The Samba-Bugzilla – Bug 12994
Missing LDAP query escapes in DNS rpc server
Last modified: 2017-09-13 08:48:01 UTC
Some queries in the source4 dns management server did not correctly escape the user-controlled aspect of the LDAP filter.
To be clear, this is not a security issue, as the access is as the authenticated
user who could just bind to LDAP directly.
Created attachment 13590 [details]
proposed patch for master
I just need to stop the samba-tool dns tests from assuming this behaviour before I push this reviewed patch.