[Pkg-samba-maint] [SRM] Proposed updates for samba in lenny
Christian Perrier
bubulle at debian.org
Thu Mar 5 06:05:11 UTC 2009
Hello dear stable release managers,
We, samba maintainers, would like to propose two fixes for samba in
lenny (that would be package version 2:3.2.4-4lenny1:
* Fix account locking with an LDAP backend. Closes: #514151
* Correct du recursion in smbclient. Closes: #514703
The first bug is tagged "security" but went very late in the lenny
release process and does not warrant a dedicated security upload. In
short, the locking mechanism for accounts when samba a uses an LDAP
server as account backend doesn't work and accounts are never locked,
theoretically allowing brute force attacks.
The security team ACK'ed our intent to fix this through s-p-u....
The latter bug is a clearly identified regression from samba 3.0.*
series which was fixed in the latest 3.2.* samba version (3.2.8). It
affects users who are doing backup and similar operations by using
smbclient to access remote CIFS shares.
Both patches are attached to this mail.
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bug_514703_upstream_6021.patch
Type: text/x-diff
Size: 1186 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20090305/fc9a56f5/attachment.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bug_514151_upstream_5825.patch
Type: text/x-diff
Size: 1099 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20090305/fc9a56f5/attachment-0001.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20090305/fc9a56f5/attachment.pgp
More information about the Pkg-samba-maint
mailing list