samba/backport-0006-CVE-2023-0614.patch

From 003c65be1c6d8f8ea853896a75b315ef8e98cfb3 Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Fri, 27 Jan 2023 08:00:32 +1300
Subject: [PATCH 04/34] CVE-2023-0614 s4-acl: Make some parameters const

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

[abartlet@samba.org Adapted to code without newer
 acl_check_access_on_attribute_implicit_owner name]

Conflict: NA
Reference: https://attachments.samba.org/attachment.cgi?id=17821
---
 source4/dsdb/samdb/ldb_modules/acl_util.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index 367c11d1ba9..56aa4bd7531 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -97,8 +97,8 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module,
 
 int acl_check_access_on_attribute(struct ldb_module *module,
 				  TALLOC_CTX *mem_ctx,
-				  struct security_descriptor *sd,
-				  struct dom_sid *rp_sid,
+				  const struct security_descriptor *sd,
+				  const struct dom_sid *rp_sid,
 				  uint32_t access_mask,
 				  const struct dsdb_attribute *attr,
 				  const struct dsdb_class *objectclass)
-- 
2.25.1
fix CVE-2023-0225 CVE-2023-0614 CVE-2023-0922 2023-04-01 06:13:02 +00:00			`From 003c65be1c6d8f8ea853896a75b315ef8e98cfb3 Mon Sep 17 00:00:00 2001`
			`From: Joseph Sutton <josephsutton@catalyst.net.nz>`
			`Date: Fri, 27 Jan 2023 08:00:32 +1300`
			`Subject: [PATCH 04/34] CVE-2023-0614 s4-acl: Make some parameters const`

			`BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270`

			`Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>`
			`Reviewed-by: Andrew Bartlett <abartlet@samba.org>`

			`[abartlet@samba.org Adapted to code without newer`
			`acl_check_access_on_attribute_implicit_owner name]`

			`Conflict: NA`
			`Reference: https://attachments.samba.org/attachment.cgi?id=17821`
			`---`
			`source4/dsdb/samdb/ldb_modules/acl_util.c \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c`
			`index 367c11d1ba9..56aa4bd7531 100644`
			`--- a/source4/dsdb/samdb/ldb_modules/acl_util.c`
			`+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c`
			`@@ -97,8 +97,8 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module,`

			`int acl_check_access_on_attribute(struct ldb_module *module,`
			`TALLOC_CTX *mem_ctx,`
			`- struct security_descriptor *sd,`
			`- struct dom_sid *rp_sid,`
			`+ const struct security_descriptor *sd,`
			`+ const struct dom_sid *rp_sid,`
			`uint32_t access_mask,`
			`const struct dsdb_attribute *attr,`
			`const struct dsdb_class *objectclass)`
			`--`
			`2.25.1`