Re: [SECURITY] [DSA-200-1] Samba buffer overflow
On Mon, Nov 25, 2002 at 08:24:45PM +0900, Olaf Meeuwissen wrote:
> Hmm, from the version numbers (2.2.3a-6 to 2.2.3a-12) and changelog
> entries since the version in stable it looks as if this upgrade does a
> little more than just fix the security problem. Whatever happened to
> just backporting the security fix?
The samba maintainers had already prepared an update for stable which
contained backported fixes for important bugs. These fixes were appropriate
for the next point release, so rather than build a security update based on
2.2.3a-6 and then a new stable upload based on 2.2.3a-9, the security update
was based on 2.2.3a-9 with its fixes. You did not get any changes which
were not already destined for stable.