[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Announce] Samba 4.6.1, 4.5.7 and 4.4.12 Security Releases Available for Download



On Fri, Mar 24, 2017 at 04:04:08PM +0100, Moritz Muehlenhoff wrote:
> On Fri, Mar 24, 2017 at 03:55:23PM +0100, Guido Günther wrote:
> > Hi Roberto,
> > On Fri, Mar 24, 2017 at 10:45:44AM -0400, Roberto C. Sánchez wrote:
> > > On Fri, Mar 24, 2017 at 03:16:28PM +0100, Mathieu Parent wrote:
> > > > Please wait a bit before uploading.
> > > > 
> > > > There is a regression in jessie when "follow symlinks = no" #858564,
> > > > and a segfault with vfs_shadow2 (#858590).
> > > > 
> > > > 
> > > I am working on the wheezy LTS update for samba now.
> > > 
> > > There are 37 individual patches in jessie's CVE-2017-2619.patch, and not
> > > all apply cleanly to 3.6.6 in wheezy.  That said, I will wait on
> > > uploading until those bugs are resolved and I have incorportated their
> > > fixes.
> > 
> > Note that Jessie has samba4 while wheezy has samba3 (samba package) and
> > samba4 (samba4 package). 
> 
> samba4 in wheezy doesn't provide the Samba daemons, so is irrelevant here:
> https://packages.qa.debian.org/s/samba4/news/20140416T220212Z.html

Just wanted to point out that there's a different set of patches for
samba3. But thanks for spelling this out, I probably should not have
mentioned samba4 in wheezy above to avoid confusion.

Cheers,
 -- Guido


Reply to: