Release Planning for Samba 3.4: Difference between revisions

From SambaWiki
No edit summary
 
(35 intermediate revisions by 2 users not shown)
Line 1: Line 1:
With the release of Samba 4.0.0, Samba 3.4 has been marked '''discontinued'''.
Samba 3.4 is in the '''maintenance''' mode, which means there will be bug fix and security releases
for this series.


== Samba 3.4.13 ==
=== Samba 3.4 discontinued ===
('''Updated 11-December-2013''')
:Release Notes for Samba 3.4.13
:April 21, 2011
===This is the latest stable release of Samba 3.4.===


With the release of Samba 4.0.0, Samba 3.4 has been marked '''discontinued'''.
====Major enhancements in Samba 3.4.13 include:====


== Samba 3.4.17 ==
* Fix Winbind crash caused by null pointer reference [https://bugzilla.samba.org/show_bug.cgi?id=8086 bug #8086].
('''Updated 30-April-2012''')
* Fix incorrect timeout handling in ncacn_ip_tcp client code [https://bugzilla.samba.org/show_bug.cgi?id=8085 bug #8085].


* Monday, April 30 - Samba 3.4.17 '''Security Release''' has been released in order to address [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 CVE-2012-2111 (Incorrect permission checks when granting/removing privileges can compromise file server security)].
[http://www.samba.org/samba/history/samba-3.4.17.html Release Notes Samba 3.4.17]

== Samba 3.4.16 ==
('''Updated 10-April-2012''')

* Tuesday, April 10 - Samba 3.4.16 '''Security Release''' has been released in order to address [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 CVE-2012-1182 ("root" credential remote code execution)].
[http://www.samba.org/samba/history/samba-3.4.16.html Release Notes Samba 3.4.16]

== Samba 3.4.15 ==
('''Updated 23-August-2011''')

* Tuesday, August 23 - Samba 3.4.15 has been released.
[http://www.samba.org/samba/history/samba-3.4.15.html Release Notes Samba 3.4.15]

Please note that this will be the '''last bugfix release''' of Samba 3.4 series!

== Samba 3.4.14 ==
('''Updated 26-July-2011''')

* Tuesday, July 26 - Samba 3.4.14 has been released to address [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522 CVE-2011-2522] and [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694 CVE-2011-2694].
[http://www.samba.org/samba/history/samba-3.4.14.html Release Notes Samba 3.4.14]

== Samba 3.4.13 ==
('''Updated 21-April-2011''')
('''Updated 21-April-2011''')


Line 18: Line 39:


== Samba 3.4.12 ==
== Samba 3.4.12 ==
:Release Notes for Samba 3.4.12
:February 28, 2011

===This is a security release in order to address CVE-2011-0719.===


* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719 CVE-2011-0719]:
: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

('''Updated 28-February-2011''')
('''Updated 28-February-2011''')


Line 33: Line 45:


== Samba 3.4.11 ==
== Samba 3.4.11 ==
:Release Notes for Samba 3.4.11
:January 23 2011

===This is the latest stable release of Samba 3.4. It addresses the issue introduced with Samba 3.4.10:===

* Fix connecting to port-139 only servers [https://bugzilla.samba.org/show_bug.cgi?id=7881 bug #7881].

('''Updated 23-January-2011''')
('''Updated 23-January-2011''')


Line 46: Line 51:


== Samba 3.4.10 ==
== Samba 3.4.10 ==
:Release Notes for Samba 3.4.10
:January 22, 2011

===This is the latest stable release of Samba 3.4.===

====Major enhancements in Samba 3.4.10:====

* Fix smbd coredump [https://bugzilla.samba.org/show_bug.cgi?id=7617 bug #7617].
* Fix Winbind internal error [https://bugzilla.samba.org/show_bug.cgi?id=7636 bug #7636].
* Fix flaky Winbind against w2k8 [https://bugzilla.samba.org/show_bug.cgi?id=7881 bug #7881].
('''Updated 22-January-2011''')
('''Updated 22-January-2011''')


Line 62: Line 57:


== Samba 3.4.9 ==
== Samba 3.4.9 ==
:Release Notes for Samba 3.4.9
:September 14, 2010

===This is a security release in order to address CVE-2010-3069.===


* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069 CVE-2010-3069]:
: All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server.
('''Updated 14-September-2010''')
('''Updated 14-September-2010''')


Line 76: Line 63:


== Samba 3.4.8 ==
== Samba 3.4.8 ==
:Release Notes for Samba 3.4.8
:May 11, 2010

===This is the latest stable release of Samba 3.4.===

====Major enhancements in Samba 3.4.8 include:====

* Fix Winbind reconnection to it's own domain [https://bugzilla.samba.org/show_bug.cgi?id=7295 bug #7295].
* Fix an uninitialized variable read in smbd [https://bugzilla.samba.org/show_bug.cgi?id=7254 bug #7254].
* Fix smbd crash with CUPS printers and no [printers] share defined [https://bugzilla.samba.org/show_bug.cgi?id=7297 bug #7297].
* Fix NULL pointer dereference in smbd [https://bugzilla.samba.org/show_bug.cgi?id=7229 bug #7229].
('''Updated 11-March-2010''')
('''Updated 11-March-2010''')


Line 93: Line 69:


== Samba 3.4.7 ==
== Samba 3.4.7 ==
:Release Notes for Samba 3.4.7
:March 8, 2010

===This is a security release in order to address CVE-2010-0728.===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 CVE-2010-0728]:
: In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code was added to fix a problem with Linux asynchronous IO handling. This code introduced a bad security flaw on Linux platforms if the binaries were built on Linux platforms with libcap support. The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access.
('''Updated 09-March-2010''')
('''Updated 09-March-2010''')


Line 106: Line 75:


== Samba 3.4.6 ==
== Samba 3.4.6 ==
:Release Notes for Samba 3.4.6
:February 24, 2010

===This is the latest stable release of Samba 3.4.===

====Major enhancements in Samba 3.4.6 include:====

* "wide links" and "unix extensions" are incompatible [https://bugzilla.samba.org/show_bug.cgi?id=7104 bug #7104].
* Fix printing with 64 bit clients [https://bugzilla.samba.org/show_bug.cgi?id=6888 bug #6888].
* Fix core dump on Ubuntu 8.04 64 bit [https://bugzilla.samba.org/show_bug.cgi?id=7063 bug #7063].
* Fix failing of smbd to respond to a read or a write caused by Linux asynchronous IO (aio) [https://bugzilla.samba.org/show_bug.cgi?id=7067 bug #7067].
* Fix string buffer overflow causing heap corruption in smbd [https://bugzilla.samba.org/show_bug.cgi?id=7096 bug #7096].
('''Updated 24-February-2010''')
('''Updated 24-February-2010''')


Line 124: Line 81:


== Samba 3.4.5 ==
== Samba 3.4.5 ==
:Release Notes for Samba 3.4.5
:January 19, 2010

===This is the latest stable release of Samba 3.4.===

====Major enhancements in Samba 3.4.5 include:====

* Fix memory leak in smbd [https://bugzilla.samba.org/show_bug.cgi?id=7020 bug #7020].
* Fix changing of ACLs on writable files with "dos filemode=yes" [https://bugzilla.samba.org/show_bug.cgi?id=5202 bug #5202].
('''Updated 19-January-2010''')
('''Updated 19-January-2010''')


Line 139: Line 87:


== Samba 3.4.4 ==
== Samba 3.4.4 ==

('''Updated 07-January-2010''')
('''Updated 07-January-2010''')


Line 146: Line 93:


== Samba 3.4.3 ==
== Samba 3.4.3 ==

('''Updated 29-October-2009''')
('''Updated 29-October-2009''')


Line 153: Line 99:


== Samba 3.4.2 ==
== Samba 3.4.2 ==

('''Updated 1-October-2009''')
('''Updated 1-October-2009''')


Line 162: Line 107:


== Samba 3.4.1 ==
== Samba 3.4.1 ==

('''Updated 9-September-2009''')
('''Updated 9-September-2009''')


Line 169: Line 113:


== Samba 3.4.0 ==
== Samba 3.4.0 ==

('''Updated 3-July-2009''')
('''Updated 3-July-2009''')



Latest revision as of 13:13, 17 May 2013

With the release of Samba 4.0.0, Samba 3.4 has been marked discontinued.

Samba 3.4 discontinued

(Updated 11-December-2013)

With the release of Samba 4.0.0, Samba 3.4 has been marked discontinued.

Samba 3.4.17

(Updated 30-April-2012)

 Release Notes Samba 3.4.17

Samba 3.4.16

(Updated 10-April-2012)

 Release Notes Samba 3.4.16

Samba 3.4.15

(Updated 23-August-2011)

  • Tuesday, August 23 - Samba 3.4.15 has been released.
 Release Notes Samba 3.4.15

Please note that this will be the last bugfix release of Samba 3.4 series!

Samba 3.4.14

(Updated 26-July-2011)

 Release Notes Samba 3.4.14

Samba 3.4.13

(Updated 21-April-2011)

  • Thursday, April 21 - Samba 3.4.13 has been released
 Release Notes Samba 3.4.13

Samba 3.4.12

(Updated 28-February-2011)

  • Monday, February 28 - Samba 3.4.12 has been released to address CVE-2011-0719.
 Release Notes Samba 3.4.12

Samba 3.4.11

(Updated 23-January-2011)

  • Sunday, January 23 - Samba 3.4.11 has been released to fix connections to port-139 only servers (broken in Samba 3.4.10, please see bug #7881 for details)
 Release Notes Samba 3.4.11

Samba 3.4.10

(Updated 22-January-2011)

  • Saturday, January 22 - Samba 3.4.10 has been released
 Release Notes Samba 3.4.10

Samba 3.4.9

(Updated 14-September-2010)

  • Tuesday, September 14 - Samba 3.4.9 has been released to address CVE-2010-3069.
 Release Notes Samba 3.4.9

Samba 3.4.8

(Updated 11-March-2010)

  • Tuesday, May 11 - Samba 3.4.8 has been released
 Release Notes Samba 3.4.8

Samba 3.4.7

(Updated 09-March-2010)

  • Monday, March 8 - Samba 3.4.7 has been released to address CVE-2010-0728.
 Release Notes Samba 3.4.7

Samba 3.4.6

(Updated 24-February-2010)

  • Wednesday, February 24 - Samba 3.4.6 has been released
 Release Notes Samba 3.4.6

Samba 3.4.5

(Updated 19-January-2010)

  • Tuesday, January 19 - Samba 3.4.5 has been released
 Release Notes Samba 3.4.5

Samba 3.4.4

(Updated 07-January-2010)

  • Thursday, January 7 - Samba 3.4.4 has been released
 Release Notes Samba 3.4.4

Samba 3.4.3

(Updated 29-October-2009)

  • Thursday, October 29 - Samba 3.4.3 has been released
 Release Notes Samba 3.4.3

Samba 3.4.2

(Updated 1-October-2009)

  • Thursday, October 1 - Samba 3.4.2 has been issued as Security Release to address CVE-2009-2906,

CVE-2009-2906 and CVE-2009-2813.

 Release Notes Samba 3.4.2

Samba 3.4.1

(Updated 9-September-2009)

  • Wednesday, September 9 - Samba 3.4.1 has been released
 Release Notes Samba 3.4.1

Samba 3.4.0

(Updated 3-July-2009)

  • Tuesday, June 2 - Samba 3.4.0pre2 has been released
  • Thursday, April 30 - Samba 3.4.0pre1 has been released
  • Friday, June 19 - Samba 3.4.0rc1 has been released
  • Friday, July 3 - Samba 3.4.0 has been released
 Release Notes Samba 3.4.0