Samba 3.3.6 upload?

To: backports-users@lists.backports.org
Subject: Samba 3.3.6 upload?
From: Christian Perrier <bubulle@debian.org>
Date: Wed, 1 Jul 2009 20:44:24 +0200
Message-id: <[🔎] 20090701184424.GR8455@mykerinos.kheops.frmug.org>

Hello,

Samba 3.3 series is affected by CVE 2009-1888:
     In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
     data value can potentially affect access control when "dos filemode"
     is set to "yes".


So, the 3.3.4 versiont hat's in backports.org is affected too.

I have a ready upload of the backport of 3.3.6 packages which I
uploaded in unstable.

From what I understand of bpo policy wrt security updates, it would be
OK for me to upload it. Is that correct?

Reply to:

Follow-Ups:
- Re: Samba 3.3.6 upload?
  - From: Gerfried Fuchs <rhonda@deb.at>

Prev by Date: Re: linux-header-2.6.30 broken dependencies
Next by Date: Re: Samba 3.3.6 upload?
Previous by thread: Re: PostgreSQL 8.4 into lenny-backports
Next by thread: Re: Samba 3.3.6 upload?
Index(es):
- Date
- Thread