Difference between revisions of "Release Planning for Samba 4.14"

From SambaWiki
(Add 4.14.13)
(Change mode to end of life)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Samba 4.14 is the [[Samba_Release_Planning#Security_Fixes_Only_Mode|'''Security Fixes Only Mode''']].
+
Samba 4.14 has been marked [[Samba_Release_Planning#Discontinued_.28End_of_Life.29|'''discontinued''']].
 
 
==[[Blocker bugs|Release blocking bugs]]==
 
==[[Blocker bugs|Release blocking bugs]]==
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.14 All 4.14 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.14 All 4.14 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.14 Unresolved 4.14 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.14 Unresolved 4.14 regression bugs]
  +
  +
  +
== Samba 4.14.14 ==
  +
  +
<small>('''Updated 27-July-2022''')</small>
  +
  +
* Wednesday, July 27 2022 - [https://download.samba.org/pub/samba/stable/samba-4.14.14.tar.gz Samba 4.14.14] has been released as a '''Security Release''' to address the following defects:
  +
** [https://www.samba.org/samba/security/CVE-2022-2031.html CVE-2022-2031] (Samba AD users can bypass certain restrictions associated with changing passwords)
  +
** [https://www.samba.org/samba/security/CVE-2022-32744.html CVE-2022-32744] (Samba AD users can forge password change requests for any user)
  +
** [https://www.samba.org/samba/security/CVE-2022-32745.html CVE-2022-32745] (Samba AD users can crash the server process with an LDAP add or modify request)
  +
** [https://www.samba.org/samba/security/CVE-2022-32746.html CVE-2022-32746] (Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request)
  +
** [https://www.samba.org/samba/security/CVE-2022-32742.html CVE-2022-32742] (Server memory information leak via SMB1)
  +
[https://www.samba.org/samba/history/samba-4.14.14.html Release Notes Samba 4.14.14]
   
 
== Samba 4.14.13 ==
 
== Samba 4.14.13 ==

Latest revision as of 16:26, 13 September 2022

Samba 4.14 has been marked discontinued.

Release blocking bugs


Samba 4.14.14

(Updated 27-July-2022)

  • Wednesday, July 27 2022 - Samba 4.14.14 has been released as a Security Release to address the following defects:
    • CVE-2022-2031 (Samba AD users can bypass certain restrictions associated with changing passwords)
    • CVE-2022-32744 (Samba AD users can forge password change requests for any user)
    • CVE-2022-32745 (Samba AD users can crash the server process with an LDAP add or modify request)
    • CVE-2022-32746 (Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request)
    • CVE-2022-32742 (Server memory information leak via SMB1)
 Release Notes Samba 4.14.14

Samba 4.14.13

(Updated 4-April-2022)

  • Monday, April 4 2022 - Samba 4.14.13 has been released. There will be security releases only beyond this point.
Release Notes Samba 4.14.13

Samba 4.14.12

(Updated 31-January-2022)

  • Monday, January 31 2022 - Samba 4.14.12 has been released as a Security Release to address the following defects:
    • CVE-2021-44142 (Out-of-Bound Read/Write on Samba vfs_fruit module.)
    • CVE-2022-0336 (Re-adding an SPN skips subsequent SPN conflict checks.)
 Release Notes Samba 4.14.12

Samba 4.14.11

(Updated 15-December-2021)

Release Notes Samba 4.14.11

Samba 4.14.10

(Updated 09-November-2021)

  • Tuesday, November 9 2021 - Samba 4.14.10 has been released as a Security Release to address the following defects:
    • CVE-2020-25717 (A user in an AD Domain could become root on domain members)
    • CVE-2020-25718 (Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC)
    • CVE-2020-25719 (Samba AD DC did not always rely on the SID and PAC in Kerberos tickets)
    • CVE-2020-25721 (Kerberos acceptors need easy access to stable AD identifiers (eg objectSid))
    • CVE-2020-25722 (Samba AD DC did not do sufficient access and conformance checking of data stored)
    • CVE-2016-2124 (SMB1 client connections can be downgraded to plaintext authentication)
    • CVE-2021-3738 (Use after free in Samba AD DC RPC server)
    • CVE-2021-23192 (Subsequent DCE/RPC fragment injection vulnerability)
 Release Notes Samba 4.14.10

Samba 4.14.9

(Updated 27-October-2021)

  • Wednesday, October 27 2021 - Samba 4.14.9 has been released.
Release Notes Samba 4.14.9

Samba 4.14.8

(Updated 05-October-2021)

Release Notes Samba 4.14.8

Samba 4.14.7

(Updated 24-August-2021)

Release Notes Samba 4.14.7

Samba 4.14.6

(Updated 13-July-2021)

Release Notes Samba 4.14.6

Samba 4.14.5

(Updated 01-June-2021)

Release Notes Samba 4.14.5

Samba 4.14.4

(Updated 29-April-2021)

  • Thursday, April 29 2021 - Samba 4.14.4 has been released as a security release to address the following defect:
    • CVE-2021-20254 (Negative idmap cache entries can cause incorrect group entries in the Samba file server process token).
Release Notes Samba 4.14.4

Samba 4.14.3

(Updated 20-April-2021)

  • Tuesday, April 20 2021 - Samba 4.14.3 has been released.
 Release Notes Samba 4.14.3

Samba 4.14.2

(Updated 24-March-2021)

  • Wednesday, March 24 2021 - Samba 4.14.2 has been released as a security release
 Release Notes Samba 4.14.2

Samba 4.14.1

(Updated 24-March-2021)

  • Wednesday, March 24 2021 - Samba 4.14.1 has been released as a security release
 Release Notes Samba 4.14.1

Samba 4.14.0

(Updated 09-March-2021)

 Release Notes Samba 4.14.0

Samba 4.14.0rc4

(Updated 01-March-2021)

  https://download.samba.org/pub/samba/rc/samba-4.14.0rc4.WHATSNEW.txt

Samba 4.14.0rc3

(Updated 18-February-2021)

  https://download.samba.org/pub/samba/rc/samba-4.14.0rc3.WHATSNEW.txt

Samba 4.14.0rc2

(Updated 04-February-2021)

  https://download.samba.org/pub/samba/rc/samba-4.14.0rc2.WHATSNEW.txt

Samba 4.14.0rc1

(Updated 21-January-2021)

 https://download.samba.org/pub/samba/rc/samba-4.14.0rc1.WHATSNEW.txt