On 10 April 2012 23:56, Paul Hartman <paul.hartman+gen...@gmail.com> wrote: > "Samba versions 3.6.3 and all versions previous to this are affected > by a vulnerability that allows remote code execution as the "root" > user from an anonymous connection." > > "As this does not require an authenticated connection it is the most > serious vulnerability possible in a program, and users and vendors are > encouraged to patch their Samba installations immediately." > > More info at: > https://www.samba.org/samba/security/CVE-2012-1182 >
There is already a fixed version (3.5.14) stable on x86, amd64 and hppa (and obviously ~arch for the other arches) and it should go stable on those other arches soon and have a GLSA soon as well.
