Samba Exploit Discovered, Fixed
An anonymous reader submits: "Digital Defense reported a remote root vulnerability in Samba that has existed in Samba source code for over 8 years. If it hadn't been caught from a wild packet capture, who knows how many more years it might have gone on. Fixes for this, and at least three other vulnerabilities have been fixed today. This is a serious threat to many thousands of people.. Did you plan to spend your Monday upgrading to Samba 2.2.8a?"
elijahao supplies some more information: "All stable versions are affected (2.x), but the 3.0 series is not. Here is a link to the News page. Check out a mirror near you to get the Source or Security patches from 2.2.7a, 2.2.8, or 2.0.10."
You suck, dude. This is why I'll never go with Open Source. A silly apology with a frown smily won't cover my losses in the real world.
You are a joke. Instead of spending all your time cataloguing all of MS's bugs, why don't you spend some time auditing your own code. Perhaps then we'd have a useful product and then we'd respect you enough to trust your word.
I wish you'd act in a professional way for once.
-- You see, there would be these conclusions that you could jump to
Anyone who runs anything on Linux with internet access is very much a fool.
If I ever met you, I would tie you down, shit on your face, fuck your asshole until it bled, and then I would burn your body and jerk off on the ashes.
would anyone connect a Samba server directly to the internet anyway? This is only an exploit of stupidity, of which there are many.
Hey faggot, don't reply to your own posts... It lets people know how gay you are.
Keeping a major security hole secret -is- extremely unprofessional. That you admit to keeping them secret makes me question the responsibility of yourself and the entire Samba team.
Show me please. They are my vendor and as far as I am concerned have always done a bang up job in customer service. If theres a problem I will let them know and they will fix it. I highly doubt your statement without any backup. To complain about MS when its YOUR shoddy code's fault is absolutely unprofessional. You are on public record for absolutely ravaging MS whatever they do. What a fricking hypocrit.
"Hmmm, I screwed up really bad... Better play that MS card."
-Jeremy Allison
Mod me down please but this is the exact double standard that seems to pervade Slashdot and every GPL nut that I talk to. If there are ever any problems whatsoever its all Microsofts fault. Give me a break.
Send code to:
theredavenger@hotmail.com
and I can communicate with you on your wonder crash for w2k server.
Well you're a no-nothing shitwit anyways, and nobody gives a damn.
You had to add the "and fixed" so your little ego wouldn't be slapped by a remote root hole. "WE'RE NOT LIKE MICR$$OFFOFT!" I hear you cry. Well guess what, you are. You may do it for prestige, or enjoyment, rather than raw cash, but they're all about self-fulfillment, and are morally equivalent. And a good OSS authorship will help you get a good job anyway: I've known people use their OSS contributions in this way.