[Pkg-samba-maint] Bug#568493: Bug#568493: Bug#568493: samba: zero-day remote access exploit
Christian PERRIER
bubulle at debian.org
Sat Feb 6 15:50:44 UTC 2010
Quoting Michael Gilbert (michael.s.gilbert at gmail.com):
> if i see an active exploit on one of the lists i'm following, then i am
> going to report it (after all, does't "Debian does not hide problems"?);
Not hiding problems is not reproducing all bug reported upstream in
our BTS. Apart from bringing yet more load on the maintainers'
shoulders, on should ponder the real benefit of bug reports.
This is not meant to say you're not right to report but waiting for
the discussion with upstream to settle down before reporting is
certainly as helpful as reporting early.
> regardless of any concept of prematurity. you all are responsible for this
> package, and if there isn't enough info yet, then you should actively go to
> upstream to see what's going on, or take a look at the problem yourself.
>
> > As of now, I understand that the planned fix is to disable wide links
> > by default. In such case, I don't see much more action to have in
> > Debian. Particularly, I'm unsure about fixing lenny.
>
> if you were following upstream closely, you will have seen that "wide
> links" is a band aid, and a real fix is in the works [0].
I *did* see this. My sentence above was a short summary of the real
discussion. Thanks for giving the full pointer to people who want to
get more details.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20100206/bedc8628/attachment.pgp>
More information about the Pkg-samba-maint
mailing list