I've checked, and this issue does not apply to samba4, because the 'samba4' winbind does not implement this feature at all. That is, the problem directive is ignored in all cases. (This is still fail-open, but in this case consistently open).
https://security-tracker.debian.org/tracker/CVE-2012-6150 Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/1390604677.1160.73.camel@jesse
