[Pkg-samba-maint] [samba] 05/06: Refresh security-CVE-2015-0240.patch

Mon Feb 23 18:12:24 UTC 2015

This is an automated email from the git hooks/post-receive script.

ivodd pushed a commit to branch squeeze-backports
in repository samba.

commit 0a453a439dd19511108baef24d35b528ab820497
Author: Ivo De Decker <ivodd at debian.org>
Date:   Sun Feb 22 21:54:04 2015 +0100

    Refresh security-CVE-2015-0240.patch
---
 debian/changelog                            |  2 +
 debian/patches/security-CVE-2015-0240.patch | 90 ++++-------------------------
 2 files changed, 14 insertions(+), 78 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 42b8b91..6ef152b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
 samba (2:3.6.6-6+deb7u5~bpo60+1) UNRELEASED; urgency=medium
 
   * Rebuild for squeeze-backports.
+  * Refresh security-CVE-2015-0240.patch to make it apply with patch from
+    squeeze.
 
  -- Ivo De Decker <ivodd at debian.org>  Sun, 22 Feb 2015 21:46:42 +0100
 
diff --git a/debian/patches/security-CVE-2015-0240.patch b/debian/patches/security-CVE-2015-0240.patch
index ac74533..91b4907 100644
--- a/debian/patches/security-CVE-2015-0240.patch
+++ b/debian/patches/security-CVE-2015-0240.patch
@@ -32,25 +32,11 @@ Research, who also provided the fix.
 
 
 
-From 32cdad66bde9c385bd07cb373812bd9a46d0b86b Mon Sep 17 00:00:00 2001
-From: Jeremy Allison <jra at samba.org>
-Date: Wed, 28 Jan 2015 14:47:31 -0800
-Subject: [PATCH 1/3] CVE-2015-0240: s3: netlogon: Ensure we don't call
- talloc_free on an uninitialized pointer.
-
-Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077
-
-Signed-off-by: Jeremy Allison <jra at samba.org>
-Reviewed-by: Stefan Metzmacher <metze at samba.org>
----
- source3/rpc_server/netlogon/srv_netlog_nt.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
-index 3fd93bc..0366caa 100644
---- a/source3/rpc_server/netlogon/srv_netlog_nt.c
-+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
-@@ -1070,6 +1070,10 @@ static NTSTATUS netr_creds_server_step_check(struct pipes_struct *p,
+Index: samba/source3/rpc_server/netlogon/srv_netlog_nt.c
+===================================================================
+--- samba.orig/source3/rpc_server/netlogon/srv_netlog_nt.c
++++ samba/source3/rpc_server/netlogon/srv_netlog_nt.c
+@@ -1070,6 +1070,10 @@ static NTSTATUS netr_creds_server_step_c
  	NTSTATUS status;
  	bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
  
@@ -61,7 +47,7 @@ index 3fd93bc..0366caa 100644
  	if (schannel_global_required) {
  		status = schannel_check_required(&p->auth,
  						 computer_name,
-@@ -1205,7 +1209,7 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p,
+@@ -1205,7 +1209,7 @@ NTSTATUS _netr_ServerPasswordSet(struct
  {
  	NTSTATUS status = NT_STATUS_OK;
  	int i;
@@ -70,34 +56,7 @@ index 3fd93bc..0366caa 100644
  
  	DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__));
  
--- 
-2.3.0
-
-
-From 38225873da44350663d36cecc8d8d60aa5f0e54a Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at samba.org>
-Date: Mon, 16 Feb 2015 10:59:23 +0100
-Subject: [PATCH 2/3] s3-netlogon: Make sure we do not deference a NULL
- pointer.
-
-This is an additional patch for CVE-2015-0240.
-
-BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
-
-Pair-Programmed-With: Michael Adam <obnox at samba.org>
-Pair-Programmed-With: Andreas Schneider <asn at samba.org>
-Signed-off-by: Michael Adam <obnox at samba.org>
-Signed-off-by: Andreas Schneider <asn at samba.org>
-Reviewed-by: Volker Lendecke <vl at samba.org>
----
- source3/rpc_server/netlogon/srv_netlog_nt.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
-index 0366caa..a26638e 100644
---- a/source3/rpc_server/netlogon/srv_netlog_nt.c
-+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
-@@ -1222,9 +1222,14 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p,
+@@ -1218,9 +1222,14 @@ NTSTATUS _netr_ServerPasswordSet(struct
  	unbecome_root();
  
  	if (!NT_STATUS_IS_OK(status)) {
@@ -113,33 +72,11 @@ index 0366caa..a26638e 100644
  		TALLOC_FREE(creds);
  		return status;
  	}
--- 
-2.3.0
-
-
-From 6732025dd330ead77ee4ae44badbaa13044b6422 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at samba.org>
-Date: Mon, 16 Feb 2015 10:56:03 +0100
-Subject: [PATCH 3/3] auth: Make sure that creds_out is initialized with NULL.
-
-This is an additional patch for CVE-2015-0240.
-
-BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
-
-Pair-Programmed-With: Michael Adam <obnox at samba.org>
-Pair-Programmed-With: Andreas Schneider <asn at samba.org>
-Signed-off-by: Michael Adam <obnox at samba.org>
-Signed-off-by: Andreas Schneider <asn at samba.org>
-Reviewed-by: Volker Lendecke <vl at samba.org>
----
- libcli/auth/schannel_state_tdb.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
-index ca35a11..145005c 100644
---- a/libcli/auth/schannel_state_tdb.c
-+++ b/libcli/auth/schannel_state_tdb.c
-@@ -285,6 +285,10 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
+Index: samba/libcli/auth/schannel_state_tdb.c
+===================================================================
+--- samba.orig/libcli/auth/schannel_state_tdb.c
++++ samba/libcli/auth/schannel_state_tdb.c
+@@ -285,6 +285,10 @@ NTSTATUS schannel_check_creds_state(TALL
  	NTSTATUS status;
  	int ret;
  
@@ -150,6 +87,3 @@ index ca35a11..145005c 100644
  	tmpctx = talloc_named(mem_ctx, 0, "schannel_check_creds_state");
  	if (!tmpctx) {
  		return NT_STATUS_NO_MEMORY;
--- 
-2.3.0
-

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git


