[Pkg-samba-maint] Bug#864291: samba: CVE-2017-9461: infinite loop on bad-symlink resolution

Hugo Lefeuvre hle at debian.org
Wed Jun 28 14:28:20 UTC 2017


I couldn't reproduce this bug in the wheezy version and I think it
isn't affected.

I get the following error message:

    $ smbclient //server/share -c "posix; symlink nothing broken"
    $ smbclient //localhost/shareddir -c "put /etc/issue broken"
    Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.6]
    NT_STATUS_OBJECT_NAME_NOT_FOUND opening remote file \broken

In the wheezy version, the fd_open_atomic function doesn't exist and
the existing fd_open function doesn't use loops.


             Hugo Lefeuvre (hle)    |    www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20170628/08e5245b/attachment.sig>

More information about the Pkg-samba-maint mailing list