[Pkg-samba-maint] About bug #5825
Christian Perrier
bubulle at debian.org
Fri Jan 23 05:57:03 UTC 2009
Quoting Diego A. Gomez (diego at dgomez.com.ar):
> The recent updated version in Lenny (Samba 3.2.5-4) still has the
> #5825 bug, described in
> https://bugzilla.samba.org/show_bug.cgi?id=5825 (Account locking out
> doesn't work with an LDAP backend)
> I think this bug implies a security risk, this make to Samba
> vulnerable to brute-force attack.
> I see this bug was solved in Samba 3.2.6
> (http://samba.org/samba/history/samba-3.2.6.html)
>
> Will Samba 3.2.6 be part of Debian Lenny?
No. Too many changes.
> Will samba 3.2.5 include a backuport fix for this bug?
Only if we get our hands on the patch specific to this issue, are
convinced enough that it's worth risking a regression and have someone
do the upload *very soon*.
I could be spending some time next upcoming week-end to look at issued that
deserve being fixed in Lenny...but I can't make any promise, though
and I feel like this is the very last opportunity to change things for
lenny.
> Do you think this bug will be solved before Lenny become on Debian
> Stable Release?
The chances exist.....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20090123/b72787fb/attachment.pgp
More information about the Pkg-samba-maint
mailing list