There have been reports that some Linux distributions are affected by
a vulnerability in samba. There are two issues:
* the wsmbconf program (which is still a prototype application not
meant for general release) is unsafe. Debian does not distribute this
program.
* some distributions used a world-writable directory without a t bit.
We use /var/tmp which does not suffer from this problem.
There is no need to upgrade your samba package.
--
Debian GNU/Linux . Security Managers . [EMAIL PROTECTED]
[email protected]
Christian Hudon . Wichert Akkerman . Martin Schulze
<[EMAIL PROTECTED]> . <[EMAIL PROTECTED]> . <[EMAIL PROTECTED]>
pgpSOs8lEoPt3.pgp
Description: PGP signature
