[Bug 1701073] Re: CVE-2017-2619 regression breaks symlinks
ChristianEhrhardt
1701073 at bugs.launchpad.net
Fri Jun 30 06:54:15 UTC 2017
Adding update-regression until provde that it is not.
It is too late to stop the updates with that (~3 months) but still tagging correctly seems right.
@Marc - since you backported the CVE could you take a look?
@Dave - Could you share your testcase (I assume you have a script of
some sort)
@Andreas - once Dave shared his test, do you think we could make a
subset of the testcase into the dep8 tests you have started to add.
Extending the md5sum checks with something like a symlink creation and
path checks?
** Tags added: update-regression
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1701073
Title:
CVE-2017-2619 regression breaks symlinks
Status in samba:
Unknown
Status in samba package in Ubuntu:
New
Bug description:
Found in current version in Xenial (4.3.11+dfsg-0ubuntu0.16.04.7).
When share's path is '/', symlinks do not work properly from Windows
client. Gives "Cannot Access" error.
To reproduce:
1. Install samba and related dependencies
apt install -y samba
2. Add a share at the end of the default file that uses '/' as the
path:
[reproducer]
comment = share
browseable = no
writeable = yes
create mode = 0600
directory mode = 0700
path = /
3. Attempt to access a symlink somewhere within the path of the share
with a Windows client.
4. Receive "Windows cannot access..." related error
To manage notifications about this bug go to:
https://bugs.launchpad.net/samba/+bug/1701073/+subscriptions
More information about the foundations-bugs
mailing list