Re: CVE-2012-6150 and samba4

To: Andrew Bartlett <abartlet@samba.org>
Cc: debian-security-tracker@lists.debian.org, pkg-samba-maint@lists.alioth.debian.org
Subject: Re: CVE-2012-6150 and samba4
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Sun, 26 Jan 2014 13:24:57 +0100
Message-id: <[🔎] 20140126122456.GA4652@pisco.westfalen.local>
In-reply-to: <[🔎] 1390604677.1160.73.camel@jesse>
References: <[🔎] 1390604677.1160.73.camel@jesse>

On Sat, Jan 25, 2014 at 12:04:37PM +1300, Andrew Bartlett wrote:
> I've checked, and this issue does not apply to samba4, because the
> 'samba4' winbind does not implement this feature at all.  That is, the
> problem directive is ignored in all cases.  (This is still fail-open,
> but in this case consistently open).  
> 
> https://security-tracker.debian.org/tracker/CVE-2012-6150
 
Thanks, I've updated the Debian Security Tracker.

Cheers,
        Moritz

Reply to:

References:
- CVE-2012-6150 and samba4
  - From: Andrew Bartlett <abartlet@samba.org>

Prev by Date: CVE-2012-6150 and samba4
Previous by thread: CVE-2012-6150 and samba4
Index(es):
- Date
- Thread