[csw-users] Security Vulnerabilities in Samba.

Jeremiah Johnson jeremiah.johnson at gmail.com
Fri Jul 20 18:35:46 CEST 2007


On 7/20/07, Jens Langner <J.Langner at fzd.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Jeremiah,
>
> Jeremiah Johnson schrieb:
>
> [...]
> > Thanks, I appreciate it.  Sun and SFW have released updates, but our
> > maintance policy is a bit odd for installing sun patches which is why
> > we're using Blastwave.
>
> Can you please elaborate where to get those Sun/SFW updates from?
> Because out of the sunvolve document you have linked us to, I can't see
> where one can get the SFW updates. In there the issue is still under
> investigation and not closed.
>
> BTW: We also once used the blastwave samba packages instead of the ones
> from SFW. However, in our large 100+ users environment they proved to be
> substantly slower (less performant) than the ones supplied by SFW. I
> dunno why, but perhaps the SFW packages are compiled with a higher
> optimization enabled.
>
> cheers,
> jens
> - --
> Jens Langner                                         Ph: +49-351-2602757
> Forschungszentrum Dresden-Rossendorf e.V.
> Institute of Radiopharmacy - PET Center                 J.Langner at fzd.de
> Germany                                               http://www.fzd.de/


I apologize, you are correct, the sunsolve article doesnt give a
complete resolution yet.  But there are SFW packages available at the
sunfreeware site.  I am not sure why Sun is dragging their feet on
this because as far as I can see the Samba packages included with
Solaris 10 are just SFW packages.

-miah



More information about the users mailing list