git.samba.org - amitay/samba.git/commit

author	Andrew Bartlett <abartlet@samba.org>
	Thu, 4 Dec 2014 04:23:29 +0000 (17:23 +1300)
committer	Karolin Seeger <kseeger@samba.org>
	Thu, 15 Jan 2015 13:54:47 +0000 (14:54 +0100)
commit	ef7fb904a97f00babb33affa0bfc8d2f5bb5ce32
tree	21d3a6df0f59ed4ca356b22417d03100c6f89d39	tree
parent	9d62b6764e99737fd7b914163237a8767d1224b1	commit \| diff

CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl

This requires an additional control to be used in the
LSA server to add domain trust account objects.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jan 15 14:54:47 CET 2015 on sn-devel-104

librpc/idl/security.idl		diff \| blob \| history
source4/dsdb/samdb/ldb_modules/samldb.c		diff \| blob \| history
source4/dsdb/samdb/samdb.h		diff \| blob \| history
source4/rpc_server/lsa/dcesrv_lsa.c		diff \| blob \| history
source4/setup/schema_samba4.ldif		diff \| blob \| history