wok diff samba/stuff/CVE-2017-7494.u @ rev 22802

freetype: add freetype-config
author: Pascal Bellard <pascal.bellard@slitaz.org>
date: Tue Jan 28 09:23:39 2020 +0100 (2020-01-28)
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/samba/stuff/CVE-2017-7494.u	Tue Jan 28 09:23:39 2020 +0100
     1.3 @@ -0,0 +1,15 @@
     1.4 +CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
     1.5 +--- source3/rpc_server/srv_pipe.c
     1.6 ++++ source3/rpc_server/srv_pipe.c
     1.7 +@@ -384,6 +384,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax)
     1.8 + {
     1.9 + 	NTSTATUS status;
    1.10 + 
    1.11 ++	if (strchr(pipename, '/')) {
    1.12 ++		DEBUG(1, ("Refusing open on pipe %s\n", pipename));
    1.13 ++		return false;
    1.14 ++	}
    1.15 ++
    1.16 + 	if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
    1.17 + 		DEBUG(10, ("refusing spoolss access\n"));
    1.18 + 		return false;
author	Pascal Bellard <pascal.bellard@slitaz.org>
date	Tue Jan 28 09:23:39 2020 +0100 (2020-01-28)
parents
children