Re: UNS: Re: [SECURITY] [DSA 1409-2] New samba packages fix several vulnerabilities
On Tue Nov 27, 2007 at 12:00:05 +1300, Ewen McNeill wrote:
> In message <20071126145341.GA3961@steve.org.uk>, Steve Kemp writes:
> >Package : samba
> >Vulnerability : several
> >Problem type : remote
> >Debian-specific: no
> >CVE Id(s) : CVE-2007-4572, CVE-2007-5398
> >[...]
> >For the stable distribution (etch), these problems have been fixed in
> >version 3.0.24-6etch7.
>
> There doesn't appear to be a i386 package for Samba version
> 3.0.24-6etch7 on any of the security.debian.org servers. Only a
> 3.0.24-6etch6 package. AMD64 and most other architectures seem to have
> 3.0.24-6etch7 and not 3.0.24-6etch6 packages.
> According to the change log this means that one regression is missing
> in the i386 packages (6etch6):
That is correct.
I've build a package now, and will be uploading shortly. In the
meantime you can find it here:
http://people.debian.org/~skx/samba/
I'm not entirely sure whether this fixes all known regressions there
seem to be mixed reports, but it is the best we have and the most
current elsewhere.
Steve
--
Reply to: