[Samba] libldb for security patch 4.12 backport?

Rowland Penny rpenny at samba.org
Thu Jul 28 17:12:11 UTC 2022

On Thu, 2022-07-28 at 16:37 +0000, Sri Nagasubramanian via samba wrote:
> Hello,
> I'm trying to build the 4.12 version of the new security patches that
> were kindly provided (for CVE-2022-2031<
> https://www.samba.org/samba/security/CVE-2022-2031.html>;, CVE-2022-
> 32742<https://www.samba.org/samba/security/CVE-2022-32742.html>;,
> CVE-2022-32744<
> https://www.samba.org/samba/security/CVE-2022-32744.html>;, CVE-2022-
> 32745<https://www.samba.org/samba/security/CVE-2022-32745.html> and
> CVE-2022-32746<
> https://www.samba.org/samba/security/CVE-2022-32746.html>
> ), but am not able to use my usual build procedure because the
> patches require libldb 2.1.6 and I haven't been able to locate the
> source code for that.  I do see a reference that Andrew Bartlett made
> against one of the related Bugzilla cases (15096) that says that the
> 4.12-related ldb release is unofficial and not been released upstream
> - which would explain why I can't find it in my usual places.  Am I
> misunderstanding how to proceed with the 4.12 patches (or perhaps I'm
> out of luck for now)?
> Thanks,
> Sri

It sounds like you are trying to build Samba 4.12.x with the new
Patches, the supplied patches are for 4.14.14, 4.15.9 and 4.16.4, they
may not apply to your version and will, as you have found out, require
other packages to be updated.

You do not say what OS you are using, but I suggest you contact your
distro to see what plans they have for the security releases.


More information about the samba mailing list