headers
Karolin Seeger | 29 Jan 21:50
Picon

[Announce] Samba 3.6.3 Security Release Available

Release Announcements
=====================

This is a security release in order to address
CVE-2012-0817 (Memory leak/Denial of service).

o  CVE-2012-0817:
   The Samba File Serving daemon (smbd) in Samba versions
   3.6.0 to 3.6.2 is affected by a memory leak that can
   cause a server denial of service.

Changes since 3.6.2:
--------------------

o   Jeremy Allison <jra <at> samba.org>
    * BUG 8724: Fix memory leak in parent smbd on connection.

o   Ira Cooper <samba <at> ira.wakeful.net>
    * BUG 8724: Fix memory leak in parent smbd on connection.

######################################################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karolin Seeger | 25 Jan 20:14
Picon

[Announce] Samba 3.6.2 Available for Download

===================================================================
			"Originality is the fine art of remembering
			 what you hear but forgetting where you
			 heard it."

			 Laurence J. Peter
==================================================================

Release Announcements
=====================

This is the latest stable release of Samba 3.6.

Major enhancements in Samba 3.6.2 include:

o  Make Winbind receive user/group information (bug #8371).
o  Several SMB2 fixes.

Changes since 3.6.1:
--------------------

o   Michael Adam <obnox <at> samba.org>
    * BUG 8528: Fix SEGFAULT from net registry export on not zero terminated
      REG_SZ values.

o   Jeremy Allison <jra <at> samba.org>
    * BUG 8541: readlink() on Linux clients fails if the symlink target is
      outside of the share.
    * BUG 8542: smbclient posix_open command fails to return correct info on
      open file.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karolin Seeger | 2 Nov 19:58
Picon

[Announce] Samba 3.5.12 Available for Download

===================================================================
					"I am not an economist.
					 I am an honest man!"

					 Paul McCracken
==================================================================

Release Announcements
=====================

This is the latest stable release of Samba 3.5.

Major enhancements in Samba 3.5.12 include:

o  Fix race condition in Winbind (bug 7844).
o  The VFS ACL modules are no longer experimental but production-ready.

Changes since 3.5.11:
--------------------

o   Jeremy Allison <jra <at> samba.org>
    * BUG 7509: smb_acl_to_posix: ACL is invalid for set (Invalid argument).
    * BUG 7551: Return error of cli_push when 'put - /some/file' is used.
    * BUG 8156: 'net ads join' fails to use the user's kerberos ticket.
    * BUG 8370: Fix vfs_chown_fsp.
    * BUG 8422: Fix infinite loop in ACL module code.
    * BUG 8443: Be smarter about setting default permissions when a ACL_USER_OBJ
      isn't given.
    * BUG 8458: IE9 on Windows 7 cannot download files to samba 3.5.11 share.
    * BUG 8493: DFS breaks zip file extracting unless "follow symlinks = no"
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karolin Seeger | 20 Oct 19:41
Picon

[Announce] Samba 3.6.1 Available for Download

===================================================================
				"I'm desperately trying to figure
				 out why kamikaze pilots wore
				 helmets."

				 Dave Edison
==================================================================

Release Announcements
=====================

This is the latest stable release of Samba 3.6.

Major enhancements in Samba 3.6.1 include:

o  Fix smbd crashes triggered by Windows XP clients (bug #8384).
o  Fix a Winbind race leading to 100% CPU load (bug #8409).
o  Several SMB2 fixes.
o  The VFS ACL modules are no longer experimental but production-ready.

Changes since 3.6.0:
--------------------

o   Michael Adam <obnox <at> samba.org>
    * BUG 8368: Fix the fallback to the deprecated spelling idmap:script.

o   Jeremy Allison <jra <at> samba.org>
    * BUG 7509: smb_acl_to_posix: ACL is invalid for set (Invalid argument).
    * BUG 8229: Fix 'widelinks' regression.
    * BUG 8370: Fix vfs_chown_fsp.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jeremy Allison | 12 Oct 02:20
Picon

Contributing to Samba: Samba now accepts corporate copyright.

Here is a change we're instituting immediately to make it easier
for corporations to contribute code changes to Samba whilst still
retaining copyright ownership of the contributed code.

Feel free to ask any questions on the samba-technical <at> samba.org
list.

We'd like to thank our lawyers at the Software Freedom Law Center
for helping us to make this change.

Regards,

	The Samba Team.

-------------------------------------------------------------------
Samba is a project with distributed copyright ownership, which means
we prefer the copyright on parts of Samba to be held by individuals
rather than corporations if possible. There are historical legal
reasons for this, but one of the best ways to explain it is that it's
much easier to work with individuals who have ownership than corporate
legal departments if we ever need to make reasonable compromises with
people using and working with Samba.

We track the ownership of every part of Samba via git, our source code
control system, so we know the provenance of every piece of code that
is committed to Samba.

So if possible, if you're doing Samba changes on behalf of a company
who normally owns all the work you do please get them to assign
personal copyright ownership of your changes to you as an individual,
(Continue reading)

Permalink | Reply | 0 comments |
headers
Andrew Bartlett | 13 Sep 07:16
Picon

[ANNOUNCE] Samba 4.0 alpha 17

We are proud to a announce another alpha release of Samba 4.0, alpha 17

What's new in Samba 4.0 alpha17
===============================

Samba 4.0 will be the next version of the Samba suite and incorporates
all the technology found in both the Samba4 alpha series and the
stable 3.x series. The primary additional features over Samba 3.6 are
support for the Active Directory logon protocols used by Windows 2000
and above.

WARNINGS
========

Samba4 alpha17 is not a final Samba release, however we are now making
good progress towards a Samba 4.0 release, of which this is a preview.
Be aware the this release contains both the technology of Samba 3.6
(that you can reasonably expect to upgrade existing Samba 3.x releases
to) and the AD domain controller work previously known as 'samba4'.

While binaries for the stable file server are provided in this
release, for a stable, supported file server, Samba3 domain or AD
domain member installation, please run a Samba 3.x release, as we are
still bedding down the new single build system.

Samba4 is subjected to an awesome battery of tests on an automated
basis, we have found Samba 4.0 to be very stable in it's behavior.
However, we still recommend against upgrading production servers from
Samba 3.x release to Samba 4.0 alpha at this stage.
(Continue reading)

Permalink | Reply | 3 comments |
headers
Karolin Seeger | 23 Aug 20:17
Picon

[Announce] Samba 3.4.15 Available for Download

=================================================================
			"Some cause happiness wherever they go;
			 others whenever they go."

			 Oscar Wilde
==================================================================

Release Announcements
=====================

This is the latest stable release of Samba 3.4.

Changes since 3.4.14
--------------------

o   David Disseldorp <ddiss <at> suse.de>
    * BUG 7836: Make newly added printers visible to clients,
    * BUG 7994: Make cups async printcap retrieval notify parent smbd of error	      status.
    * BUG 8269: Stop spamming log with "Could not find child X -- ignoring"
      messages.

o   Björn Jacke <bj <at> sernet.de>
    * BUG 8362: Fix build issue on old glibc systems.

o   Jim McDonough <jmcd <at> samba.org>
    * BUG 6364: Pull realm from supplied username on libnet join.

o   Stefan Metzmacher <metze <at> samba.org>
    * BUG 8276: Return the used number of sockets in create_listen_fdset().
    * BUG 8347: Fix CVE-2011-2522 regression for HP-UX, AIX and OSF.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karolin Seeger | 9 Aug 14:32
Picon

[Announce] Samba 3.6.0 Available for Download

===================================================================
			"Forgiveness is the economy of the heart...
			 Forgiveness saves the expense of anger,
			 the cost of hatred, the waste of spirits."

			 Hannah More
==================================================================

Release Announcements
=====================

This is the first release of Samba 3.6.0.

Major enhancements in Samba 3.6.0 include:

Changed security defaults
-------------------------

Samba 3.6 has adopted a number of improved security defaults that will
impact on existing users of Samba.

 client ntlmv2 auth = yes
 client use spnego principal = no
 send spnego principal = no

The impact of 'client ntlmv2 auth = yes' is that by default we will not
use NTLM authentication as a client.  This applies to the Samba client
tools such as smbclient and winbind, but does not change the separately
released in-kernel CIFS client.  To re-enable the poorer NTLM encryption
set '--option=clientusentlmv2auth=no' on your smbclient command line, or
(Continue reading)

Permalink | Reply | 2 comments |
headers
Karolin Seeger | 4 Aug 10:34
Picon

[Announce] Samba 3.5.11 Available for Download

===================================================================
				"Birthdays are nature's way of
				 telling us to eat more cake."

				 Source Unknown
==================================================================

Release Announcements
=====================

This is the latest stable release of Samba 3.5.

Major enhancements in Samba 3.5.11 include:

o  Fix access to Samba shares when Windows security patch KB2536276 is installed
   (bug #7460).
o  Fix DoS in Winbind and smbd with many file descriptors open (bug #7949).
o  Fix Winbind panics if verify_idpool() fails (bug #8253).

Changes since 3.5.10:
--------------------

o   Jeremy Allison <jra <at> samba.org>
    * BUG 7462: Make SA_RESETHAND conditional on its existance.
    * BUG 8254: Make "acl check permissions = no" working in all cases.

o   Gregor Beck <gbeck <at> sernet.de>
    * BUG 8253: Fix Winbind panics if verify_idpool() fails.

o   David Disseldorp <ddiss <at> suse.de>
(Continue reading)

Permalink | Reply | 3 comments |
headers
Karolin Seeger | 26 Jul 22:36
Picon

[Announce] Samba 3.6.0rc3 Available for Download

Release Announcements
---------------------

This is the third release candidate of Samba 3.6.0.  This is *not*
intended for production environments and is designed for testing
purposes only.  Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.

Major enhancements in Samba 3.6.0 include:

Changed security defaults
-------------------------

Samba 3.6 has adopted a number of improved security defaults that will
impact on existing users of Samba.

 client ntlmv2 auth = yes
 client use spnego principal = no
 send spnego principal = no

The impact of 'client ntlmv2 auth = yes' is that by default we will not
use NTLM authentication as a client.  This applies to the Samba client
tools such as smbclient and winbind, but does not change the separately
released in-kernel CIFS client.  To re-enable the poorer NTLM encryption
set '--option=clientusentlmv2auth=no' on your smbclient command line, or
set 'client ntlmv2 auth = no' in your smb.conf

The impact of 'client use spnego principal = no' is that Samba will
use CIFS/hostname to obtain a kerberos ticket, acting more like
Windows when using Kerberos against a CIFS server in smbclient,
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karolin Seeger | 26 Jul 20:17
Picon

[Announce] Samba 3.5.10, 3.4.14 and 3.3.16 Security Releases Available

Release Announcements
=====================

Samba 3.5.10, 3.4.14 and 3.3.16 are security releases in order to
address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).

o  CVE-2011-2522:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site request forgery.

o  CVE-2011-2694:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site scripting
   vulnerability.

Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.

Changes
-------

o   Kai Blin <kai <at> samba.org>
    * BUG 8289: SWAT contains a cross-site scripting vulnerability.
    * BUG 8290: CSRF vulnerability in SWAT.

================
Download Details
================
(Continue reading)

Permalink | Reply | 0 comments |

Gmane