For those who were hit by this as I was.
Samba is being updated in Debian 9 and the Debian 8 security backports because
of a recently disclosed bug in Heimdal (a Kerberos implementation) that affects
Samba.
The Debian bug where you can read more about this is #868209, and the Heimdal
bug is CVE-2017-11103. Yes, it has a silly name, and its own domain name
already, and an annoying WWW page that auto-plays music. One of *those* bugs.
(-:
People have already opened a Debian bug for the problems caused by at least two
problematic package dependencies in the newly published Samba packages, that
mean that people cannot upgrade, and cannot reinstall, Samba.
That Debian bug is #868353 ("samba-libs dependencies broken in jessie
debian-security repo").
There is additional information in bug #868209 under "Samba security updates
uninstallable due to broken dependency of python-talloc". As you can see, it is
being worked on.
