[Pkg-samba-maint] Bug#596891: Bug#596891: samba: CVE-2010-3069: buffer overrun vulnerability Available

[Christian PERRIER]

Quoting Christian PERRIER (bubulle at debian.org):
> Package: samba
> Severity: critical
> Tags: security
> 
> This vulnerability has been unveiled publicly without prior warning,
> so probably exploits can be in the wild already.
> 
> 3.2 from lenny is affected, too. Backporting the fix seems trivial and
> I think we'll be working on it ASAP.

Proposed patch.

I have a build targeted to stable-security that's currently
running. To security team, please give me a GO to upload....unless of
course you prefer reviewing thismor ecarefully.

This patch is a port to 3.2 of changes made upstream between 3.5.4 and
3.5.5 (changes to version numbers in version.h as well as .spec files
left aside). The only change has been moving a #define to
source/include/includes.h as the include file it appear in for 3.5
does not exist in 3.2. Being quite a moron with all thius, this is the
only thing I'm not very confident into.

I guess that if I screwed, the build will fail anyway...

Testing is vulnerable too. samba in testing is 3.4.8. In unstable, we
have 3.5.4 (vulnerable too) after a discussion with the release team.

The agreement with the RT is to let a few weeks pass before allowing
samba 3.5 in testing. So, in case 3.5 wouldn't finally be allowed
(chance are low, but still), maybe we should also upload a fixed 3.4.8
to t-p-u (or testing-security?).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: security-CVE-2010-3069.patch
Type: text/x-diff
Size: 2913 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20100914/c993b87f/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20100914/c993b87f/attachment.pgp>