samba36: fix some security problems

[openwrt/openwrt.git] / package / network / services / samba36 / patches / 028-CVE-2017-7494-v3-6.patch

diff --git a/package/network/services/samba36/patches/028-CVE-2017-7494-v3-6.patch b/package/network/services/samba36/patches/028-CVE-2017-7494-v3-6.patch
deleted file mode 100644 (file)
index 17b020d..0000000
--- a/package/network/services/samba36/patches/028-CVE-2017-7494-v3-6.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001
-From: Volker Lendecke <vl@samba.org>
-Date: Mon, 8 May 2017 21:40:40 +0200
-Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /
- inside
-
-Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
-
-Signed-off-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Jeremy Allison <jra@samba.org>
-Reviewed-by: Stefan Metzmacher <metze@samba.org>
----
- source3/rpc_server/srv_pipe.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
---- a/source3/rpc_server/srv_pipe.c
-+++ b/source3/rpc_server/srv_pipe.c
-@@ -473,6 +473,11 @@ bool is_known_pipename(const char *cli_f
-               pipename += 1;
-       }
- 
-+      if (strchr(pipename, '/')) {
-+              DEBUG(1, ("Refusing open on pipe %s\n", pipename));
-+              return false;
-+      }
-+
-       if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
-               DEBUG(10, ("refusing spoolss access\n"));
-               return false;