Quoting Julien Cristau (jcristau@debian.org): > On Sat, Jan 1, 2011 at 17:45:10 +0100, Christian PERRIER wrote: > > > I'm hereby requesting approval from the release team to upload a new > > version of samba, meant to fix #574468...and, indeed, #606350 > > (originally reported against sasl2-bin). > > > > #606350 is indeed an example of the consequences of this file > > descriptor leak, predicted in #57468. The leak could also, for > > instance, lead to deny service on Apache servers that use > > auth_pam....on systems where pam_winbind is used. > > > > The proposed patch (attached) has been successfully tested by the > > submitter of #606350. > > > The patch attached to the upstream bug adds the attribute to > the definition in nsswitch/wb_common.c, not to the declaration in the > header. Which is it? > > Seems ok though in principle. Actually, upstream already fixed that bug and I should just close it as fixed in 2:3.5.6~dfsg-1...:-) Debian bug #574468 was forwarded as upstream #7265. This bug was basically ignored until now.. However, later on, upstream got another bug report about this fd leak problem: https://bugzilla.samba.org/show_bug.cgi?id=7684 They fixed it, with the fix you mention. When I discovered that, this morning, I marked upstream #7265 as a duplicated of #7684...so it is now marked RESOLVED. So, in short, there shouldn't be any need for a freeze exception as the bug is supposedly fixed. However, I would prefer that the submitter of #606350 confirms that he does no longer experience this bug with the version in squeeze. What's puzzling is that he reported the bug way after 3.5.6 entered testing, so I would like him to mention the version of samba packages that were installed on his system the day he filed the bug report.
Attachment:
signature.asc
Description: Digital signature