Release Planning for Samba 3.5
Samba 3.5. is the current release series.
- 1 Samba 3.5.10
- 2 Samba 3.5.9
- 3 Samba 3.5.8
- 4 Samba 3.5.7
- 5 Samba 3.5.6
- 6 Samba 3.5.5
- 7 Samba 3.5.4
- 8 Samba 3.5.3
- 9 Samba 3.5.2
- 10 Samba 3.5.1
- 11 Samba 3.5.0
- 11.1 This is the first stable release of Samba 3.5.
- 11.2 Changes
- Tuesday, July 26 - Planned release date for Samba 3.5.10
- Tuesday, June 14 - Samba 3.5.9 has been released
- Monday, March 7 - Samba 3.5.8 has been released
- Monday, February 28 - Samba 3.5.7 has been released to address CVE-2011-0719.
- Friday, October 8 - Samba 3.5.6 has been released
- Tuesday, September 14 - Samba 3.5.5 has been released to address CVE-2010-3069.
- Wednesday, June 23 - Samba 3.5.4 has been released
- Release Notes for Samba 3.5.3:
This is the latest stable release of Samba 3.5.
Major enhancements in Samba 3.5.3 include:
- Fix MS-DFS functionality bug #7339.
- Fix a Winbind crash when scanning trusts bug #7389.
- Fix problems with SIGCHLD handling in Winbind bug #7317.
- Wednesday, May 19 - Samba 3.5.3 has been released
- Release Notes for Samba 3.5.2:
- April 7, 2010:
This is the latest stable release of Samba 3.5.
Major enhancements in Samba 3.5.2 include:
- Fix smbd segfaults in _netr_SamLogon for clients sending null domain bug #7237.
- Fix smbd segfaults in "waiting for connections" message bug #7251.
- Fix an uninitialized variable read in smbd bug #7254.
- Fix a memleak in Winbind bug #7278.
- Fix Winbind reconnection to it's own domain bug #7295.
- Wednesday, April 7 - Samba 3.5.2 has been released
- Release Notes for Samba 3.5.1:
- March 8, 2010:
This is a security release in order to address CVE-2010-0728.
- In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code was added to fix a problem with Linux asynchronous IO handling. This code introduced a bad security flaw on Linux platforms if the binaries were built on Linux platforms with libcap support. The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access.
- Monday, March 8 - Samba 3.5.1 has been released to address CVE-2010-0728.
- Release Notes for Samba 3.5.0:
- March 1, 2010:
This is the first stable release of Samba 3.5.
Major enhancements in Samba 3.5.0 include:
- Add support for full Windows timestamp resolution
- The Using Samba HTML book has been removed.
- 'net', 'smbclient' and libsmbclient can use credentials cached by Winbind.
- The default value of "wide links" has been changed to "no".
- Experimental implementation of SMB2
- Add encryption support for connections to a CUPS server
- Major refactoring
- New vfs_scannedonly module has been added.
Support for full Windows timestamp resolution has been added. This effectively makes us use Windows' full 100ns timestamp resolution if supported by the kernel (2.6.22 and higher) and the glibc (2.6 and higher).
The Using Samba HTML book has been removed from the Samba tarball. It is still available at http://www.samba.org/samba/docs/using_samba/toc.html.
Samba client tools like 'net', 'smbclient' and libsmbclient can use the user credentials cached by Winbind at logon time. This is very useful e.g. when connecting to a Samba server using Nautilus without re-entering username and password. This feature is enabled by default and can be disabled per application by setting the LIBSMBCLIENT_NO_CCACHE environment variable.
The default value of "wide links" has been changed to "no" to avoid an insecure default configuration ("wide links = yes" and "unix extensions = yes"). For more details, please see http://www.samba.org/samba/news/symlink_attack.html.
An EXPERIMENTAL implementation of the SMB2 protocol has been added. SMB2 can be enabled by setting "max protocol = smb2". SMB2 is a new implementation of the SMB protocol used by Windows Vista and higher.
A new parameter "cups encrypt" has been added to control whether connections to CUPS servers will be encrypted or not. The default is to use unencrypted connections.
The Winbind daemon has been refactored internally to be asynchronous. The new Winbind will not be blocked by running 'getent group' or 'getent passwd'.
A new VFS module "scannedonly" has been added. This is a filter that talks to an antivirus-engine and stores whether a file is clean or not. Users do only see clean files on their filesystem.
Parameter Name Description Default -------------- ----------- ------- create krb5 conf New yes ctdb timeout New 0 cups encrypt New no debug hires timestamp Changed Default yes ldap deref New auto ldap follow referral New auto nmbd bind explicit broadcast New no wide links Changed Default no
New configure options
--enable-external-libtdb Enable external tdb --enable-netapi Turn on netapi support --enable-pthreadpool Enable pthreads pool helper support --with-cifsumount Include umount.cifs (Linux only) support --with-codepagedir=DIR Where to put codepages
- Monday, March 1 - Samba 3.5.0 has been released