Release Planning for Samba 4.15: Difference between revisions
From SambaWiki
(Created page with "Samba 4.15 is the '''new Upcoming release branch'''. ==Release blocking bugs== * [https://bugzilla.samba.org/bugl...") |
(Release Samba v4.15.12) |
||
(43 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
Samba 4.15 is the [[Samba_Release_Planning# |
Samba 4.15 is in the [[Samba_Release_Planning#Security_Fixes_Only_Mode|'''Security Fixes Only Mode''']]. |
||
==[[Blocker bugs|Release blocking bugs]]== |
==[[Blocker bugs|Release blocking bugs]]== |
||
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.15 All 4.15 regression bugs] |
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&query_format=advanced&target_milestone=4.15 All 4.15 regression bugs] |
||
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.15 Unresolved 4.15 regression bugs] |
* [https://bugzilla.samba.org/buglist.cgi?bug_severity=regression&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&query_format=advanced&target_milestone=4.15 Unresolved 4.15 regression bugs] |
||
== Samba 4.15.12 == |
|||
<small>('''Updated 15-November-2022''')</small> |
|||
* Tuesday, November 15 2022 - [https://download.samba.org/pub/samba/stable/samba-4.15.12.tar.gz Samba 4.15.12] has been released as a '''Security Release''' to address the following defects: |
|||
** [https://www.samba.org/samba/security/CVE-2022-42898.html CVE-2022-42898] (Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap) |
|||
[https://www.samba.org/samba/history/samba-4.15.12.html Release Notes Samba 4.15.12] |
|||
== Samba 4.15.11 == |
|||
<small>('''Updated 25-October-2022''')</small> |
|||
* Tuesday, October 25 2022 - [https://download.samba.org/pub/samba/stable/samba-4.15.11.tar.gz Samba 4.15.11] has been released as a '''Security Release''' to address the following defect: |
|||
** [https://www.samba.org/samba/security/CVE-2022-3437.html CVE-2022-3437] (There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba)) |
|||
[https://www.samba.org/samba/history/samba-4.15.11.html Release Notes Samba 4.15.11] |
|||
== Samba 4.15.10 == |
|||
<small>('''Updated 28-September-2022''')</small> |
|||
* Wednesday, September 28 2022 - '''Samba 4.15.10''' has been released. There will be security releases only beyond this point. |
|||
[https://www.samba.org/samba/history/samba-4.15.10.html Release Notes Samba 4.15.10] |
|||
== Samba 4.15.9 == |
|||
<small>('''Updated 27-July-2022''')</small> |
|||
* Wednesday, July 27 2022 - [https://download.samba.org/pub/samba/stable/samba-4.15.9.tar.gz Samba 4.15.9] has been released as a '''Security Release''' to address the following defects: |
|||
** [https://www.samba.org/samba/security/CVE-2022-2031.html CVE-2022-2031] (Samba AD users can bypass certain restrictions associated with changing passwords) |
|||
** [https://www.samba.org/samba/security/CVE-2022-32744.html CVE-2022-32744] (Samba AD users can forge password change requests for any user) |
|||
** [https://www.samba.org/samba/security/CVE-2022-32745.html CVE-2022-32745] (Samba AD users can crash the server process with an LDAP add or modify request) |
|||
** [https://www.samba.org/samba/security/CVE-2022-32746.html CVE-2022-32746] (Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request) |
|||
** [https://www.samba.org/samba/security/CVE-2022-32742.html CVE-2022-32742] (Server memory information leak via SMB1) |
|||
[https://www.samba.org/samba/history/samba-4.15.9.html Release Notes Samba 4.15.9] |
|||
== Samba 4.15.8 == |
|||
<small>('''Updated 28-June-2022''')</small> |
|||
* Tuesday, June 28 2022 - '''Samba 4.15.8''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.8.html Release Notes Samba 4.15.8] |
|||
== Samba 4.15.7 == |
|||
<small>('''Updated 26-April-2022''')</small> |
|||
* Tuesday, April 26 2022 - '''Samba 4.15.7''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.7.html Release Notes Samba 4.15.7] |
|||
== Samba 4.15.6 == |
|||
<small>('''Updated 15-March-2022''')</small> |
|||
* Tuesday, March 15 2022 - '''Samba 4.15.6''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.6.html Release Notes Samba 4.15.6] |
|||
== Samba 4.15.5 == |
|||
<small>('''Updated 31-January-2022''')</small> |
|||
* Monday, January 31 2022 - [https://download.samba.org/pub/samba/stable/samba-4.15.5.tar.gz Samba 4.15.5] has been released as a '''Security Release''' to address the following defects: |
|||
** [https://www.samba.org/samba/security/CVE-2021-44141.html CVE-2021-44141] (UNIX extensions in SMB1 disclose whether the outside target of a symlink exists.) |
|||
** [https://www.samba.org/samba/security/CVE-2021-44142.html CVE-2021-44142] (Out-of-Bound Read/Write on Samba vfs_fruit module.) |
|||
** [https://www.samba.org/samba/security/CVE-2022-0336.html CVE-2022-0336] (Re-adding an SPN skips subsequent SPN conflict checks.) |
|||
[https://www.samba.org/samba/history/samba-4.15.5.html Release Notes Samba 4.15.5] |
|||
== Samba 4.15.4 == |
|||
<small>('''Updated 19-January-2022''')</small> |
|||
* Wednesday, January 19 2022 - '''Samba 4.15.4''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.4.html Release Notes Samba 4.15.4] |
|||
== Samba 4.15.3 == |
|||
<small>('''Updated 08-December-2021''')</small> |
|||
* Wednesday, December 08 2021 - '''Samba 4.15.3''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.3.html Release Notes Samba 4.15.3] |
|||
== Samba 4.15.2 == |
|||
<small>('''Updated 09-November-2021''')</small> |
|||
* Tuesday, November 9 2021 - [https://download.samba.org/pub/samba/stable/samba-4.15.2.tar.gz Samba 4.15.2] has been released as a '''Security Release''' to address the following defects: |
|||
** [https://www.samba.org/samba/security/CVE-2020-25717.html CVE-2020-25717] (A user in an AD Domain could become root on domain members) |
|||
** [https://www.samba.org/samba/security/CVE-2020-25718.html CVE-2020-25718] (Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC) |
|||
** [https://www.samba.org/samba/security/CVE-2020-25719.html CVE-2020-25719] (Samba AD DC did not always rely on the SID and PAC in Kerberos tickets) |
|||
** [https://www.samba.org/samba/security/CVE-2020-25721.html CVE-2020-25721] (Kerberos acceptors need easy access to stable AD identifiers (eg objectSid)) |
|||
** [https://www.samba.org/samba/security/CVE-2020-25722.html CVE-2020-25722] (Samba AD DC did not do sufficient access and conformance checking of data stored) |
|||
** [https://www.samba.org/samba/security/CVE-2016-2124.html CVE-2016-2124] (SMB1 client connections can be downgraded to plaintext authentication) |
|||
** [https://www.samba.org/samba/security/CVE-2021-3738.html CVE-2021-3738] (Use after free in Samba AD DC RPC server) |
|||
** [https://www.samba.org/samba/security/CVE-2021-23192.html CVE-2021-23192] (Subsequent DCE/RPC fragment injection vulnerability) |
|||
[https://www.samba.org/samba/history/samba-4.15.2.html Release Notes Samba 4.15.2] |
|||
== Samba 4.15.1 == |
|||
<small>('''Updated 27-September-2021''')</small> |
|||
* Wednesday, October 27 2021 - '''Samba 4.15.1''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.1.html Release Notes Samba 4.15.1] |
|||
== Samba 4.15.0 == |
|||
<small>('''Updated 20-September-2021''')</small> |
|||
* Monday, September 20 2021 - '''Samba 4.15.0''' has been released. |
|||
[https://www.samba.org/samba/history/samba-4.15.0.html Release Notes Samba 4.15.0] |
|||
== Samba 4.15.0rc7 == |
|||
<small>('''Updated 13-September-2021''')</small> |
|||
* Monday, September 13 2021 - '''Samba 4.15.0rc7''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc7.WHATSNEW.txt Release Notes Samba 4.15.0rc7] |
|||
== Samba 4.15.0rc6 == |
|||
<small>('''Updated 09-September-2021''')</small> |
|||
* Thursday, September 09 2021 - '''Samba 4.15.0rc6''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc6.WHATSNEW.txt Release Notes Samba 4.15.0rc6] |
|||
== Samba 4.15.0rc5 == |
|||
<small>('''Updated 07-September-2021''')</small> |
|||
* Tuesday, September 07 2021 - '''Samba 4.15.0rc5''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc5.WHATSNEW.txt Release Notes Samba 4.15.0rc5] |
|||
== Samba 4.15.0rc4 == |
|||
<small>('''Updated 01-September-2021''')</small> |
|||
* Wednesday, September 01 2021 - '''Samba 4.15.0rc4''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc4.WHATSNEW.txt Release Notes Samba 4.15.0rc4] |
|||
== Samba 4.15.0rc3 == |
|||
<small>('''Updated 26-August-2021''')</small> |
|||
* Thursday, August 26 2021 - '''Samba 4.15.0rc3''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc3.WHATSNEW.txt Release Notes Samba 4.15.0rc3] |
|||
== Samba 4.15.0rc2 == |
|||
<small>('''Updated 09-August-2021''')</small> |
|||
* Monday, August 09 2021 - '''Samba 4.15.0rc2''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc2.WHATSNEW.txt Release Notes Samba 4.15.0rc2] |
|||
== Samba 4.15.0rc1 == |
|||
<small>('''Updated 15-July-2021''')</small> |
|||
* Thursday, July 15 2021 - '''Samba 4.15.0rc1''' has been released. |
|||
[https://download.samba.org/pub/samba/rc/samba-4.15.0rc1.WHATSNEW.txt Release Notes Samba 4.15.0rc1] |
Revision as of 15:52, 15 November 2022
Samba 4.15 is in the Security Fixes Only Mode.
Release blocking bugs
Samba 4.15.12
(Updated 15-November-2022)
- Tuesday, November 15 2022 - Samba 4.15.12 has been released as a Security Release to address the following defects:
- CVE-2022-42898 (Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap)
Release Notes Samba 4.15.12
Samba 4.15.11
(Updated 25-October-2022)
- Tuesday, October 25 2022 - Samba 4.15.11 has been released as a Security Release to address the following defect:
- CVE-2022-3437 (There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba))
Release Notes Samba 4.15.11
Samba 4.15.10
(Updated 28-September-2022)
- Wednesday, September 28 2022 - Samba 4.15.10 has been released. There will be security releases only beyond this point.
Release Notes Samba 4.15.10
Samba 4.15.9
(Updated 27-July-2022)
- Wednesday, July 27 2022 - Samba 4.15.9 has been released as a Security Release to address the following defects:
- CVE-2022-2031 (Samba AD users can bypass certain restrictions associated with changing passwords)
- CVE-2022-32744 (Samba AD users can forge password change requests for any user)
- CVE-2022-32745 (Samba AD users can crash the server process with an LDAP add or modify request)
- CVE-2022-32746 (Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request)
- CVE-2022-32742 (Server memory information leak via SMB1)
Release Notes Samba 4.15.9
Samba 4.15.8
(Updated 28-June-2022)
- Tuesday, June 28 2022 - Samba 4.15.8 has been released.
Release Notes Samba 4.15.8
Samba 4.15.7
(Updated 26-April-2022)
- Tuesday, April 26 2022 - Samba 4.15.7 has been released.
Release Notes Samba 4.15.7
Samba 4.15.6
(Updated 15-March-2022)
- Tuesday, March 15 2022 - Samba 4.15.6 has been released.
Release Notes Samba 4.15.6
Samba 4.15.5
(Updated 31-January-2022)
- Monday, January 31 2022 - Samba 4.15.5 has been released as a Security Release to address the following defects:
- CVE-2021-44141 (UNIX extensions in SMB1 disclose whether the outside target of a symlink exists.)
- CVE-2021-44142 (Out-of-Bound Read/Write on Samba vfs_fruit module.)
- CVE-2022-0336 (Re-adding an SPN skips subsequent SPN conflict checks.)
Release Notes Samba 4.15.5
Samba 4.15.4
(Updated 19-January-2022)
- Wednesday, January 19 2022 - Samba 4.15.4 has been released.
Release Notes Samba 4.15.4
Samba 4.15.3
(Updated 08-December-2021)
- Wednesday, December 08 2021 - Samba 4.15.3 has been released.
Release Notes Samba 4.15.3
Samba 4.15.2
(Updated 09-November-2021)
- Tuesday, November 9 2021 - Samba 4.15.2 has been released as a Security Release to address the following defects:
- CVE-2020-25717 (A user in an AD Domain could become root on domain members)
- CVE-2020-25718 (Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC)
- CVE-2020-25719 (Samba AD DC did not always rely on the SID and PAC in Kerberos tickets)
- CVE-2020-25721 (Kerberos acceptors need easy access to stable AD identifiers (eg objectSid))
- CVE-2020-25722 (Samba AD DC did not do sufficient access and conformance checking of data stored)
- CVE-2016-2124 (SMB1 client connections can be downgraded to plaintext authentication)
- CVE-2021-3738 (Use after free in Samba AD DC RPC server)
- CVE-2021-23192 (Subsequent DCE/RPC fragment injection vulnerability)
Release Notes Samba 4.15.2
Samba 4.15.1
(Updated 27-September-2021)
- Wednesday, October 27 2021 - Samba 4.15.1 has been released.
Release Notes Samba 4.15.1
Samba 4.15.0
(Updated 20-September-2021)
- Monday, September 20 2021 - Samba 4.15.0 has been released.
Release Notes Samba 4.15.0
Samba 4.15.0rc7
(Updated 13-September-2021)
- Monday, September 13 2021 - Samba 4.15.0rc7 has been released.
Release Notes Samba 4.15.0rc7
Samba 4.15.0rc6
(Updated 09-September-2021)
- Thursday, September 09 2021 - Samba 4.15.0rc6 has been released.
Release Notes Samba 4.15.0rc6
Samba 4.15.0rc5
(Updated 07-September-2021)
- Tuesday, September 07 2021 - Samba 4.15.0rc5 has been released.
Release Notes Samba 4.15.0rc5
Samba 4.15.0rc4
(Updated 01-September-2021)
- Wednesday, September 01 2021 - Samba 4.15.0rc4 has been released.
Release Notes Samba 4.15.0rc4
Samba 4.15.0rc3
(Updated 26-August-2021)
- Thursday, August 26 2021 - Samba 4.15.0rc3 has been released.
Release Notes Samba 4.15.0rc3
Samba 4.15.0rc2
(Updated 09-August-2021)
- Monday, August 09 2021 - Samba 4.15.0rc2 has been released.
Release Notes Samba 4.15.0rc2
Samba 4.15.0rc1
(Updated 15-July-2021)
- Thursday, July 15 2021 - Samba 4.15.0rc1 has been released.
Release Notes Samba 4.15.0rc1