Claimed Zero Day exploit in Samba.
bubulle at debian.org
Sat Feb 6 23:57:35 MST 2010
Quoting Jeremy Allison (jra at samba.org):
> The patch is already in master to make "wide links" and "unix extensions"
> mutually exclusive and wide links off by default, and once reviewed will
> go into all active branches.
> We're not planning to do a specific security release though, as
> changing the config is enough to protect against this.
Is there a chance that the patch applies to 3.2 series? We might
consider using it in Debian lenny.
More information about the samba-technical