Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/net/samba4/patches/021-source4-msgsock-nvram-fix.patch
Michael Peleshenko 604604a667
samba4: update to 4.17.5 
* update to 4.17.5
* changelog: https://www.samba.org/samba/history/samba-4.17.5
* refresh patch

* CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap.
 https://www.samba.org/samba/security/CVE-2022-42898.html

* CVE-2022-37966: This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022.

  A Samba Active Directory DC will issue weak rc4-hmac session keys for use between modern clients and servers despite all modern Kerberos implementations supporting the aes256-cts-hmac-sha1-96 cipher.

  On Samba Active Directory DCs and members 'kerberos encryption types = legacy' would force rc4-hmac as a client even if the server supports aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96.
  https://www.samba.org/samba/security/CVE-2022-37966.html

* CVE-2022-37967: This is the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022.

  A service account with the special constrained delegation permission could forge a more powerful ticket than the one it was presented with.
  https://www.samba.org/samba/security/CVE-2022-37967.html

* CVE-2022-38023: The "RC4" protection of the NetLogon Secure channel uses the same algorithms as rc4-hmac cryptography in Kerberos, and so must also be assumed to be weak.
  https://www.samba.org/samba/security/CVE-2022-38023.html

* BUG 15210: synthetic_pathref AFP_AfpInfo failed errors.
  This resolves errors logged during macOS TimeMachine backups.
  https://bugzilla.samba.org/show_bug.cgi?id=15210

Signed-off-by: Michael Peleshenko <mpeleshenko@gmail.com>
2023-03-08 20:19:08 -05:00

11 lines
333 B
Diff
Raw Blame History

--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -525,7 +525,7 @@ static struct imessaging_context *imessa
goto fail;
}
- msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "msg.sock");
+ msg->sock_dir = lpcfg_lock_path(msg, lp_ctx, "msg.sock");
if (msg->sock_dir == NULL) {
goto fail;
}
Reference in a new issue View git blame Copy permalink