Ubuntu
samba package

hardy: update samba to 3.0.32

Bug #262291 reported by Christian González
2
Affects Status Importance Assigned to Milestone
samba (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: samba

samba SHOULD be updatedto it's newest 3.0.x bug- and security-fix version 3.0.32 - ATM it is 3.0.28a in hardy
look at http://samba.org/samba/security/CVE-2008-3789.html
This should be in ubuntu-security, not in backports!

CVE References

Revision history for this message
Chuck Short (zulcss) wrote :

3.0.32 wont enter hardy any time soon since it is a LTS, however the secuity fix will be backported. Thanks for the bug report.

Regards
chuck

Changed in samba:
status: New → Invalid
Revision history for this message
jmedina (jorgearma1982) wrote :

And most important, that but is about samba 3.2.x

==========================================================
== Subject: Wrong permissions of group_mapping.ldb
==
== CVE ID#: CVE-2008-3789
==
== Versions: Samba 3.2.0 - 3.2.2 (inclusive)

and I dont think 3.2 will be in hardy because 3.2 has a new licence, this needs extra work, and I think 3.0.28 it is enough.
I think this bug can be closed, isn't it, because it doesnt apply to samba version on hardy.

Revision history for this message
Christian González (droetker) wrote :

oops, sorry, I used the wrong link.
But you can watch the changelogs at
http://www.samba.org/samba/history/samba-3.0.32.html
http://www.samba.org/samba/history/samba-3.0.31.html
http://www.samba.org/samba/history/samba-3.0.30.html
http://www.samba.org/samba/history/samba-3.0.29.html
They are just bug fixes.

Maybe I don't understand the ubuntu policy - you really merge these bug fixes "manually" instead of using the bugfix versions?
Sure there'll be no samba 3.2 in hardy - I didn't mean that.
And maybe it's the wrong place for a discussion, but couls you explain the policy (maybe with a link to an explanation?) why hardy NOT gets the newest bug fix versions (I don't mean "newest versions" in general!)

But IMO many programs are outdated - not because there are not the newest stable versions in the repos (like here samba 3.2) - but because there are not the newest bugfix versions in the repos (like here 3.0.32).

Revision history for this message
Mathias Gug (mathiaz) wrote : Re: [Bug 262291] Re: hardy: update samba to 3.0.32

On Thu, Aug 28, 2008 at 03:56:44PM -0000, Christian A. Reiter wrote:
> Maybe I don't understand the ubuntu policy - you really merge these bug fixes "manually" instead of using the bugfix versions?
> Sure there'll be no samba 3.2 in hardy - I didn't mean that.
> And maybe it's the wrong place for a discussion, but couls you explain the policy (maybe with a link to an explanation?) why hardy NOT gets the newest bug fix versions (I don't mean "newest versions" in general!)

See https://wiki.ubuntu.com/StableReleaseUpdates for the Policy about
Stable Release Updates.

--
Mathias Gug
Ubuntu Developer http://www.ubuntu.com

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.