Stupid me: the sec fix doesn't apply to 3.3!

git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/backports.org/lenny@2900 fc4039ab-9d04-0410-8cac-899223bdd6b0

3 files changed, 0 insertions, 190 deletions

diff --git a/debian/changelog b/debian/changelog
index 66852addd1..040b878ee7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,3 @@
-samba (2:3.3.4-1~bpo50+3) lenny-backports; urgency=high
-
-  * Fix Formatstring vulnerability in smbclient. CVE ID
-    not assigned yet.
-
- -- Christian Perrier <bubulle@debian.org>  Sun, 21 Jun 2009 11:47:35 +0200
-
 samba (2:3.3.4-1~bpo50+2) lenny-backports; urgency=low
 
   * Rebuild (really for lenny this time)
diff --git a/debian/patches/security-upstream_6478.patch b/debian/patches/security-upstream_6478.patch
deleted file mode 100644
index 521049c11a..0000000000
--- a/debian/patches/security-upstream_6478.patch
+++ /dev/null
@@ -1,182 +0,0 @@
-Goal: Fix Formatstring vulnerability in smbclient
-
-Fixes: Upstream security fix. CVE ID to be assigned.
-
-Status wrt upstream: Fixed in 3.2.13
-
-Author: Volker Lendecke <vl@samba.org>
-
-Note: The smbclient commands dealing with file
-      names treat user input as a format string
-      to asprintf.
-
-Index: lenny/source/client/client.c
-===================================================================
---- lenny.orig/source/client/client.c	2009-06-19 20:03:39.198283928 +0200
-+++ lenny/source/client/client.c	2009-06-19 20:03:52.398284448 +0200
-@@ -364,7 +364,7 @@
- 
- 	/* Ensure cur_dir ends in a DIRSEP */
- 	if ((new_cd[0] != '\0') && (*(new_cd+strlen(new_cd)-1) != CLI_DIRSEP_CHAR)) {
--		new_cd = talloc_asprintf_append(new_cd, CLI_DIRSEP_STR);
-+		new_cd = talloc_asprintf_append(new_cd, "%s", CLI_DIRSEP_STR);
- 		if (!new_cd) {
- 			goto out;
- 		}
-@@ -871,7 +871,7 @@
- 		if (*buf == CLI_DIRSEP_CHAR) {
- 			mask = talloc_strdup(ctx, buf);
- 		} else {
--			mask = talloc_asprintf_append(mask, buf);
-+			mask = talloc_asprintf_append(mask, "%s", buf);
- 		}
- 	} else {
- 		mask = talloc_asprintf_append(mask, "*");
-@@ -912,7 +912,7 @@
- 		return 1;
- 	}
- 	if ((mask[0] != '\0') && (mask[strlen(mask)-1]!=CLI_DIRSEP_CHAR)) {
--		mask = talloc_asprintf_append(mask, CLI_DIRSEP_STR);
-+		mask = talloc_asprintf_append(mask, "%s", CLI_DIRSEP_STR);
- 		if (!mask) {
- 			return 1;
- 		}
-@@ -923,7 +923,7 @@
- 		if (*buf == CLI_DIRSEP_CHAR) {
- 			mask = talloc_strdup(ctx, buf);
- 		} else {
--			mask = talloc_asprintf_append(mask, buf);
-+			mask = talloc_asprintf_append(mask, "%s", buf);
- 		}
- 	} else {
- 		mask = talloc_strdup(ctx, "*");
-@@ -1107,7 +1107,7 @@
- 		d_printf("get <filename> [localname]\n");
- 		return 1;
- 	}
--	rname = talloc_asprintf_append(rname, fname);
-+	rname = talloc_asprintf_append(rname, "%s", fname);
- 	if (!rname) {
- 		return 1;
- 	}
-@@ -1266,7 +1266,7 @@
- 		unlink(lname);
- 		return 1;
- 	}
--	rname = talloc_asprintf_append(rname, fname);
-+	rname = talloc_asprintf_append(rname, "%s", fname);
- 	if (!rname) {
- 		return 1;
- 	}
-@@ -1318,7 +1318,7 @@
- 			mget_mask = talloc_strdup(ctx, buf);
- 		} else {
- 			mget_mask = talloc_asprintf_append(mget_mask,
--							buf);
-+							"%s", buf);
- 		}
- 		if (!mget_mask) {
- 			return 1;
-@@ -1414,7 +1414,7 @@
- 		}
- 		return 1;
- 	}
--	mask = talloc_asprintf_append(mask, buf);
-+	mask = talloc_asprintf_append(mask, "%s", buf);
- 	if (!mask) {
- 		return 1;
- 	}
-@@ -1443,14 +1443,14 @@
- 		trim_char(ddir,'.','\0');
- 		p = strtok_r(ddir, "/\\", &saveptr);
- 		while (p) {
--			ddir2 = talloc_asprintf_append(ddir2, p);
-+			ddir2 = talloc_asprintf_append(ddir2, "%s", p);
- 			if (!ddir2) {
- 				return 1;
- 			}
- 			if (!cli_chkpath(targetcli, ddir2)) {
- 				do_mkdir(ddir2);
- 			}
--			ddir2 = talloc_asprintf_append(ddir2, CLI_DIRSEP_STR);
-+			ddir2 = talloc_asprintf_append(ddir2, "%s", CLI_DIRSEP_STR);
- 			if (!ddir2) {
- 				return 1;
- 			}
-@@ -1482,7 +1482,7 @@
- 		d_printf("altname <file>\n");
- 		return 1;
- 	}
--	name = talloc_asprintf_append(name, buf);
-+	name = talloc_asprintf_append(name, "%s", buf);
- 	if (!name) {
- 		return 1;
- 	}
-@@ -1566,7 +1566,7 @@
- 		d_printf("allinfo <file>\n");
- 		return 1;
- 	}
--	name = talloc_asprintf_append(name, buf);
-+	name = talloc_asprintf_append(name, "%s", buf);
- 	if (!name) {
- 		return 1;
- 	}
-@@ -1733,9 +1733,9 @@
- 	}
- 
- 	if (next_token_talloc(ctx, &cmd_ptr,&buf,NULL)) {
--		rname = talloc_asprintf_append(rname, buf);
-+		rname = talloc_asprintf_append(rname, "%s", buf);
- 	} else {
--		rname = talloc_asprintf_append(rname, lname);
-+		rname = talloc_asprintf_append(rname, "%s", lname);
- 	}
- 	if (!rname) {
- 		return 1;
-@@ -2132,7 +2132,7 @@
- 		d_printf("del <filename>\n");
- 		return 1;
- 	}
--	mask = talloc_asprintf_append(mask, buf);
-+	mask = talloc_asprintf_append(mask, "%s", buf);
- 	if (!mask) {
- 		return 1;
- 	}
-@@ -3524,7 +3524,7 @@
- 		d_printf("reget <filename>\n");
- 		return 1;
- 	}
--	remote_name = talloc_asprintf_append(remote_name, fname);
-+	remote_name = talloc_asprintf_append(remote_name, "%s", fname);
- 	if (!remote_name) {
- 		return 1;
- 	}
-@@ -3571,10 +3571,10 @@
- 
- 	if (next_token_talloc(ctx, &cmd_ptr, &buf, NULL)) {
- 		remote_name = talloc_asprintf_append(remote_name,
--						buf);
-+						"%s", buf);
- 	} else {
- 		remote_name = talloc_asprintf_append(remote_name,
--						local_name);
-+						"%s", local_name);
- 	}
- 	if (!remote_name) {
- 		return 1;
-@@ -4107,13 +4107,13 @@
- 				TALLOC_FREE(ctx);
- 				return;
- 			}
--			tmp = talloc_asprintf_append(tmp, f->name);
-+			tmp = talloc_asprintf_append(tmp, "%s", f->name);
- 			if (!tmp) {
- 				TALLOC_FREE(ctx);
- 				return;
- 			}
- 			if (f->mode & aDIR) {
--				tmp = talloc_asprintf_append(tmp, CLI_DIRSEP_STR);
-+				tmp = talloc_asprintf_append(tmp, "%s", CLI_DIRSEP_STR);
- 			}
- 			if (!tmp) {
- 				TALLOC_FREE(ctx);
diff --git a/debian/patches/series b/debian/patches/series
index e3396c03fa..41c27543f7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -19,4 +19,3 @@ smbtar-bashism.patch
 no-unnecessary-cups.patch
 shrink-dead-code.patch
 fix-manpages-warnings.patch
-security-upstream_6478.patch