packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0002-CVE-2022-3437.patch
xinghe 2768cb6a4a fix CVE-2022-3437
2022-10-26 09:30:12 +00:00

59 lines
2.7 KiB
Diff
Raw Blame History

From a49a3ac8e082921c2793a073b5991c4693f167ab Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Wed, 12 Oct 2022 13:55:51 +1300
Subject: [PATCH 06/15] CVE-2022-3437 source4/heimdal_build: Add
gssapi-subsystem subsystem
This allows us to access (and so test) functions internal to GSSAPI by
depending on this subsystem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
[jsutton@samba.org Adapted to older wscript_build file]
Conflict: NA
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.15.11-security-2022-10-25.patch
---
source4/heimdal_build/wscript_build | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/source4/heimdal_build/wscript_build b/source4/heimdal_build/wscript_build
index e91c8ab2eeb..41152192798 100644
--- a/source4/heimdal_build/wscript_build
+++ b/source4/heimdal_build/wscript_build
@@ -571,8 +571,8 @@ if not bld.CONFIG_SET("USING_SYSTEM_GSSAPI"):
HEIMDAL_AUTOPROTO_PRIVATE('lib/gssapi/krb5/gsskrb5-private.h',
HEIMDAL_GSSAPI_KRB5_SOURCE)
- HEIMDAL_LIBRARY('gssapi',
- HEIMDAL_GSSAPI_SPNEGO_SOURCE + HEIMDAL_GSSAPI_KRB5_SOURCE + '''
+ HEIMDAL_SUBSYSTEM('gssapi-subsystem',
+ HEIMDAL_GSSAPI_SPNEGO_SOURCE + HEIMDAL_GSSAPI_KRB5_SOURCE + '''
lib/gssapi/mech/context.c lib/gssapi/mech/gss_krb5.c lib/gssapi/mech/gss_mech_switch.c
lib/gssapi/mech/gss_process_context_token.c lib/gssapi/mech/gss_buffer_set.c
lib/gssapi/mech/gss_aeap.c lib/gssapi/mech/gss_add_cred.c lib/gssapi/mech/gss_cred.c
@@ -597,10 +597,16 @@ if not bld.CONFIG_SET("USING_SYSTEM_GSSAPI"):
lib/gssapi/mech/gss_set_cred_option.c lib/gssapi/mech/gss_pseudo_random.c ../heimdal_build/gssapi-glue.c''',
includes='../heimdal/lib/gssapi ../heimdal/lib/gssapi/gssapi ../heimdal/lib/gssapi/spnego ../heimdal/lib/gssapi/krb5 ../heimdal/lib/gssapi/mech',
deps='hcrypto asn1 HEIMDAL_SPNEGO_ASN1 HEIMDAL_GSSAPI_ASN1 roken krb5 com_err wind heimbase',
- vnum='2.0.0',
- version_script='lib/gssapi/version-script.map',
)
+ HEIMDAL_LIBRARY('gssapi',
+ '',
+ includes='../heimdal/lib/gssapi ../heimdal/lib/gssapi/gssapi ../heimdal/lib/gssapi/spnego ../heimdal/lib/gssapi/krb5 ../heimdal/lib/gssapi/mech',
+ deps='gssapi-subsystem',
+ vnum='2.0.0',
+ version_script='lib/gssapi/version-script.map',
+ )
+
if not bld.CONFIG_SET("USING_SYSTEM_KRB5"):
# expand_path.c needs some of the install paths
HEIMDAL_SUBSYSTEM('HEIMDAL_CONFIG',
--
2.25.1
Reference in New Issue View Git Blame Copy Permalink