diff options
author | bubulle <bubulle@alioth.debian.org> | 2009-06-21 10:28:48 +0000 |
---|---|---|
committer | bubulle <bubulle@alioth.debian.org> | 2009-06-21 10:28:48 +0000 |
commit | 35c61c0420015dbc918fb691050b9f01491010ca (patch) | |
tree | 2b586893f28754928d4b3ab4fccdfd9832fe30c0 | |
parent | 21cc4c69af8a2efe03341c2b8030137d825ea320 (diff) | |
download | samba-35c61c0420015dbc918fb691050b9f01491010ca.tar.gz |
Stupid me: the sec fix doesn't apply to 3.3!
git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/backports.org/lenny@2900 fc4039ab-9d04-0410-8cac-899223bdd6b0
-rw-r--r-- | debian/changelog | 7 | ||||
-rw-r--r-- | debian/patches/security-upstream_6478.patch | 182 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 0 insertions, 190 deletions
diff --git a/debian/changelog b/debian/changelog index 66852addd1..040b878ee7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,3 @@ -samba (2:3.3.4-1~bpo50+3) lenny-backports; urgency=high - - * Fix Formatstring vulnerability in smbclient. CVE ID - not assigned yet. - - -- Christian Perrier <bubulle@debian.org> Sun, 21 Jun 2009 11:47:35 +0200 - samba (2:3.3.4-1~bpo50+2) lenny-backports; urgency=low * Rebuild (really for lenny this time) diff --git a/debian/patches/security-upstream_6478.patch b/debian/patches/security-upstream_6478.patch deleted file mode 100644 index 521049c11a..0000000000 --- a/debian/patches/security-upstream_6478.patch +++ /dev/null @@ -1,182 +0,0 @@ -Goal: Fix Formatstring vulnerability in smbclient - -Fixes: Upstream security fix. CVE ID to be assigned. - -Status wrt upstream: Fixed in 3.2.13 - -Author: Volker Lendecke <vl@samba.org> - -Note: The smbclient commands dealing with file - names treat user input as a format string - to asprintf. - -Index: lenny/source/client/client.c -=================================================================== ---- lenny.orig/source/client/client.c 2009-06-19 20:03:39.198283928 +0200 -+++ lenny/source/client/client.c 2009-06-19 20:03:52.398284448 +0200 -@@ -364,7 +364,7 @@ - - /* Ensure cur_dir ends in a DIRSEP */ - if ((new_cd[0] != '\0') && (*(new_cd+strlen(new_cd)-1) != CLI_DIRSEP_CHAR)) { -- new_cd = talloc_asprintf_append(new_cd, CLI_DIRSEP_STR); -+ new_cd = talloc_asprintf_append(new_cd, "%s", CLI_DIRSEP_STR); - if (!new_cd) { - goto out; - } -@@ -871,7 +871,7 @@ - if (*buf == CLI_DIRSEP_CHAR) { - mask = talloc_strdup(ctx, buf); - } else { -- mask = talloc_asprintf_append(mask, buf); -+ mask = talloc_asprintf_append(mask, "%s", buf); - } - } else { - mask = talloc_asprintf_append(mask, "*"); -@@ -912,7 +912,7 @@ - return 1; - } - if ((mask[0] != '\0') && (mask[strlen(mask)-1]!=CLI_DIRSEP_CHAR)) { -- mask = talloc_asprintf_append(mask, CLI_DIRSEP_STR); -+ mask = talloc_asprintf_append(mask, "%s", CLI_DIRSEP_STR); - if (!mask) { - return 1; - } -@@ -923,7 +923,7 @@ - if (*buf == CLI_DIRSEP_CHAR) { - mask = talloc_strdup(ctx, buf); - } else { -- mask = talloc_asprintf_append(mask, buf); -+ mask = talloc_asprintf_append(mask, "%s", buf); - } - } else { - mask = talloc_strdup(ctx, "*"); -@@ -1107,7 +1107,7 @@ - d_printf("get <filename> [localname]\n"); - return 1; - } -- rname = talloc_asprintf_append(rname, fname); -+ rname = talloc_asprintf_append(rname, "%s", fname); - if (!rname) { - return 1; - } -@@ -1266,7 +1266,7 @@ - unlink(lname); - return 1; - } -- rname = talloc_asprintf_append(rname, fname); -+ rname = talloc_asprintf_append(rname, "%s", fname); - if (!rname) { - return 1; - } -@@ -1318,7 +1318,7 @@ - mget_mask = talloc_strdup(ctx, buf); - } else { - mget_mask = talloc_asprintf_append(mget_mask, -- buf); -+ "%s", buf); - } - if (!mget_mask) { - return 1; -@@ -1414,7 +1414,7 @@ - } - return 1; - } -- mask = talloc_asprintf_append(mask, buf); -+ mask = talloc_asprintf_append(mask, "%s", buf); - if (!mask) { - return 1; - } -@@ -1443,14 +1443,14 @@ - trim_char(ddir,'.','\0'); - p = strtok_r(ddir, "/\\", &saveptr); - while (p) { -- ddir2 = talloc_asprintf_append(ddir2, p); -+ ddir2 = talloc_asprintf_append(ddir2, "%s", p); - if (!ddir2) { - return 1; - } - if (!cli_chkpath(targetcli, ddir2)) { - do_mkdir(ddir2); - } -- ddir2 = talloc_asprintf_append(ddir2, CLI_DIRSEP_STR); -+ ddir2 = talloc_asprintf_append(ddir2, "%s", CLI_DIRSEP_STR); - if (!ddir2) { - return 1; - } -@@ -1482,7 +1482,7 @@ - d_printf("altname <file>\n"); - return 1; - } -- name = talloc_asprintf_append(name, buf); -+ name = talloc_asprintf_append(name, "%s", buf); - if (!name) { - return 1; - } -@@ -1566,7 +1566,7 @@ - d_printf("allinfo <file>\n"); - return 1; - } -- name = talloc_asprintf_append(name, buf); -+ name = talloc_asprintf_append(name, "%s", buf); - if (!name) { - return 1; - } -@@ -1733,9 +1733,9 @@ - } - - if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) { -- rname = talloc_asprintf_append(rname, buf); -+ rname = talloc_asprintf_append(rname, "%s", buf); - } else { -- rname = talloc_asprintf_append(rname, lname); -+ rname = talloc_asprintf_append(rname, "%s", lname); - } - if (!rname) { - return 1; -@@ -2132,7 +2132,7 @@ - d_printf("del <filename>\n"); - return 1; - } -- mask = talloc_asprintf_append(mask, buf); -+ mask = talloc_asprintf_append(mask, "%s", buf); - if (!mask) { - return 1; - } -@@ -3524,7 +3524,7 @@ - d_printf("reget <filename>\n"); - return 1; - } -- remote_name = talloc_asprintf_append(remote_name, fname); -+ remote_name = talloc_asprintf_append(remote_name, "%s", fname); - if (!remote_name) { - return 1; - } -@@ -3571,10 +3571,10 @@ - - if (next_token_talloc(ctx, &cmd_ptr, &buf, NULL)) { - remote_name = talloc_asprintf_append(remote_name, -- buf); -+ "%s", buf); - } else { - remote_name = talloc_asprintf_append(remote_name, -- local_name); -+ "%s", local_name); - } - if (!remote_name) { - return 1; -@@ -4107,13 +4107,13 @@ - TALLOC_FREE(ctx); - return; - } -- tmp = talloc_asprintf_append(tmp, f->name); -+ tmp = talloc_asprintf_append(tmp, "%s", f->name); - if (!tmp) { - TALLOC_FREE(ctx); - return; - } - if (f->mode & aDIR) { -- tmp = talloc_asprintf_append(tmp, CLI_DIRSEP_STR); -+ tmp = talloc_asprintf_append(tmp, "%s", CLI_DIRSEP_STR); - } - if (!tmp) { - TALLOC_FREE(ctx); diff --git a/debian/patches/series b/debian/patches/series index e3396c03fa..41c27543f7 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -19,4 +19,3 @@ smbtar-bashism.patch no-unnecessary-cups.patch shrink-dead-code.patch fix-manpages-warnings.patch -security-upstream_6478.patch |