1 |
On 10 April 2012 23:56, Paul Hartman <paul.hartman+gentoo@×××××.com> wrote: |
2 |
> "Samba versions 3.6.3 and all versions previous to this are affected |
3 |
> by a vulnerability that allows remote code execution as the "root" |
4 |
> user from an anonymous connection." |
5 |
> |
6 |
> "As this does not require an authenticated connection it is the most |
7 |
> serious vulnerability possible in a program, and users and vendors are |
8 |
> encouraged to patch their Samba installations immediately." |
9 |
> |
10 |
> More info at: |
11 |
> https://www.samba.org/samba/security/CVE-2012-1182 |
12 |
> |
13 |
|
14 |
There is already a fixed version (3.5.14) stable on x86, amd64 and |
15 |
hppa (and obviously ~arch for the other arches) and it should go |
16 |
stable on those other arches soon and have a GLSA soon as well. |