Release Planning for Samba 3.3: Difference between revisions
Line 79: | Line 79: | ||
'''Please note, that this will probably be the last bug fix release of the 3.3 series.''' |
'''Please note, that this will probably be the last bug fix release of the 3.3 series.''' |
||
Samba 3.3.12 |
|||
('''Updated 09-March-2010''') |
('''Updated 09-March-2010''') |
Revision as of 14:23, 2 May 2011
This release series is in the security fixes only mode.
Samba 3.3 turned into security fixes only mode
(Updated 01-March-2010)
Moving forward, any 3.3.x releases will be on a as needed basis for security issues only.
Samba 3.3.15
- Release Notes for Samba 3.3.15
- February 28, 2011
This is a security release in order to address CVE-2011-0719.
- All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.
(Updated 28-February-2011)
- Monday, February 28 - Samba 3.3.15 has been released to address CVE-2011-0719.
Release Notes Samba 3.3.15
Samba 3.3.14
- Release Notes for Samba 3.3.14
- September 14, 2010
This is a security release in order to address CVE-2010-3069.
- All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server.
(Updated 14-September-2010)
- Tuesday, September 14 - Samba 3.3.14 has been released to address CVE-2010-2069.
Release Notes Samba 3.3.14
Samba 3.3.13
- Release Notes for Samba 3.3.13
- June 16, 2010
This is a security release in order to address CVE-2010-2063.
- In Samba 3.3.x and below, a buffer overrun is possible in chain_reply code.
(Updated 16-June-2010)
- Wednesday, June 16 - Samba 3.3.13 has been released to address CVE-2010-2063.
Release Notes Samba 3.3.13
Samba 3.3.12
- Release Notes for Samba 3.3.12
- March 8, 2010
This is a security release in order to address CVE-2010-0728.
- In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code was added to fix a problem with Linux asynchronous IO handling. This code introduced a bad security flaw on Linux platforms if the binaries were built on Linux platforms with libcap support. The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access.
(Updated 09-March-2010)
- Monday, March 8 - Samba 3.3.12 has been released to address CVE-2010-0728.
Release Notes Samba 3.3.12
Samba 3.3.11
(Updated 26-February-2010)
- Friday, February 26 - Samba 3.3.11 has been released
Please note, that this will probably be the last bug fix release of the 3.3 series.
Samba 3.3.12
(Updated 09-March-2010)
- Monday, March 8 - Samba 3.3.12 has been released to address CVE-2010-0728.
Release Notes Samba 3.3.12
Samba 3.3.10
(Updated 14-January-2010)
- Thursday, January 14 - Samba 3.3.10 has been released
Release Notes Samba 3.3.10
Samba 3.3.9
(Updated 15-October-2009)
- Thursday, October 15 - Samba 3.3.9 has been released
Release Notes Samba 3.3.9
Samba 3.3.8
(Updated 1-October-2009)
- Thursday, October 1 - Samba 3.3.8 has been issued as Security Release to address CVE-2009-2906,
CVE-2009-2906 and CVE-2009-2813.
Release Notes Samba 3.3.8
Samba 3.3.7
(Updated 23-June-2009)
- Wednesday, July 29 - Samba 3.3.7 has been released
Release Notes Samba 3.3.7
Samba 3.3.6
(Updated 23-June-2009)
- Tuesday, June 23 2009: Samba 3.3.6 Security Release has been released to address
CVE-2009-1888 ("Uninitialized read of a data value"). For more information, please see Samba Security page.
Security Advisory
Samba 3.3.5
(Updated 16-June-2009)
- Tuesday, June 16 - Samba 3.3.5 has been released
Release Notes Samba 3.3.5
Samba 3.3.4
(Updated 29-April-2009)
- Wednesday, April 29 - Samba 3.3.4 has been released
Release Notes Samba 3.3.4
Samba 3.3.3
(Updated 01-April-2009)
- Wednesday, April 1 - Samba 3.3.3 has been released
Release Notes Samba 3.3.3
Samba 3.3.2
(Updated 12-March-2009)
- Thursday, March 12 - Samba 3.3.2 has been released
Release Notes Samba 3.3.2
Samba 3.3.1
(Updated 24-February-2009)
- Tuesday, February 24 - Samba 3.3.1 has been released
Release Notes Samba 3.3.1
Samba 3.3.0
(Updated 27-January-2009)
- Tuesday, August 26 - Samba 3.3.0pre1 has been released
- Thursday, October 2 - Samba 3.3.0pre2 has been released
- Thursday, November 27 - Samba 3.3.0rc1 has been released
- Monday, December 15 - Samba 3.3.0rc2 has been released
- Tuesday, January 27 - Samba 3.3.0 has been released
Release Notes Samba 3.3.0