Hi,
I had a look at smb4k and CVE-2017-8849 and wanted to mark the package
in Wheezy and Jessie as not-affected. However I'm not completely sure
and I would like to hear more opinions before I do it.
According to the report on oss-security [1] it is possible for users to
provide custom arguments
On Mon, 12 Jun 2017, Ola Lundqvist wrote:
> Thank you. I have now updated the wiki to describe this. Let me know (or
> adjust the wiki) if you think we should handle this in some other way.
More suggestions:
- actually hold to the recommendation to give the maintainer a day or
three to
Hi Markus and others
Thank you. I have now updated the wiki to describe this. Let me know (or
adjust the wiki) if you think we should handle this in some other way.
Best regards
// Ola
PS. If you wonder why I waited with sending this email, I was busy triaging
last week. :-)
DS.
On 8 June
On Mon, Jun 12, 2017 at 09:15:02AM +0800, Paul Wise wrote:
> On Mon, Jun 12, 2017 at 3:37 AM, Salvatore Bonaccorso wrote:
>
> > I'm attaching the *preliminary* set of changes which I plan to
> > activate once stretch is released.
>
> Wow, there really is a horribly large amount of hard-coding of
