Difference between revisions of "Release Planning for Samba 3.4"

(Samba 3.4.5 full changelog)
(Samba 3.4.4 full changelog)
Line 139: Line 139:
  
 
== Samba 3.4.4 ==
 
== Samba 3.4.4 ==
 +
:Release Notes for Samba 3.4.4
 +
:January 7, 2010
  
 +
===This is the latest stable release of Samba 3.4.===
 +
 +
====Major enhancements in Samba 3.4.4 include:====
 +
 +
* Fix interdomain trust relationships with Win2008R2 (bug #6697).
 +
* Fix Winbind crashes when queried from nss (bug #6889).
 +
* Fix Winbind crash when retrieving empty group members (bug #7014).
 +
* Fix "UID range full" error in Winbind (bug #6901).
 +
* Fix multiple LDAP servers in "idmap backend" and "idmap alloc backend" (bug #6910).
 
('''Updated 07-January-2010''')
 
('''Updated 07-January-2010''')
  

Revision as of 09:51, 4 May 2011

Samba 3.4 is in the maintenance mode, which means there will be bug fix and security releases for this series.

Samba 3.4.13

Release Notes for Samba 3.4.13
April 21, 2011

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.13 include:

  • Fix Winbind crash caused by null pointer reference bug #8086.
  • Fix incorrect timeout handling in ncacn_ip_tcp client code bug #8085.

(Updated 21-April-2011)

  • Thursday, April 21 - Samba 3.4.13 has been released
 Release Notes Samba 3.4.13

Samba 3.4.12

Release Notes for Samba 3.4.12
February 28, 2011

This is a security release in order to address CVE-2011-0719.

All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

(Updated 28-February-2011)

  • Monday, February 28 - Samba 3.4.12 has been released to address CVE-2011-0719.
 Release Notes Samba 3.4.12

Samba 3.4.11

Release Notes for Samba 3.4.11
January 23 2011

This is the latest stable release of Samba 3.4. It addresses the issue introduced with Samba 3.4.10:

  • Fix connecting to port-139 only servers bug #7881.

(Updated 23-January-2011)

  • Sunday, January 23 - Samba 3.4.11 has been released to fix connections to port-139 only servers (broken in Samba 3.4.10, please see bug #7881 for details)
 Release Notes Samba 3.4.11

Samba 3.4.10

Release Notes for Samba 3.4.10
January 22, 2011

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.10:

(Updated 22-January-2011)

  • Saturday, January 22 - Samba 3.4.10 has been released
 Release Notes Samba 3.4.10

Samba 3.4.9

Release Notes for Samba 3.4.9
September 14, 2010

This is a security release in order to address CVE-2010-3069.

All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server.

(Updated 14-September-2010)

  • Tuesday, September 14 - Samba 3.4.9 has been released to address CVE-2010-3069.
 Release Notes Samba 3.4.9

Samba 3.4.8

Release Notes for Samba 3.4.8
May 11, 2010

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.8 include:

  • Fix Winbind reconnection to it's own domain bug #7295.
  • Fix an uninitialized variable read in smbd bug #7254.
  • Fix smbd crash with CUPS printers and no [printers] share defined bug #7297.
  • Fix NULL pointer dereference in smbd bug #7229.

(Updated 11-March-2010)

  • Tuesday, May 11 - Samba 3.4.8 has been released
 Release Notes Samba 3.4.8

Samba 3.4.7

Release Notes for Samba 3.4.7
March 8, 2010

This is a security release in order to address CVE-2010-0728.

In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code was added to fix a problem with Linux asynchronous IO handling. This code introduced a bad security flaw on Linux platforms if the binaries were built on Linux platforms with libcap support. The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access.

(Updated 09-March-2010)

  • Monday, March 8 - Samba 3.4.7 has been released to address CVE-2010-0728.
 Release Notes Samba 3.4.7

Samba 3.4.6

Release Notes for Samba 3.4.6
February 24, 2010

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.6 include:

  • "wide links" and "unix extensions" are incompatible bug #7104.
  • Fix printing with 64 bit clients bug #6888.
  • Fix core dump on Ubuntu 8.04 64 bit bug #7063.
  • Fix failing of smbd to respond to a read or a write caused by Linux asynchronous IO (aio) bug #7067.
  • Fix string buffer overflow causing heap corruption in smbd bug #7096.

(Updated 24-February-2010)

  • Wednesday, February 24 - Samba 3.4.6 has been released
 Release Notes Samba 3.4.6

Samba 3.4.5

Release Notes for Samba 3.4.5
January 19, 2010

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.5 include:

  • Fix memory leak in smbd bug #7020.
  • Fix changing of ACLs on writable files with "dos filemode=yes" bug #5202.

(Updated 19-January-2010)

  • Tuesday, January 19 - Samba 3.4.5 has been released
 Release Notes Samba 3.4.5

Samba 3.4.4

Release Notes for Samba 3.4.4
January 7, 2010

This is the latest stable release of Samba 3.4.

Major enhancements in Samba 3.4.4 include:

  • Fix interdomain trust relationships with Win2008R2 (bug #6697).
  • Fix Winbind crashes when queried from nss (bug #6889).
  • Fix Winbind crash when retrieving empty group members (bug #7014).
  • Fix "UID range full" error in Winbind (bug #6901).
  • Fix multiple LDAP servers in "idmap backend" and "idmap alloc backend" (bug #6910).

(Updated 07-January-2010)

  • Thursday, January 7 - Samba 3.4.4 has been released
 Release Notes Samba 3.4.4

Samba 3.4.3

(Updated 29-October-2009)

  • Thursday, October 29 - Samba 3.4.3 has been released
 Release Notes Samba 3.4.3

Samba 3.4.2

(Updated 1-October-2009)

  • Thursday, October 1 - Samba 3.4.2 has been issued as Security Release to address CVE-2009-2906,

CVE-2009-2906 and CVE-2009-2813.

 Release Notes Samba 3.4.2

Samba 3.4.1

(Updated 9-September-2009)

  • Wednesday, September 9 - Samba 3.4.1 has been released
 Release Notes Samba 3.4.1

Samba 3.4.0

(Updated 3-July-2009)

  • Tuesday, June 2 - Samba 3.4.0pre2 has been released
  • Thursday, April 30 - Samba 3.4.0pre1 has been released
  • Friday, June 19 - Samba 3.4.0rc1 has been released
  • Friday, July 3 - Samba 3.4.0 has been released
 Release Notes Samba 3.4.0