On 04/16/2012 05:45 PM, Earl J Sanchez wrote:
No we produce patches always for the latest version in a given branch (3.4, 3.5, 3.6, ...), if the samba that you are using is the one that was packaged by Sun and if you are still under support by Oracle then ask them for an update. If you build your own samba then you have two options:Hi, We are using Samba 3.4.2 on Oracle Solaris 10 UNIX server. I am looking at the samba site for patches for the CVE-2012-1182 vulnerability, but the closest patch versions I see are for samba 3.4.15& 3.4.16. Is there a specific patch to fix samba 3.4.2? Also, since we are patching, is there a cluster of patches available specifically for samba 3.4.2?
* try to backport the patches between 3.4.14 and 3.4.15 as they all are related to the security fix
* upgrade to 3.4.15The backport should work pretty easily as it's related to generated code and shouldn't be much impacted by the fixes made between 3.4.2 and 3.4.14. Upgrade to 3.4.15 should be doable too as we just push minor fix between version in the same branch.
Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Linux] [Info Cyrus] [LARTC] [Bugtraq] [Netfilter] [Internet Dating Forums] [RAID] [Yosemite News] [Photography]
|
|