Re: Situation of samba packages (security update)

To: Christian PERRIER <bubulle@debian.org>
Cc: debian-release@lists.debian.org
Subject: Re: Situation of samba packages (security update)
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 15 Sep 2010 19:29:50 +0100
Message-id: <[🔎] 1284575390.11205.197.camel@kaa.jungle.aubergine.my-net-space.net>
In-reply-to: <[🔎] 20100915044256.GH12681@mykerinos.kheops.frmug.org>
References: <[🔎] 20100915044256.GH12681@mykerinos.kheops.frmug.org>

On Wed, 2010-09-15 at 06:42 +0200, Christian PERRIER wrote:
> In the meantime, yesterday (Sept 14th) upstream released a security
> update (3.3.14, 3.4.9, 3.5.5) for a buffer overrun vulnerability. This
> update happened without prior private warning, so we have to react as
> quickly as possible, without preparation.
[...]
> My concern is testing (and backports.org). As the choice between 3.4
> and 3.5 hasn't been made yet, we're not 100% sure that squeeze will
> have 3.5 and, anyway, during the few weeks of 3.5 "maturation" in
> unstable....testing and backports users are left without update.
> 
> So, having 3.4.9 in testing sems needed. Should I upload it through
> t-p-u? If that's done, I will also upload a fixed 3.4.9 version to backports

Assuming that the diff between the 3.4.8 packages currently in testing
and the tpu package would simply be upstream's patch from their security
page, please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Re: Situation of samba packages (security update)
  - From: Christian PERRIER <bubulle@debian.org>

References:
- Situation of samba packages (security update)
  - From: Christian PERRIER <bubulle@debian.org>

Prev by Date: Bug#595416: marked as done (unblock: ecryptfs-utils/83-2)
Next by Date: Re: Situation of samba packages (security update)
Previous by thread: Situation of samba packages (security update)
Next by thread: Re: Situation of samba packages (security update)
Index(es):
- Date
- Thread