Your message dated Wed, 24 May 2017 16:54:58 +0000
with message-id <[email protected]>
and subject line unblock samba
has caused the Debian Bug report #863268,
regarding unblock: samba/2:4.5.8+dfsg-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
863268: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863268
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package samba
It (only) includes a fix for critical CVE-2017-7494 (rpc_server3: Refuse to
open pipe names with / inside)
Debdiff attached.
Regards
Mathieu Parent
unblock samba/2:4.5.8+dfsg-2
-- System Information:
Debian Release: 9.0
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru samba-4.5.8+dfsg/debian/changelog samba-4.5.8+dfsg/debian/changelog
--- samba-4.5.8+dfsg/debian/changelog 2017-04-01 20:39:17.000000000 +0200
+++ samba-4.5.8+dfsg/debian/changelog 2017-05-18 11:53:47.000000000 +0200
@@ -1,3 +1,9 @@
+samba (2:4.5.8+dfsg-2) unstable; urgency=high
+
+ * CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
+
+ -- Mathieu Parent <[email protected]> Thu, 18 May 2017 11:53:47 +0200
+
samba (2:4.5.8+dfsg-1) unstable; urgency=high
* New upstream version
diff -Nru samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch
samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch
--- samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 1970-01-01
01:00:00.000000000 +0100
+++ samba-4.5.8+dfsg/debian/patches/CVE-2017-7494.patch 2017-05-18
11:53:47.000000000 +0200
@@ -0,0 +1,33 @@
+From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke <[email protected]>
+Date: Mon, 8 May 2017 21:40:40 +0200
+Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /
+ inside
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
+
+Signed-off-by: Volker Lendecke <[email protected]>
+Reviewed-by: Jeremy Allison <[email protected]>
+Reviewed-by: Stefan Metzmacher <[email protected]>
+---
+ source3/rpc_server/srv_pipe.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
+index 0633b5f..c3f0cd8 100644
+--- a/source3/rpc_server/srv_pipe.c
++++ b/source3/rpc_server/srv_pipe.c
+@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct
ndr_syntax_id *syntax)
+ {
+ NTSTATUS status;
+
++ if (strchr(pipename, '/')) {
++ DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++ return false;
++ }
++
+ if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+ DEBUG(10, ("refusing spoolss access\n"));
+ return false;
+--
+1.9.1
diff -Nru samba-4.5.8+dfsg/debian/patches/series
samba-4.5.8+dfsg/debian/patches/series
--- samba-4.5.8+dfsg/debian/patches/series 2017-04-01 20:39:17.000000000
+0200
+++ samba-4.5.8+dfsg/debian/patches/series 2017-05-18 11:53:47.000000000
+0200
@@ -15,3 +15,4 @@
Add-documentation-to-systemd-Unit-files.patch
fix_kill_path_in_units.patch
nmbd-requires-a-working-network.patch
+CVE-2017-7494.patch
--- End Message ---
--- Begin Message ---
Unblocked samba.
--- End Message ---
