Subject: Re: [oe][meta-networking][kirkstone][PATCH 1/2] samba: fix
CVE-2023-4091
CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know
the content is safe.
On Wed, 2023-11-22 at 04:55 +, Polampalli
On Wed, 2023-11-22 at 04:55 +, Polampalli, Archana via
lists.openembedded.org wrote:
> From: Archana Polampalli
>
> A vulnerability was discovered in Samba, where the flaw allows SMB
> clients to
> truncate files, even with read-only permissions when the Samba VFS
> module
> "acl_xattr" is co
From: Archana Polampalli
A vulnerability was discovered in Samba, where the flaw allows SMB clients to
truncate files, even with read-only permissions when the Samba VFS module
"acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB
protocol allows opening files when the clie
