1 files changed, 0 insertions, 55 deletions

diff --git a/package/samba/samba-00CVE-2011-2694.patch b/package/samba/samba-00CVE-2011-2694.patch
deleted file mode 100644
index 167accfad..000000000
--- a/package/samba/samba-00CVE-2011-2694.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From d401ccaedaec09ad6900ec24ecaf205bed3e3ac1 Mon Sep 17 00:00:00 2001
-From: Kai Blin <kai@samba.org>
-Date: Thu, 7 Jul 2011 10:03:33 +0200
-Subject: [PATCH] s3 swat: Fix possible XSS attack (bug #8289)
-
-Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
-against SWAT, the Samba Web Administration Tool. The attack uses reflection to
-insert arbitrary content into the "change password" page.
-
-This patch fixes the reflection issue by not printing user-specified content on
-the website anymore.
-
-Signed-off-by: Kai Blin <kai@samba.org>
-
-CVE-2011-2694.
----
- source/web/swat.c |   14 ++------------
- 1 files changed, 2 insertions(+), 12 deletions(-)
-
-diff --git a/source/web/swat.c b/source/web/swat.c
-index 9c7294a..434b1ac 100644
---- a/source/web/swat.c
-+++ b/source/web/swat.c
-@@ -1120,11 +1120,9 @@ static void chg_passwd(void)
- 	if(cgi_variable(CHG_S_PASSWD_FLAG)) {
- 		printf("<p>");
- 		if (rslt == True) {
--			printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
--			printf("\n");
-+			printf("%s\n", _(" The passwd has been changed."));
- 		} else {
--			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
--			printf("\n");
-+			printf("%s\n", _(" The passwd has NOT been changed."));
- 		}
- 	}
- 	
-@@ -1138,14 +1136,6 @@ static void passwd_page(void)
- {
- 	const char *new_name = cgi_user_name();
- 
--	/* 
--	 * After the first time through here be nice. If the user
--	 * changed the User box text to another users name, remember it.
--	 */
--	if (cgi_variable(SWAT_USER)) {
--		new_name = cgi_variable_nonull(SWAT_USER);
--	} 
--
- 	if (!new_name) new_name = "";
- 
- 	printf("<H2>%s</H2>\n", _("Server Password Management"));
--- 
-1.7.1
-