Web lists-archives.com

[Samba] Error running CVE-2018-1057_helper on 4.5

I tried to run this script on a system running 4.5.15 built from source under Ubuntu 16.04, but I get the following exception:

# PYTHONPATH="/usr/local/samba/lib/python2.7/site-packages/" ./samba_CVE-2018-1057_helper --lock-pwchange
Temporarily overriding 'dsdb:schema update allowed' setting
Traceback (most recent call last):
  File "./samba_CVE-2018-1057_helper", line 139, in <module>
    sd_helper.modify_sd_on_dn(msg.dn, new_desc)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/sd_utils.py", line 40, in modify_sd_on_dn
    m.dn = Dn(self.ldb, object_dn)
TypeError: argument 2 must be string, not ldb.Dn
A transaction is still active in ldb context [0x2337ea0] on tdb:///usr/local/samba/private/sam.ldb

I tried doing "kinit Administrator" and then repeating, but that didn't change the error.

I see samba 4.8.0 was released yesterday, which means 4.5.x technically dropped out of support yesterday too: https://wiki.samba.org/index.php/Samba_Release_Planning

However, I also note that a security patch was released for 4.5.15:


Obviously I will have to proceed with the underlying patching and/or upgrading of Samba.  But if anyone can help me get the short-term fix working for 4.5, that would be a useful stop-gap.



To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba