Bug#310982: plan to include in sarge 2.4 update
On Mon, Nov 13, 2006 at 05:49:56PM +0100, Bill Allombert wrote:
> On Mon, Nov 13, 2006 at 09:26:10AM -0700, dann frazier wrote:
> > On Mon, Nov 13, 2006 at 10:09:52AM +0100, Bill Allombert wrote:
> > > Thanks for looking at this.
> > >
> > > I initially reported this issue to samba and then I provided a patch for
> > > smbmout. Now if the issue is fixed in the kernel instead, then all
> > > kernel providing smbfs need to be fixed, not only sarge-2.4.27.
> >
> > I was wondering about that - so if we apply this in 2.4.27, we should
> > probably also apply it in 2.6.8.
> > Is the smbmount patch still present in etch/sid? I'm ok with doing
> > this as a workaround for sarge, but not with forward porting the patch
> > indefinitely to future kernel releases.
> As far as I know the smbmount patch has never been applied to any release.
Yes, because this is a kernel security bug. The smbmount patch was
entertained pre-sarge only as a stopgap due to the proximity to release; the
right place to fix this is still in the kernel (upstream as appropriate).
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon@debian.org http://www.debian.org/
Reply to: