Difference between revisions of "Release Planning for Samba 4.15"

From SambaWiki
(→‎Samba 4.15.2: add CVEs)
 
(7 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Samba 4.15 is the [[Samba_Release_Planning#Upcoming_Release|'''new upcoming release branch''']].
+
Samba 4.15 is the [[Samba_Release_Planning#Current_Stable_Release|'''current stable release series''']].
   
 
==[[Blocker bugs|Release blocking bugs]]==
 
==[[Blocker bugs|Release blocking bugs]]==
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.15 All 4.15 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.15 All 4.15 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.15 Unresolved 4.15 regression bugs]
 
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.15 Unresolved 4.15 regression bugs]
  +
  +
== Samba 4.15.3 ==
  +
  +
<small>('''Updated 09-November-2021''')</small>
  +
  +
* Wednesday, December 8 2021 - Planned release date for '''Samba 4.15.3'''.
  +
  +
== Samba 4.15.2 ==
  +
  +
<small>('''Updated 09-November-2021''')</small>
  +
  +
* Tuesday, November 9 2021 - [https://download.samba.org/pub/samba/stable/samba-4.15.2.tar.gz Samba 4.15.2] has been released as a '''Security Release''' to address the following defects:
  +
** [https://www.samba.org/samba/security/CVE-2020-25717.html CVE-2020-25717] (A user in an AD Domain could become root on domain members)
  +
** [https://www.samba.org/samba/security/CVE-2020-25718.html CVE-2020-25718] (Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC)
  +
** [https://www.samba.org/samba/security/CVE-2020-25719.html CVE-2020-25719] (Samba AD DC did not always rely on the SID and PAC in Kerberos tickets)
  +
** [https://www.samba.org/samba/security/CVE-2020-25721.html CVE-2020-25721] (Kerberos acceptors need easy access to stable AD identifiers (eg objectSid))
  +
** [https://www.samba.org/samba/security/CVE-2020-25722.html CVE-2020-25722] (Samba AD DC did not do sufficient access and conformance checking of data stored)
  +
** [https://www.samba.org/samba/security/CVE-2016-2124.html CVE-2016-2124] (SMB1 client connections can be downgraded to plaintext authentication)
  +
** [https://www.samba.org/samba/security/CVE-2021-3738.html CVE-2021-3738] (Use after free in Samba AD DC RPC server)
  +
** [https://www.samba.org/samba/security/CVE-2021-23192.html CVE-2021-23192] (Subsequent DCE/RPC fragment injection vulnerability)
  +
[https://www.samba.org/samba/history/samba-4.15.2.html Release Notes Samba 4.15.2]
  +
  +
== Samba 4.15.1 ==
  +
  +
<small>('''Updated 27-September-2021''')</small>
  +
  +
* Wednesday, October 27 2021 - '''Samba 4.15.1''' has been released.
  +
[https://www.samba.org/samba/history/samba-4.15.1.html Release Notes Samba 4.15.1]
   
 
== Samba 4.15.0 ==
 
== Samba 4.15.0 ==
Line 9: Line 37:
 
<small>('''Updated 20-September-2021''')</small>
 
<small>('''Updated 20-September-2021''')</small>
   
* Monday, September 20 2021 - Planned release date for '''Samba 4.15.0'''.
+
* Monday, September 20 2021 - '''Samba 4.15.0''' has been released.
  +
[https://www.samba.org/samba/history/samba-4.15.0.html Release Notes Samba 4.15.0]
   
 
== Samba 4.15.0rc7 ==
 
== Samba 4.15.0rc7 ==

Latest revision as of 20:56, 9 November 2021

Samba 4.15 is the current stable release series.

Release blocking bugs

Samba 4.15.3

(Updated 09-November-2021)

  • Wednesday, December 8 2021 - Planned release date for Samba 4.15.3.

Samba 4.15.2

(Updated 09-November-2021)

  • Tuesday, November 9 2021 - Samba 4.15.2 has been released as a Security Release to address the following defects:
    • CVE-2020-25717 (A user in an AD Domain could become root on domain members)
    • CVE-2020-25718 (Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC)
    • CVE-2020-25719 (Samba AD DC did not always rely on the SID and PAC in Kerberos tickets)
    • CVE-2020-25721 (Kerberos acceptors need easy access to stable AD identifiers (eg objectSid))
    • CVE-2020-25722 (Samba AD DC did not do sufficient access and conformance checking of data stored)
    • CVE-2016-2124 (SMB1 client connections can be downgraded to plaintext authentication)
    • CVE-2021-3738 (Use after free in Samba AD DC RPC server)
    • CVE-2021-23192 (Subsequent DCE/RPC fragment injection vulnerability)
 Release Notes Samba 4.15.2

Samba 4.15.1

(Updated 27-September-2021)

  • Wednesday, October 27 2021 - Samba 4.15.1 has been released.
 Release Notes Samba 4.15.1

Samba 4.15.0

(Updated 20-September-2021)

  • Monday, September 20 2021 - Samba 4.15.0 has been released.
 Release Notes Samba 4.15.0

Samba 4.15.0rc7

(Updated 13-September-2021)

  • Monday, September 13 2021 - Samba 4.15.0rc7 has been released.
 Release Notes Samba 4.15.0rc7

Samba 4.15.0rc6

(Updated 09-September-2021)

  • Thursday, September 09 2021 - Samba 4.15.0rc6 has been released.
 Release Notes Samba 4.15.0rc6

Samba 4.15.0rc5

(Updated 07-September-2021)

  • Tuesday, September 07 2021 - Samba 4.15.0rc5 has been released.
 Release Notes Samba 4.15.0rc5

Samba 4.15.0rc4

(Updated 01-September-2021)

  • Wednesday, September 01 2021 - Samba 4.15.0rc4 has been released.
 Release Notes Samba 4.15.0rc4

Samba 4.15.0rc3

(Updated 26-August-2021)

  • Thursday, August 26 2021 - Samba 4.15.0rc3 has been released.
 Release Notes Samba 4.15.0rc3

Samba 4.15.0rc2

(Updated 09-August-2021)

  • Monday, August 09 2021 - Samba 4.15.0rc2 has been released.
 Release Notes Samba 4.15.0rc2

Samba 4.15.0rc1

(Updated 15-July-2021)

  • Thursday, July 15 2021 - Samba 4.15.0rc1 has been released.
 Release Notes Samba 4.15.0rc1