955b273182
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data
value can potentially affect access control when "dos filemode"
is set to "yes".
Security: CVE-2009-1886, CVE-2009-1888
13 lines
482 B
Text
13 lines
482 B
Text
--- ./lib/replace/libreplace_cc.m4.orig 2009-06-22 21:05:38.000000000 +0000
|
|
+++ ./lib/replace/libreplace_cc.m4 2009-06-25 20:49:35.000000000 +0000
|
|
@@ -145,6 +145,10 @@
|
|
AC_CHECK_TYPE(uintptr_t, unsigned long long)
|
|
AC_CHECK_TYPE(ptrdiff_t, unsigned long long)
|
|
|
|
+if test x"$ac_cv_type_intptr_t" = x"yes"; then
|
|
+ AC_DEFINE(HAVE_INTPTR_T,1,[Whether the host has intptr_t])
|
|
+fi
|
|
+
|
|
if test x"$ac_cv_type_long_long" != x"yes";then
|
|
AC_MSG_ERROR([LIBREPLACE needs type 'long long'])
|
|
fi
|