Web lists-archives.com

Re: [Samba] Error running CVE-2018-1057_helper on 4.5

Am Mittwoch, 14. März 2018, 08:35:53 CET schrieb Brian Candler via 
> I tried to run this script on a system running 4.5.15 built from
> source under Ubuntu 16.04, but I get the following exception:
> # PYTHONPATH="/usr/local/samba/lib/python2.7/site-packages/"
> ./samba_CVE-2018-1057_helper --lock-pwchange
> Temporarily overriding 'dsdb:schema update allowed' setting
> Traceback (most recent call last):
>    File "./samba_CVE-2018-1057_helper", line 139, in <module>
>      sd_helper.modify_sd_on_dn(msg.dn, new_desc)
>    File
> "/usr/local/samba/lib/python2.7/site-packages/samba/sd_utils.py", line
> 40, in modify_sd_on_dn
>      m.dn = Dn(self.ldb, object_dn)
> TypeError: argument 2 must be string, not ldb.Dn
> A transaction is still active in ldb context [0x2337ea0] on
> tdb:///usr/local/samba/private/sam.ldb
> I tried doing "kinit Administrator" and then repeating, but that
> didn't change the error.
> I see samba 4.8.0 was released yesterday, which means 4.5.x
> technically dropped out of support yesterday too:
> https://wiki.samba.org/index.php/Samba_Release_Planning
> However, I also note that a security patch was released for 4.5.15:
> https://download.samba.org/pub/samba/patches/security/samba-4.5.15-sec
> urity-2018-03-13.patch
> Obviously I will have to proceed with the underlying patching and/or
> upgrading of Samba.  But if anyone can help me get the short-term fix
> working for 4.5, that would be a useful stop-gap.
Best is to wait for security updates of ubuntu!!!

In debian repository this patch is applied to 2:4.7.4+dfsg-2 *and*
2:4.5.12+dfsg-2+deb9u2. So should enter ubuntu repository soon.

> Thanks,
> Brian.


	Harry Jede
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba