Release Planning for Samba 3.2: Difference between revisions
Line 65: | Line 65: | ||
== Samba 3.2.7 == |
== Samba 3.2.7 == |
||
:Release Notes for Samba 3.2.7 |
|||
:January, 05 2009 |
|||
===This is a security release in order to address CVE-2009-0022.=== |
|||
* CVE-2009-0022 |
|||
: In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28). |
|||
---- |
|||
('''Updated 05-January-2009''') |
('''Updated 05-January-2009''') |
||
* Monday, January 05 - Samba 3.2.7 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 CVE-2009-0022] ("Potential access to "/" in setups with registry shares enabled") |
* Monday, January 05 - Samba 3.2.7 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 CVE-2009-0022] ("Potential access to "/" in setups with registry shares enabled") |
Revision as of 13:51, 28 April 2011
Samba 3.2 discontinued
(Updated 01-March-2010)
With the release of Samba 3.5.0, Samba 3.2 has been marked discontinued.
Samba 3.2 turned into mode
(Updated 11-August-2009)
Moving forward, any 3.2.x releases will be on a as needed basis for security issues only.
Samba 3.2.15
(Updated 1-October-2009)
- Thursday, October 1 - Samba 3.3.8 has been issued as Security Release to address CVE-2009-2906,
CVE-2009-2906 and CVE-2009-2813.
Release Notes Samba 3.2.15
Samba 3.2.14
(Updated 23-June-2009)
- Wednesday, August 12 - Samba 3.2.14 has been released
Please note that this is the last bug fix release of the 3.2 series!
Release Notes Samba 3.2.14
Samba 3.2.13
(Updated 23-June-2009)
- Tuesday, June 23 2009: Samba 3.2.13 Security Release has been released to address
CVE-2009-1886 ("Formatstring vulnerability in smbclient") and CVE-2009-1888 ("Uninitialized read of a data value"). For more information, please see Samba Security page.
Security Advisory for CVE-2009-1886 Security Advisory for CVE-2009-1888
Samba 3.2.12
(Updated 16-June-2009)
- Tuesday, June 16 - Samba 3.2.12 has been released
Release Notes Samba 3.2.12
Samba 3.2.11
(Updated 17-April-2009)
Release Notes Samba 3.2.11
Samba 3.2.10
(Updated 1-April-2009)
- Wednesday, April 1 - Samba 3.2.10 has been released due to update problems in Samba 3.2.9 (see BUG 6195 and the release notes for more details).
Samba 3.2.9
(Updated 31-March-2009)
- Tuesday, March 31 - Samba 3.2.9 has been released
Release Notes Samba 3.2.9
Samba 3.2.8
(Updated 03-February-2009)
- Tuesday, February 03 - Samba 3.2.8 has been released
Release Notes Samba 3.2.8
Samba 3.2.7
- Release Notes for Samba 3.2.7
- January, 05 2009
This is a security release in order to address CVE-2009-0022.
- CVE-2009-0022
- In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28).
(Updated 05-January-2009)
- Monday, January 05 - Samba 3.2.7 Security Release has been released to address CVE-2009-0022 ("Potential access to "/" in setups with registry shares enabled")
Security advisory
Samba 3.2.6
- Release Notes for Samba 3.2.6
- December 10, 2008
This is a bug fix release of the Samba 3.2 series.
Major enhancements included in Samba 3.2.6 are:
- Fix Winbind crash bugs.
- Fix moving of readonly files.
- Fix "write list" in setups using "security = share".
- Fix access to cups-printers with cups 1.3.4.
- Fix timeouts in setups with large groups.
- Fix several bugs concerning Alternate Data Streams.
- Add new SMB traffic analyzer VFS module.
(Updated 28-November-2008)
- Wednesday, December 10 - Samba 3.2.6 has been released.
Release Notes Samba 3.2.6
Samba 3.2.5
- Release Notes for Samba 3.2.5
- November, 27 2008
This is a security release in order to address CVE-2008-4314.
- ("Potential leak of arbitrary memory contents")
- CVE-2008-4314
- Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients.
(Updated 27-November-2008)
- Thursday, November 27 - Samba 3.2.5 Security Release has been released to address CVE-2008-4314 ("Potential leak of arbitrary memory contents").
Security advisory
Samba 3.2.4
- Release Notes for Samba 3.2.4
- September 18, 2008
This is a bug fix release of the Samba 3.2 series.
Major bug fixes included in Samba 3.2.4 are:
- Fix Winbind crashes.
- Fix changing of machine account passwords.
- Fix non guest connections to shares when "security = share" is used.
- Fix file write times.
(Updated 18-September-2008)
- Thursday, September 18 - Samba 3.2.4 has been released
Release Notes Samba 3.2.4
Samba 3.2.3
- Release Notes for Samba 3.2.3
- August, 27 2008
This is a security release in order to address CVE-2008-3789.
- ("Wrong permissions of group_mapping.ldb")
- CVE-2008-3789 The file group_mapping.ldb is created with the permissions 0666. That means everyone is able to edit this file and might map any SID to root.
(Updated 27-August-2008)
- Wednesday, August 27 - Samba 3.2.3 Security Release has been released to address CVE-2008-3789 ("Wrong permissions of group_mapping.ldb")
Security advisory
Samba 3.2.2
- Release Notes for Samba 3.2.2
- August, 19 2008
This is a bug fix release of the Samba 3.2 series.
Major bug fixes included in Samba 3.2.2 are:
- Fix removal of dead records in tdb files. This can lead to very large tdb files and to overflowing partitions as a consequence on systems running an nmbd daemon.
- Fix "force group" in setups using Winbind.
- Fix freezing Windows Explorer on WinXP while browsing Samba shares. This one led to timeouts during printing as well.
- Fix assigning of primary group memberships when authenticating via Winbind.
- Fix creation and installation of shared libraries.
(Updated 18-August-2008)
- Tuesday, August 19 - Planned release date for 3.2.2 (bugfix release)
Release Notes Samba 3.2.2
Samba 3.2.1
- Release Notes for Samba 3.2.1
- August 5, 2008
This is the second stable release of Samba 3.2.
Major bug fixes included in Samba 3.2.1 are:
- Race condition in Winbind leading to a crash.
- Regression in Winbindd offline mode.
- Flushing of smb.conf when creating a new share using SWAT.
- Setting of ACEs in setups with "dos filemode = yes".
(Updated 20-July-2008)
- Tuesday, August 5 - 3.2.1 has been released.
Release Notes Samba 3.2.1
Samba 3.2.0
- Release Notes for Samba 3.2.0
- July 1, 2008
This is the first stable release of Samba 3.2.0.
Please be aware that Samba is now distributed under the version 3 of the new GNU General Public License. You may refer to the COPYING file that accompanies these release notes for further licensing details.
Major enhancements in Samba 3.2.0 include:
File Serving:
- Use of IDL generated parsing layer for several DCE/RPC interfaces.
- Removal of the 1024 byte limit on pathnames and 256 byte limit on filename components to honor the MAX_PATH setting from the host OS.
- Introduction of a registry based configuration system.
- Improved CIFS Unix Extensions support.
- Experimental support for file serving clusters.
- Support for IPv6 in the server, and client tools and libraries.
- Support for storing alternate data streams in xattrs.
- Encrypted SMB transport in client tools and libraries, and server.
- Support for Vista clients authenticating via Kerberos.
Winbind and Active Directory Integration:
- Full support for Windows 2003 cross-forest, transitive trusts and one-way domain trusts.
- Support for userPrincipalName logons via pam_winbind and NSS lookups.
- Expansion of nested domain groups via NSS calls.
- Support for Active Directory LDAP Signing policy.
- New LGPL Winbind client library (libwbclient.so).
- Support for establishing interdomain trust relationships with Windows 2008.
Joining:
- New NetApi library for domain join related queries (libnetapi.so) and example GTK+ Domain join gui.
- New client and server support for remotely joining and unjoining Domains.
- Support for joining into Windows 2008 domains.
(Updated 02-July-2008) The following time based release schedule is currently in play for Samba 3.2.0:
- Friday, February 29 - Feature freeze for Samba 3.2.0pre2 in the v3-2-stable git branch.
- Tuesday, March 4 - Samba 3.2.0pre2 has been released.
- Friday, March 28 - Planned release date for 3.2.0pre3: postponed due to some critical bugs.
- Friday, April 18 - Planned release date for 3.2.0.: postponed
- Tuesday, April 22 - Feature freeze for Samba 3.2.0pre3 in the v3-2-stable git branch.
- Friday, April 25 - Samba 3.2.0pre3 has been released.
- Friday, May 23 - Samba 3.2.0rc1 has been released.
- Tuesday, June 10 - Samba 3.2.0rc2 has been released.
- Tuesday, July 1 - 3.2.0 final has been released.
Release Notes Samba 3.2.0