On Tue, Jul 01, 2008 at 07:18:39AM +0200, Christian Perrier wrote: > Quoting Jamie Strandboge ([EMAIL PROTECTED]): > > Package: samba > > Version: 2:3.0.30-2 > > Severity: normal > > Tags: patch > > User: [EMAIL PROTECTED] > > Usertags: origin-ubuntu intrepid ubuntu-patch
> > In Ubuntu, we've applied the attached patch to our development and stable > > releases to achieve the following: > > * debian/patches/upstream_bug5517.patch: adjust cli_negprot() to properly > > calculate buffer sizes. This bug was introduced in the fix for > > CVE-2008-1105 > > * References > > https://bugs.launchpad.net/ubuntu/+source/samba/+bug/241448 > > https://bugzilla.samba.org/show_bug.cgi?id=5517 > Other maintainers (particularly Steve): do you really think we need to > apply a patch that was obviously added upstream and will be in 3.0.31 > (due out "soon"?) Probably not, but as this was a regression introduced in a security patch (which we have in etch as part of 3.0.24-6etch10), we might want to coordinate another update with the security team... -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
