As Jelmer prepared some Debian packages for samba4 (which I have to upload after the heat with samba3 security issues cools down), I feel like I have the duty to ask: is Samba4 affected by that security issue? Even if they're targeted to Debian experimental, I wouldn't like to upload vulnerable packages...:)