[prev in list] [next in list] [prev in thread] [next in thread]
List: samba-technical
Subject: Re: [SAMBA4] Is it affected by CVE-2008-1105?
From: Andrew Bartlett <abartlet () samba ! org>
Date: 2008-05-29 12:30:10
Message-ID: 1212064210.17261.48.camel () naomi
[Download RAW message or body]
On Thu, 2008-05-29 at 07:46 +0200, Christian Perrier wrote:
> As Jelmer prepared some Debian packages for samba4 (which I have to
> upload after the heat with samba3 security issues cools down), I feel
> like I have the duty to ask: is Samba4 affected by that security
> issue?
>
> Even if they're targeted to Debian experimental, I wouldn't like to
> upload vulnerable packages...:)
I would expect not, but have not checked. It is a totally new codebase
in this area, and has a pretty strict focus on bounds checking (but as
always we may find issues regardless...).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic