Dear release managers,
The Samba Team just released Samba 3.2.5 today, which is a
security-only fix, wrt 3.2.4, which is in lenny.
I just uploaded a 2:3.2.5-1 package for it, with urgency=high. The
security team is aware of the issue (which does not affect etch).
Could you consider unblocking that version and allow it to enter testing?
Changelog (typos included):
Changes:
samba (2:3.2.5-1) unstable; urgency=high
.
* New upstream version. Security-only release.
This addresses CVE-2008-4314: potentially leaking
arbitrary memory contents to malicious clients.
* Better document cases where using a "master" file for smb.conf
is a bad idea. Closes: #483187
* Insert example "add machine script" and "add group script" scripts
in the default smb.conf. Closes: #349049
* Move homepage URL to Homepage filed in debian/control
The last 3 changes are either documentation (comments and examples)
as well as a trivial change in debian/control
Attachment:
signature.asc
Description: Digital signature