeze/debian: . patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Sun Jan 8 16:46:29 UTC 2012 

tags 652048 pending
thanks

Author: bubulle
Date: 2012-01-08 16:46:29 +0000 (Sun, 08 Jan 2012)
New Revision: 3985

Added:
   branches/samba/squeeze/debian/patches/0001-s3-Fix-bug-8238-KB2536276-prevents-access-to-sha.patch
Modified:
   branches/samba/squeeze/debian/changelog
   branches/samba/squeeze/debian/patches/series
Log:
Allow using unencrypted passwords with Windows clients that
got KB2536276 installed. Closes: #652048

Modified: branches/samba/squeeze/debian/changelog
===================================================================
--- branches/samba/squeeze/debian/changelog	2011-12-04 06:40:32 UTC (rev 3984)
+++ branches/samba/squeeze/debian/changelog	2012-01-08 16:46:29 UTC (rev 3985)
@@ -1,5 +1,12 @@
-samba (2:3.5.6~dfsg-3squeeze5) stable-security-UNRELEASED; urgency=high
+samba (2:3.5.6~dfsg-3squeeze6) stable-proposed-updates; urgency=low
 
+  * Allow using unencrypted passwords with Windows clients that
+    got KB2536276 installed. Closes: #652048
+
+ -- Christian Perrier <bubulle at debian.org>  Sun, 08 Jan 2012 13:45:28 +0100
+
+samba (2:3.5.6~dfsg-3squeeze5) stable-security; urgency=high
+
   * Security update, fixing the following issues:
     - CVE-2011-2694: possible XSS attack in SWAT
     - CVE-2011-2522: Cross-Site Request Forgery vulnerability in SWAT

Added: branches/samba/squeeze/debian/patches/0001-s3-Fix-bug-8238-KB2536276-prevents-access-to-sha.patch
===================================================================
--- branches/samba/squeeze/debian/patches/0001-s3-Fix-bug-8238-KB2536276-prevents-access-to-sha.patch	                        (rev 0)
+++ branches/samba/squeeze/debian/patches/0001-s3-Fix-bug-8238-KB2536276-prevents-access-to-sha.patch	2012-01-08 16:46:29 UTC (rev 3985)
@@ -0,0 +1,26 @@
+From 0b0c5596034a007b71785a0f36aaf40cf74b234d Mon Sep 17 00:00:00 2001
+From: Volker Lendecke <vl at samba.org>
+Date: Thu, 16 Jun 2011 22:20:49 +0200
+Subject: [PATCH] s3: Fix bug 8238 -- KB2536276 prevents access to shares
+
+Without this we were not sending the workgroup name in the negprot reply if
+plain text passwords are used.
+---
+ source3/smbd/negprot.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
+index 81d29d9..51ad80d 100644
+--- a/source3/smbd/negprot.c
++++ b/source3/smbd/negprot.c
+@@ -382,6 +382,7 @@ static void reply_nt1(struct smb_request *req, uint16 choice)
+ 			reply_nterror(req, NT_STATUS_NO_MEMORY);
+ 			return;
+ 		}
++		p += ret;
+ 		DEBUG(3,("not using SPNEGO\n"));
+ 	} else {
+ 		DATA_BLOB spnego_blob = negprot_spnego();
+-- 
+1.5.6.5
+

Modified: branches/samba/squeeze/debian/patches/series
===================================================================
--- branches/samba/squeeze/debian/patches/series	2011-12-04 06:40:32 UTC (rev 3984)
+++ branches/samba/squeeze/debian/patches/series	2012-01-08 16:46:29 UTC (rev 3985)
@@ -29,3 +29,4 @@
 upstream_7880_0001-s3-rpcclient-Fix-bug-7880-cmd_spoolss_deletedriver-r.patch
 security-CVE-2011-2694.patch
 security-CVE-2011-2522.patch
+0001-s3-Fix-bug-8238-KB2536276-prevents-access-to-sha.patch

More information about the Pkg-samba-maint mailing list