| commit | 0776ce5caedf18aa8cc1d1dddb1a425f3d0c926c | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Thu, 2 Mar 2023 04:24:15 +0000 (2 17:24 +1300) | ||
| committer | Jule Anger <janger@samba.org> | |
| Mon, 20 Mar 2023 09:03:51 +0000 (20 10:03 +0100) | ||
| tree | e33241073ce0ee4ebb049ca471ee11e95c08c4b2 | treesnapshot (tar.gz zip) |
| parent | d564a5c816642269e0b6d0b37319fd47646487c0 | commitdiff |
CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN
Setting the LDB_HANDLE_FLAG_UNTRUSTED tells the acl_read module to operate on this request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Setting the LDB_HANDLE_FLAG_UNTRUSTED tells the acl_read module to operate on this request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
| lib/ldb-samba/ldb_matching_rules.c | diffblobblamehistory |