Release Planning for Samba 3.2: Difference between revisions

From SambaWiki
 
(21 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== Samba 3.2 discontinued ==
== Samba 3.2 discontinued ==

('''Updated 01-March-2010''')
('''Updated 01-March-2010''')


With the release of Samba 3.5.0, Samba 3.2 has been marked '''discontinued'''.
With the release of Samba 3.5.0, Samba 3.2 has been marked '''discontinued'''.


== Samba 3.2 turned into mode ==
== Samba 3.2 turned into security fixes only mode ==

('''Updated 11-August-2009''')
('''Updated 11-August-2009''')


Line 13: Line 11:


== Samba 3.2.15 ==
== Samba 3.2.15 ==

('''Updated 1-October-2009''')
('''Updated 1-October-2009''')


* Thursday, October 1 - Samba 3.3.8 has been issued as '''Security Release''' to address [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 CVE-2009-2906],
* Thursday, October 1 - Samba 3.2.15 has been issued as '''Security Release''' to address [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 CVE-2009-2906],
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 CVE-2009-2906] and
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 CVE-2009-2906] and
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 CVE-2009-2813].
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 CVE-2009-2813].
Line 41: Line 38:
== Samba 3.2.12 ==
== Samba 3.2.12 ==
('''Updated 16-June-2009''')
('''Updated 16-June-2009''')

* Tuesday, June 16 - Samba 3.2.12 has been released
* Tuesday, June 16 - Samba 3.2.12 has been released
[http://www.samba.org/samba/history/samba-3.2.12.html Release Notes Samba 3.2.12]
[http://www.samba.org/samba/history/samba-3.2.12.html Release Notes Samba 3.2.12]
Line 47: Line 45:
== Samba 3.2.11 ==
== Samba 3.2.11 ==
('''Updated 17-April-2009''')
('''Updated 17-April-2009''')

* Friday, April 17 - Samba 3.2.11 has been release to address [https://bugzilla.samba.org/show_bug.cgi?id=6263 BUG 6263] and [https://bugzilla.samba.org/show_bug.cgi?id=6089 BUG 6089].
* Friday, April 17 - Samba 3.2.11 has been release to address [https://bugzilla.samba.org/show_bug.cgi?id=6263 BUG 6263] and [https://bugzilla.samba.org/show_bug.cgi?id=6089 BUG 6089].
[http://www.samba.org/samba/history/samba-3.2.11.html Release Notes Samba 3.2.11]
[http://www.samba.org/samba/history/samba-3.2.11.html Release Notes Samba 3.2.11]
Line 52: Line 51:
== Samba 3.2.10 ==
== Samba 3.2.10 ==
('''Updated 1-April-2009''')
('''Updated 1-April-2009''')

* Wednesday, April 1 - Samba 3.2.10 has been released due to update problems in Samba 3.2.9 (see [https://bugzilla.samba.org/show_bug.cgi?id=6195 BUG 6195] and the [http://www.samba.org/samba/history/samba-3.2.10.html release notes] for more details).
* Wednesday, April 1 - Samba 3.2.10 has been released due to update problems in Samba 3.2.9 (see [https://bugzilla.samba.org/show_bug.cgi?id=6195 BUG 6195] and the [http://www.samba.org/samba/history/samba-3.2.10.html release notes] for more details).


== Samba 3.2.9 ==
== Samba 3.2.9 ==
('''Updated 31-March-2009''')
:Release Notes for Samba 3.2.7
:January, 05 2009


===This is a security release in order to address CVE-2009-0022.===

* CVE-2009-0022
: In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28).

The original security announcement for this and past advisories can
be found http://www.samba.org/samba/security/

('''Updated 31-March-2009''')
* Tuesday, March 31 - Samba 3.2.9 has been released
* Tuesday, March 31 - Samba 3.2.9 has been released
[http://www.samba.org/samba/history/samba-3.2.9.html Release Notes Samba 3.2.9]
[http://www.samba.org/samba/history/samba-3.2.9.html Release Notes Samba 3.2.9]


== Samba 3.2.8 ==
== Samba 3.2.8 ==
('''Updated 03-February-2009''')


:Release Notes for Samba 3.2.8
:March 03, 2009

===This is a bug fix release of the Samba 3.2 series.===

====Major enhancements included in Samba 3.2.8 are:====

* Correctly detect if the current DC is the closest one.
* Add saf_join_store() function to memorize the DC used at join time.
: This avoids problems caused by replication delays shortly after domain joins.

The original security announcement for this and past advisories can be found http://www.samba.org/samba/security/

('''Updated 03-February-2009''')
* Tuesday, February 03 - Samba 3.2.8 has been released
* Tuesday, February 03 - Samba 3.2.8 has been released
[http://www.samba.org/samba/history/samba-3.2.8.html Release Notes Samba 3.2.8]
[http://www.samba.org/samba/history/samba-3.2.8.html Release Notes Samba 3.2.8]


== Samba 3.2.7 ==
== Samba 3.2.7 ==
('''Updated 05-January-2009''')
:Release Notes for Samba 3.2.7
:January, 05 2009


===This is a security release in order to address CVE-2009-0022.===

* CVE-2009-0022
: In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28).

----

('''Updated 05-January-2009''')
* Monday, January 05 - Samba 3.2.7 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 CVE-2009-0022] ("Potential access to "/" in setups with registry shares enabled")
* Monday, January 05 - Samba 3.2.7 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 CVE-2009-0022] ("Potential access to "/" in setups with registry shares enabled")
[http://www.samba.org/samba/security/CVE-2009-0022.html Security advisory]
[http://www.samba.org/samba/security/CVE-2009-0022.html Security advisory]


== Samba 3.2.6 ==
== Samba 3.2.6 ==
('''Updated 28-November-2008''')


:Release Notes for Samba 3.2.6
:December 10, 2008

===This is a bug fix release of the Samba 3.2 series.===

====Major enhancements included in Samba 3.2.6 are:====

* Fix Winbind crash bugs.
* Fix moving of readonly files.
* Fix "write list" in setups using "security = share".
* Fix access to cups-printers with cups 1.3.4.
* Fix timeouts in setups with large groups.
* Fix several bugs concerning Alternate Data Streams.
* Add new SMB traffic analyzer VFS module.

('''Updated 28-November-2008''')
* Wednesday, December 10 - Samba 3.2.6 has been released.
* Wednesday, December 10 - Samba 3.2.6 has been released.
[http://www.samba.org/samba/history/samba-3.2.6.html Release Notes Samba 3.2.6]
[http://www.samba.org/samba/history/samba-3.2.6.html Release Notes Samba 3.2.6]


== Samba 3.2.5 ==
== Samba 3.2.5 ==
('''Updated 27-November-2008''')
:Release Notes for Samba 3.2.5
:November, 27 2008
===This is a security release in order to address CVE-2008-4314.===
:: ("Potential leak of arbitrary memory contents")


* CVE-2008-4314
:: Samba 3.0.29 to 3.2.4 can potentially leak arbitrary memory contents to malicious clients.


('''Updated 27-November-2008''')
* Thursday, November 27 - Samba 3.2.5 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 CVE-2008-4314] ("Potential leak of arbitrary memory contents").
* Thursday, November 27 - Samba 3.2.5 '''Security Release''' has been released to address [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 CVE-2008-4314] ("Potential leak of arbitrary memory contents").
[http://www.samba.org/samba/security/CVE-2008-4314.html Security advisory]
[http://www.samba.org/samba/security/CVE-2008-4314.html Security advisory]


== Samba 3.2.4 ==
== Samba 3.2.4 ==

:Release Notes for Samba 3.2.4
:September 18, 2008


===This is a bug fix release of the Samba 3.2 series.===

====Major bug fixes included in Samba 3.2.4 are:====

* Fix Winbind crashes.
* Fix changing of machine account passwords.
* Fix non guest connections to shares when "security = share" is used.
* Fix file write times.

----

('''Updated 18-September-2008''')
('''Updated 18-September-2008''')


Line 163: Line 91:


== Samba 3.2.3 ==
== Samba 3.2.3 ==

:Release Notes for Samba 3.2.3
:August, 27 2008

====This is a security release in order to address CVE-2008-3789.====
:: ("Wrong permissions of group_mapping.ldb")

* CVE-2008-3789 The file group_mapping.ldb is created with the permissions 0666. That means everyone is able to edit this file and might map any SID to root.


----

('''Updated 27-August-2008''')
('''Updated 27-August-2008''')


Line 181: Line 97:


== Samba 3.2.2 ==
== Samba 3.2.2 ==

:Release Notes for Samba 3.2.2
:August, 19 2008

===This is a bug fix release of the Samba 3.2 series.===

====Major bug fixes included in Samba 3.2.2 are:====

* Fix removal of dead records in tdb files. This can lead to very large tdb files and to overflowing partitions as a consequence on systems running an nmbd daemon.
* Fix "force group" in setups using Winbind.
* Fix freezing Windows Explorer on WinXP while browsing Samba shares. This one led to timeouts during printing as well.
* Fix assigning of primary group memberships when authenticating via Winbind.
* Fix creation and installation of shared libraries.

----

('''Updated 18-August-2008''')
('''Updated 18-August-2008''')


Line 203: Line 103:


== Samba 3.2.1 ==
== Samba 3.2.1 ==

:Release Notes for Samba 3.2.1
:August 5, 2008

===This is the second stable release of Samba 3.2.===

====Major bug fixes included in Samba 3.2.1 are:====

* Race condition in Winbind leading to a crash.
* Regression in Winbindd offline mode.
* Flushing of smb.conf when creating a new share using SWAT.
* Setting of ACEs in setups with "dos filemode = yes".

----

('''Updated 20-July-2008''')
('''Updated 20-July-2008''')


Line 224: Line 109:


== Samba 3.2.0 ==
== Samba 3.2.0 ==
:Release Notes for Samba 3.2.0
:July 1, 2008

===This is the first stable release of Samba 3.2.0.===

Please be aware that Samba is now distributed under the version 3
of the new GNU General Public License. You may refer to the COPYING
file that accompanies these release notes for further licensing details.

===Major enhancements in Samba 3.2.0 include:===

====File Serving:====
* Use of IDL generated parsing layer for several DCE/RPC interfaces.
* Removal of the 1024 byte limit on pathnames and 256 byte limit on filename components to honor the MAX_PATH setting from the host OS.
* Introduction of a registry based configuration system.
* Improved CIFS Unix Extensions support.
* Experimental support for file serving clusters.
* Support for IPv6 in the server, and client tools and libraries.
* Support for storing alternate data streams in xattrs.
* Encrypted SMB transport in client tools and libraries, and server.
* Support for Vista clients authenticating via Kerberos.

====Winbind and Active Directory Integration:====
* Full support for Windows 2003 cross-forest, transitive trusts and one-way domain trusts.
* Support for userPrincipalName logons via pam_winbind and NSS lookups.
* Expansion of nested domain groups via NSS calls.
* Support for Active Directory LDAP Signing policy.
* New LGPL Winbind client library (libwbclient.so).
* Support for establishing interdomain trust relationships with Windows 2008.

====Joining:====
* New NetApi library for domain join related queries (libnetapi.so) and example GTK+ Domain join gui.
* New client and server support for remotely joining and unjoining Domains.
* Support for joining into Windows 2008 domains.

----

('''Updated 02-July-2008''') The following time based release schedule is currently in play for Samba 3.2.0:
('''Updated 02-July-2008''') The following time based release schedule is currently in play for Samba 3.2.0:



Latest revision as of 19:01, 9 August 2011

Samba 3.2 discontinued

(Updated 01-March-2010)

With the release of Samba 3.5.0, Samba 3.2 has been marked discontinued.

Samba 3.2 turned into security fixes only mode

(Updated 11-August-2009)

Moving forward, any 3.2.x releases will be on a as needed basis for security issues only.

Samba 3.2.15

(Updated 1-October-2009)

  • Thursday, October 1 - Samba 3.2.15 has been issued as Security Release to address CVE-2009-2906,

CVE-2009-2906 and CVE-2009-2813.

 Release Notes Samba 3.2.15

Samba 3.2.14

(Updated 23-June-2009)

  • Wednesday, August 12 - Samba 3.2.14 has been released

Please note that this is the last bug fix release of the 3.2 series!

 Release Notes Samba 3.2.14

Samba 3.2.13

(Updated 23-June-2009)

  • Tuesday, June 23 2009: Samba 3.2.13 Security Release has been released to address

CVE-2009-1886 ("Formatstring vulnerability in smbclient") and CVE-2009-1888 ("Uninitialized read of a data value"). For more information, please see Samba Security page.

 Security Advisory for CVE-2009-1886
 Security Advisory for CVE-2009-1888

Samba 3.2.12

(Updated 16-June-2009)

  • Tuesday, June 16 - Samba 3.2.12 has been released
 Release Notes Samba 3.2.12


Samba 3.2.11

(Updated 17-April-2009)

  • Friday, April 17 - Samba 3.2.11 has been release to address BUG 6263 and BUG 6089.
 Release Notes Samba 3.2.11

Samba 3.2.10

(Updated 1-April-2009)

  • Wednesday, April 1 - Samba 3.2.10 has been released due to update problems in Samba 3.2.9 (see BUG 6195 and the release notes for more details).

Samba 3.2.9

(Updated 31-March-2009)

  • Tuesday, March 31 - Samba 3.2.9 has been released
 Release Notes Samba 3.2.9

Samba 3.2.8

(Updated 03-February-2009)

  • Tuesday, February 03 - Samba 3.2.8 has been released
 Release Notes Samba 3.2.8

Samba 3.2.7

(Updated 05-January-2009)

  • Monday, January 05 - Samba 3.2.7 Security Release has been released to address CVE-2009-0022 ("Potential access to "/" in setups with registry shares enabled")
 Security advisory

Samba 3.2.6

(Updated 28-November-2008)

  • Wednesday, December 10 - Samba 3.2.6 has been released.
 Release Notes Samba 3.2.6

Samba 3.2.5

(Updated 27-November-2008)

  • Thursday, November 27 - Samba 3.2.5 Security Release has been released to address CVE-2008-4314 ("Potential leak of arbitrary memory contents").
 Security advisory

Samba 3.2.4

(Updated 18-September-2008)

  • Thursday, September 18 - Samba 3.2.4 has been released
 Release Notes Samba 3.2.4

Samba 3.2.3

(Updated 27-August-2008)

  • Wednesday, August 27 - Samba 3.2.3 Security Release has been released to address CVE-2008-3789 ("Wrong permissions of group_mapping.ldb")
 Security advisory

Samba 3.2.2

(Updated 18-August-2008)

  • Tuesday, August 19 - Planned release date for 3.2.2 (bugfix release)
 Release Notes Samba 3.2.2

Samba 3.2.1

(Updated 20-July-2008)

  • Tuesday, August 5 - 3.2.1 has been released.
 Release Notes Samba 3.2.1

Samba 3.2.0

(Updated 02-July-2008) The following time based release schedule is currently in play for Samba 3.2.0:

  • Friday, February 29 - Feature freeze for Samba 3.2.0pre2 in the v3-2-stable git branch.
  • Tuesday, March 4 - Samba 3.2.0pre2 has been released.
  • Friday, March 28 - Planned release date for 3.2.0pre3: postponed due to some critical bugs.
  • Friday, April 18 - Planned release date for 3.2.0.: postponed
  • Tuesday, April 22 - Feature freeze for Samba 3.2.0pre3 in the v3-2-stable git branch.
  • Friday, April 25 - Samba 3.2.0pre3 has been released.
  • Friday, May 23 - Samba 3.2.0rc1 has been released.
  • Tuesday, June 10 - Samba 3.2.0rc2 has been released.
  • Tuesday, July 1 - 3.2.0 final has been released.
 Release Notes Samba 3.2.0