[Samba] Badlock CVE-2016-2118 in samba release 3.0.35

Rowland penny rpenny at samba.org
Tue Apr 26 19:24:21 UTC 2016

On 26/04/16 19:48, Madhu A G wrote:
> Hi,
> Samba has released patch for CVE-2016-2118 from 3.6.x release onwards.   We
> use samba 3.0.35 in our product.   Is there any patch available for
> 3.0.35?

As far as I am aware, Samba didn't release patches for anything before 
4.2.x. The patches you are referring to, came from RHEL and SUSE. I 
think you will need to either backport the updates to 3.0.35 (which is 
probably impossible) or upgrade to a Samba supported release.


More information about the samba mailing list