samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

History

Andrew Bartlett 07f9a85a16 CVE-2020-25722 Ensure the structural objectclass cannot be changed If the structural objectclass is allowed to change, then the restrictions locking an object to remaining a user or computer will not be enforcable. Likewise other LDAP inheritance rules, which allow only certain child objects can be bypassed, which can in turn allow creation of (unprivileged) users where only DNS objects were expected. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14753 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14889 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>		2021-11-08 10:46:45 +01:00
..
ldb_modules	CVE-2020-25722 Ensure the structural objectclass cannot be changed	2021-11-08 10:46:45 +01:00
cracknames.c	CVE-2020-25722 s4/cracknames: add comment pointing to samldb spn handling	2021-11-08 10:46:44 +01:00
samdb_privilege.c	s4-auth Remove event context from privilage database handling	2010-12-21 15:10:38 +11:00
samdb.c	Do not create an empty DB when accessing a sam.ldb	2020-11-26 06:52:41 +00:00
samdb.h	CVE-2019-14902 dsdb: Change basis of descriptor module deferred processing to be GUIDs	2020-01-21 10:11:38 +00:00