Quoting Karolin Seeger (ksee...@samba.org): > Release Announcements > ===================== > > Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to > address CVE-2011-0719.
Debian addressed these in security updates: - 2:3.2.5-4lenny14 for Debian "lenny" - 2:3.5.6~dfsg-3squeeze1 for Debian "squeeze" Please note that the latter is indeed samba 3.5.7 as the difference between 3.5.6 and 3.5.7 is only the security fix. I opened the discussion with the Debian security team to decide whether, in the future, we could be allowed to use the official upstream version number (to avoid misunderstandings, from our users, about the "vulnerability" of our packages. I use this opportunity to thank the Samba Team for their quick and efficient communication with 'vendors' about this issue, that allowed us to publish these security updates the very same day the issue was officially unveiled. Specifically, even though the 3.2 branch isn't officially supported security-wise by the Samba Team, we got ready-to-apply patches for 3.2 and these were a great help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba