1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4
Stefan Metzmacher 2a159e6f03 CVE-2021-3738 s4:rpc_server/lsa: make use of dcesrv_samdb_connect_as_user() helper
This avoids a crash that's triggered by windows clients using
handles from OpenPolicy[2]() on across multiple connections within
an association group.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-11-09 19:45:34 +00:00
..
auth CVE-2020-25718 kdc: Confirm the RODC was allowed to issue a particular ticket 2021-11-09 19:45:34 +00:00
build/pasn1
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4/cifsdd: don't ignore unknown options 2021-09-10 15:10:30 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server s4/dnsserver: Fix NULL check 2021-09-04 00:10:37 +00:00
dsdb CVE-2020-25722 selftest: Ensure check for duplicate servicePrincipalNames is not bypassed for an add operation 2021-11-09 19:45:34 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
heimdal Revert "CVE-2020-25719 heimdal:kdc: Require authdata to be present" 2021-11-09 19:45:34 +00:00
heimdal_build kdc: sign ticket using Windows PAC 2021-10-14 18:59:31 +00:00
include lib: Remove global xfile.h includes 2016-11-20 06:23:19 +01:00
kdc CVE-2020-25722 kdc: Do not honour a request for a 3-part SPN (ending in our domain/realm) unless a DC 2021-11-09 19:45:34 +00:00
ldap_server s4:ldap_server: Use cli_credentials_init_server() 2021-04-09 10:46:28 +00:00
lib s4/regtree: don't ignore unknown options 2021-09-10 15:10:30 +00:00
libcli CVE-2016-2124: s4:libcli/sesssetup: don't fallback to non spnego authentication if we require kerberos 2021-11-09 19:45:34 +00:00
libnet s4:libnet: Allow libnet_SetPassword() for encrypted SMB connections 2021-08-03 09:28:38 +00:00
librpc CVE-2021-23192: dcesrv_core: only the first fragment specifies the auth_contexts 2021-11-09 19:45:34 +00:00
nbt_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs s4: ntvfs: Missed comma in 24c09f913d, string would be concatenated. 2021-08-25 18:02:05 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2021-3738 s4:rpc_server/lsa: make use of dcesrv_samdb_connect_as_user() helper 2021-11-09 19:45:34 +00:00
samba samba: Save a line with TALLOC_FREE 2021-10-08 19:28:31 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gp: Apply Firewalld Policy 2021-11-01 21:16:43 +00:00
selftest CVE-2020-25719 selftest: Always expect a PAC in TGS replies with Heimdal 2021-11-09 19:45:34 +00:00
setup CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmp 2021-11-09 19:45:33 +00:00
smb_server CVE-2020-25717: s4:smb_server: start with authoritative = 1 2021-11-09 19:45:32 +00:00
torture CVE-2021-3738 s4:torture/drsuapi: DsBindAssocGroup* tests 2021-11-09 19:45:34 +00:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind s3: Remove --log-stdout from daemons 2021-04-29 03:58:37 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00