]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 95afbc2) | patch
CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Fri, 10 Jun 2022 07:18:07 +0000 (19:18 +1200)
committerJule Anger <janger@samba.org>
Sun, 24 Jul 2022 09:42:02 +0000 (11:42 +0200)
commit4b61092459b403b2945daa9082052366f3508b69
treefccbbc2d4145def9f87293e3a9d9900acec62393tree
parent95afbc2da9b541fb8f2eebdcd411f5873d1675accommit | diff
CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info

This field may be used to convey whether we were provided with a TGT or
a non-TGT. We ensure both structures are zeroed out to avoid incorrect
results being produced by an uninitialised field.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
auth/auth_sam_reply.c diff | blob | blame | history
auth/auth_util.c diff | blob | blame | history
librpc/idl/auth.idl diff | blob | blame | history
source4/auth/ntlm/auth_developer.c diff | blob | blame | history
source4/auth/sam.c diff | blob | blame | history
source4/auth/session.c diff | blob | blame | history
source4/auth/system_session.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git