~stefanor/ubuntu/maverick/samba/ntlm-auth-623342

Committer: Bazaar Package Importer
Author(s): Marc Deslauriers
Date: 2011-02-23 13:12:33 UTC
mfrom: (125.1.2 maverick-proposed)
Revision ID: james.westby@ubuntu.com-20110223131233-kvhu879m0pyd5l71

* SECURITY UPDATE: denial of service via missing range checks on file
  descriptors
  - debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
    file descriptors.
  - CVE-2011-0719

files added:
.pc/fix-lpbug-393012.patch

.pc/fix-lpbug-393012.patch/source3

.pc/fix-lpbug-393012.patch/source3/libsmb

.pc/fix-lpbug-393012.patch/source3/libsmb/clireadwrite.c

.pc/security-CVE-2011-0719.patch

.pc/security-CVE-2011-0719.patch/lib

.pc/security-CVE-2011-0719.patch/lib/tevent

.pc/security-CVE-2011-0719.patch/lib/tevent/tevent_select.c

.pc/security-CVE-2011-0719.patch/lib/tevent/tevent_standard.c

.pc/security-CVE-2011-0719.patch/nsswitch

.pc/security-CVE-2011-0719.patch/nsswitch/libwbclient

.pc/security-CVE-2011-0719.patch/nsswitch/libwbclient/wbc_async.c

.pc/security-CVE-2011-0719.patch/nsswitch/wb_common.c

.pc/security-CVE-2011-0719.patch/source3

.pc/security-CVE-2011-0719.patch/source3/client

.pc/security-CVE-2011-0719.patch/source3/client/client.c

.pc/security-CVE-2011-0719.patch/source3/client/dnsbrowse.c

.pc/security-CVE-2011-0719.patch/source3/lib

.pc/security-CVE-2011-0719.patch/source3/lib/events.c

.pc/security-CVE-2011-0719.patch/source3/lib/g_lock.c

.pc/security-CVE-2011-0719.patch/source3/lib/packet.c

.pc/security-CVE-2011-0719.patch/source3/lib/readline.c

.pc/security-CVE-2011-0719.patch/source3/lib/select.c

.pc/security-CVE-2011-0719.patch/source3/lib/util_sock.c

.pc/security-CVE-2011-0719.patch/source3/libaddns

.pc/security-CVE-2011-0719.patch/source3/libaddns/dnssock.c

.pc/security-CVE-2011-0719.patch/source3/libsmb

.pc/security-CVE-2011-0719.patch/source3/libsmb/nmblib.c

.pc/security-CVE-2011-0719.patch/source3/nmbd

.pc/security-CVE-2011-0719.patch/source3/nmbd/nmbd_packets.c

.pc/security-CVE-2011-0719.patch/source3/utils

.pc/security-CVE-2011-0719.patch/source3/utils/smbfilter.c

.pc/security-CVE-2011-0719.patch/source3/winbindd

.pc/security-CVE-2011-0719.patch/source3/winbindd/winbindd_dual.c

.pc/spnego-auth-win7.patch

.pc/spnego-auth-win7.patch/source3

.pc/spnego-auth-win7.patch/source3/libsmb

.pc/spnego-auth-win7.patch/source3/libsmb/clispnego.c

debian/patches/fix-lpbug-393012.patch

debian/patches/security-CVE-2011-0719.patch

debian/patches/spnego-auth-win7.patch

files modified:
.pc/applied-patches

debian/changelog

debian/control

debian/patches/series

lib/tevent/tevent_select.c

lib/tevent/tevent_standard.c

nsswitch/libwbclient/wbc_async.c

nsswitch/wb_common.c

source3/client/client.c

source3/client/dnsbrowse.c

source3/lib/events.c

source3/lib/g_lock.c

source3/lib/packet.c

source3/lib/readline.c

source3/lib/select.c

source3/lib/util_sock.c

source3/libaddns/dnssock.c

source3/libsmb/clireadwrite.c

source3/libsmb/clispnego.c

source3/libsmb/nmblib.c

source3/nmbd/nmbd_packets.c

source3/utils/smbfilter.c

source3/winbindd/winbindd_dual.c

Show diffs side-by-side

added added

removed removed

source3/lib/events.c

bool ret = false;

for (fde = ev->fd_events; fde; fde = fde->next) {

if (fde->fd < 0 || fde->fd >= FD_SETSIZE) {

/* We ignore here, as it shouldn't be

possible to add an invalid fde->fd

but we don't want FD_SET to see an

invalid fd. */

continue;

}

if (fde->flags & EVENT_FD_READ) {

FD_SET(fde->fd, read_fds);

ret = true;

Older »