[pca] samba patch from oracle.

Paul B. Henson henson at acm.org
Fri Apr 20 23:55:41 CEST 2012


On 4/20/2012 8:12 AM, francis picabia wrote:

> I've put in a SR with Oracle too.  They said they are going to
> release 3.6.4, which is bullshit because Samba stated they we
> backporting patches for many versions due to the serious nature of
> the exploit and ease of attack.

I've heard 3.6 still has some winbind issues, so I certainly hope they 
don't issue a major version upgrade rather than simply bumping to 3.5.14 
8-/.

> My Redhat and Debian machines were updated for the samba exploit
> about a week ago, but we may have to wait until May to get this
> fixed. PATHETIC.

Yup.

> Your Solaris can be secured by two methods

I'm still trying to be optimistic that Illumian or OpenIndiana will take 
off and get production ready so we can have the benefits of Solaris 
technology without the headache of dealing with Oracle.




More information about the pca mailing list