Samba 4.9 Features added/changed: Difference between revisions

From SambaWiki
(21 intermediate revisions by the same user not shown)
Line 1: Line 1:
Samba 4.9 is [[Samba_Release_Planning#Current_Stable_Release|'''Current Stable Release''']].
Samba 4.9 is [[Samba_Release_Planning#Security_Fixes_Only_Mode|''''Security Fixes_Only Mode'']].

==Samba 4.9.17==
:Release Notes for Samba 4.9.17
:December 10, 2019

===This is a security release in order to address the following defects:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861 CVE-2019-14861]: Samba AD DC zone-named record Denial of Service in DNS management server (dnsserver).
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870 CVE-2019-14870]: DelegationNotAllowed not being enforced in protocol transition on Samba AD DC.

===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861 CVE-2019-14861]:
:An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870 CVE-2019-14870]:
:The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC.

For more details and workarounds, please refer to the security advisories.

===Changes since 4.9.16:===

*Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14138 BUG #14138]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861 CVE-2019-14861]: Fix DNSServer RPC server crash.
* Isaac Boukris <iboukris@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14187 BUG #14187]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870 CVE-2019-14870]: DelegationNotAllowed not being enforced.

https://www.samba.org/samba/history/samba-4.9.17.html

==Samba 4.9.16==
:Release Notes for Samba 4.9.16
:November 27, 2019

===This is an additional bug fix release to address [https://bugzilla.samba.org/show_bug.cgi?id=14175 BUG #14175]===
:CTDB: Incoming queue can be orphaned causing communication breakdown.

===Changes since 4.9.15:===
---------------------

* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14175 BUG #14175]: ctdb: Avoid communication breakdown on node reconnect.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14175 BUG #14175]: ctdb: Incoming queue can be orphaned causing communication breakdown.

https://www.samba.org/samba/history/samba-4.9.16.html

==Samba 4.9.15==
:Release Notes for Samba 4.9.15
:October 29, 2019

===This is a security release in order to address the following defects:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218 CVE-2019-10218]: Client code can return filenames containing path separators.
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833 CVE-2019-14833]: Samba AD DC check password script does not receive the full password.
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847 CVE-2019-14847]: User with "get changes" permission can crash AD DC LDAP server via dirsync.

===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218 CVE-2019-10218]:
:Malicious servers can cause Samba client code to return filenames containing path separators to calling code.
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833 CVE-2019-14833]:
:When the password contains multi-byte (non-ASCII) characters, the check password script does not receive the full password string.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847 CVE-2019-14847]:
:Users with the "get changes" extended access right can crash the AD DC LDAP server by requesting an attribute using the range= syntax.

For more details and workarounds, please refer to the security advisories.

===Changes since 4.9.14:===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14007 BUG #14071]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 CVE-2019-10197]CVE-2019-10218 - s3: libsmb: Protect SMB1 and SMB2 client code from evil server returned names.

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=12438 BUG #12438]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833 CVE-2019-14833]: Use utf8 characters in the unacceptable password.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14040 BUG #14040]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847 CVE-2019-14847] dsdb: Correct behaviour of ranged_results when combined with dirsync.
* Björn Baumbach <bb@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=12438 BUG #12438]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833 CVE-2019-14833] dsdb: Send full password to check password script.

https://www.samba.org/samba/history/samba-4.9.15.html

==Samba 4.9.14==
:Release Notes for Samba 4.9.14
:October 22, 2019

===This is the last bugfix release of the Samba 4.9 release series. There will be security releases only beyond this point.===

===Changes since 4.9.13:===
* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14094 BUG #14094]: smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir().
* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13978 BUG #13978]: s4/scripting: MORE py3 compatible print functions.
* Andrew Bartlett <abartlet@samba.org>
:* ldb: release ldb 1.4.8
:* [https://bugzilla.samba.org/show_bug.cgi?id=13959 BUG #13959]: ldb_tdb fails to check error return when parsing pack formats.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13978 BUG #13978]: undoguididx: Add "or later" to warning about using tools from Samba 4.8.
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14038 BUG #14038]: ctdb: Fix compilation on systems with glibc robust mutexes.
* Isaac Boukris <iboukris@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14106 BUG #14106]: Fix spnego fallback from kerberos to ntlmssp in smbd server.
* Poornima G <pgurusid@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14098 BUG #14098]: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
* Aaron Haslett <aaronhaslett@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13977 BUG #13977]: ldb: baseinfo pack format check on init.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13978 BUG #13978]: sambaundoguidindex is untested and py2-only.
* Amitay Isaacs <amitay@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14147 BUG #14147]: ctdb-vacuum: Process all records not deleted on a remote node.
* Björn Jacke <bj@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14139 BUG #14139]: Fault.c: Improve fault_report message text pointing to our wiki.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14055 BUG #14055]: libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14084 BUG #14084]: ctdb-tcp: Mark node as disconnected if incoming connection goes away.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14087 BUG #14087]: 'ctdb stop' command completes before databases are frozen.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14129 BUG #14129]: Exit code of ctdb nodestatus should not be influenced by deleted nodes.
* Evgeny Sinelnikov <sin@altlinux.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14007 BUG #14007]: s3:ldap: Fix join with don't exists machine account.

https://www.samba.org/samba/history/samba-4.9.14.html

==Samba 4.9.13==
:Release Notes for Samba 4.9.13
:September 03, 2019

===This is a security release in order to address the following defect:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 CVE-2019-10197]: Combination of parameters and permissions can allow user to escape from the share path definition.

===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 CVE-2019-10197]:
:Under certain parameter configurations, when an SMB client accesses a network share and the user does not have permission to access the share root directory, it is possible for the user to escape from the share to see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.

===Changes since 4.9.12:===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14035 BUG #14035]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 CVE-2019-10197]: Permissions check deny can allow user to escape from the share.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14035 BUG #14035]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197 CVE-2019-10197]: Permissions check deny can allow user to escape from the share.

https://www.samba.org/samba/history/samba-4.9.13.html

==Samba 4.9.12==
:Release Notes for Samba 4.9.12
:August 27, 2019

===This is the latest stable release of the Samba 4.9 release series.===

===Changes since 4.9.11:===

* Michael Adam <obnox@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13972 BUG #13972]: vfs:glusterfs_fuse: Different Device Id for GlusterFS FUSE mount is causing data loss in CTDB cluster.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14010 BUG #14010]: vfs:glusterfs_fuse: Unable to create or rename file/directory inside shares configured with fs_glusterfs_fuse module.
* Björn Baumbach <bb@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13973 BUG #13973]: samba-tool: Add 'import samba.drs_utils' to fsmo.py.
* Tim Beale <timbeale@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14008 BUG #14008]: dsdb: Handle DB corner-case where PSO container doesn't exist.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14021 BUG #14021]: s4/libnet: Fix joining a Windows pre-2008R2 DC.
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14015 BUG #14015]: vfs_catia: Pass stat info to synthetic_smb_fname().
:* [https://bugzilla.samba.org/show_bug.cgi?id=14033 BUG #14033]: Samba 4.9 doesn't build with libtevent 0.9.39.
* Alexander Bokovoy <ab@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14091 BUG #14091]: lookup_name: Allow own domain lookup when flags == 0.
* Isaac Boukris <iboukris@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=11362 BUG #11362]: Add PrimaryGroupId to group array in DC response.
* Anoop C S <anoopcs@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14035 BUG #14035]: vfs_glusterfs: Enable profiling for file system operations.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13915 BUG #13915]: DEBUGC and DEBUGADDC doesn't print into a class specific log file.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13949 BUG #13949]: Request to keep deprecated option "server schannel", VMWare Quickprep requires "auto".
:* [https://bugzilla.samba.org/show_bug.cgi?id=13967 BUG #13967]: dbcheck: Fallback to the default tombstoneLifetime of 180 days.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13969 BUG #13969]: dnsProperty fails to decode values from older Windows versions.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13973 BUG #13973]: samba-tool: fsmo transfer is not reliable for the dns related partitions role transfer.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14032 BUG #14032]: vfs_gpfs: Fix NFSv4 ACL for owner with IDMAP_TYPE_BOTH.
* Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14017 BUG #14017]BUG 14017: ctdb-config: Depend on /etc/ctdb/nodes file.

https://www.samba.org/samba/history/samba-4.9.12.html

==Samba 4.9.11==
:Release Notes for Samba 4.9.11
:July 03, 2019

===This is the latest stable release of the Samba 4.9 release series.===

In yesterday's Samba 4.9.10 release, LDAP_REFERRAL_SCHEME_OPAQUE was added to db_module.h in order to fix bug #12478. Unfortunately, the ldb version was not
raised. Samba >= 4.9.10 is no longer able to build with ldb 1.4.6. This version includes the new ldb version. Please note that there are just the version bumps in ldb and Samba, no code change. If you don't build Samba with an external ldb library, you can ignore this release and keep using 4.9.11.


===Changes since 4.9.10:===

* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=12478 BUG #12478]: ldb: Release ldb 1.4.7.

https://www.samba.org/samba/history/samba-4.9.11.html

==Samba 4.9.10==
:Release Notes for Samba 4.9.10
:July 02, 2019

===This is the latest stable release of the Samba 4.9 release series.===

===Changes since 4.9.9:===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13938 BUG #13938]: s3: SMB1: Don't allow recvfile on stream fsp's.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13956 BUG #13956]: s3: winbind: Fix crash when invoking winbind idmap scripts.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13964 BUG #13964]: smbd does not correctly parse arguments passed to dfree and quota scripts.
* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13981 BUG #13981]: docs: Improve documentation of "lanman auth" and "ntlm auth" connection.
* Björn Baumbach <bb@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14002 BUG #14002]: python/ntacls: Use correct "state directory" smb.conf option instead of "state dir".
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13840 BUG #13840]: registry: Add a missing include.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13938 BUG #13938]: s3:smbd: Don't use recvfile on streams.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13944 BUG #13944]: SMB guest authentication may fail.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13958 BUG #13958]: AppleDouble conversion breaks Resourceforks.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13964 BUG #13964]: s3: lib: Rename all uses of file_pload_XXX -> file_ploadv_XXX.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13968 BUG #13968]: vfs_fruit makes direct use of syscalls like mmap() and pread().
:* [https://bugzilla.samba.org/show_bug.cgi?id=13987 BUG #13987]: s3:mdssvc: Fix flex compilation error.
* Günther Deschner <gd@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13872 BUG #13872]: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly.
* David Disseldorp <ddiss@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13940 BUG #13940]: vfs_ceph: Fix cephwrap_flistxattr() debug message.
* Aaron Haslett <aaronhaslett@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13799 BUG #13799]: dsdb:samdb: Schemainfo update with relax control.
* Amitay Isaacs <amitay@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13943 BUG #13943]: ctdb-common: Fix memory leak in run_proc.
* Aliaksei Karaliou <akaraliou@panasas.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13964 BUG #13964]: smbd does not correctly parse arguments passed to dfree and quota scripts.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13903 BUG #13903]: winbind: Fix overlapping id ranges.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13957 BUG #13957]: smbd: Fix a panic.
* Gary Lockyer <gary@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=12478 BUG #12478]: ldap server: Generate correct referral schemes.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13902 BUG #13902]: lib util debug: Increase format buffer to 4KiB.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13941 BUG #13941]: Fix use after free detected by AddressSanitizer.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13942 BUG #13942]: s4 dsdb: Fix use after free in samldb_rename_search_base_callback.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=12204 BUG #12204]: Samba fails to replicate schema 69.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13713 BUG #13713]: Schema replication fails if link crosses chunk boundary backwards.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13799 BUG #13799]: 'samba-tool domain schemaupgrade' uses relax control and skips the schemaInfo update.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13916 BUG #13916]: dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ...".
:* [https://bugzilla.samba.org/show_bug.cgi?id=13917 BUG #13917]: python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to get the ACL.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13919 BUG #13919]: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
* Shyamsunder Rathi <shyam.rathi@nutanix.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13947 BUG #13947]: s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary.
* Robert Sander <r.sander@heinlein-support.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13918 BUG #13918]: s3: modules: ceph: Use current working directory instead of share path.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13831 BUG #13831]: Fix inconsistent output from wbinfo --sid-to-name depending on cache state.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13937 BUG #13937]: Fix several issues detected by GCC 9.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13939 BUG #13939]: s3:smbspool: Fix regression printing with Kerberos credentials.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13923 BUG #13923]: ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13930 BUG #13930]: ctdb-daemon: Never use 0 as a client ID.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13943 BUG #13943]: ctdb-common: Fix memory leak.
* Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13984 BUG #13984]: ctdb-scripts: Fix tcp_tw_recycle existence check.
* Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13904 BUG #13904]: Log early startup failures.

https://www.samba.org/samba/history/samba-4.9.10.html

==Samba 4.9.9==
:Release Notes for Samba 4.9.9
:June 19, 2019

===This is a security release in order to address the following defect:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435 CVE-2019-12435] (Samba AD DC Denial of Service in DNS management server (dnsserver))

===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435 CVE-2019-12435]:
:An authenticated user can crash the Samba AD DC's RPC server process via a NULL pointer dereference.


For more details and workarounds, please refer to the security advisories.

*[https://www.samba.org/samba/security/CVE-2019-12435.html CVE-2019-12435]

===Changes since 4.9.8:===

* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13922 BUG #13922]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435 CVE-2019-12435] rpc/dns: Avoid NULL deference if zone not found in DnssrvOperation2.


https://www.samba.org/samba/history/samba-4.9.9.html

==Samba 4.9.8==
:Release Notes for Samba 4.9.8
:May 14, 2019

===This is a security release in order to address the following defect:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860 CVE-2018-16860] (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum)


===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860 CVE-2018-16860]:
:The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target (client) principal.

For more details and workarounds, please refer to the security advisory.


===Changes since 4.9.7:===

* Isaac Boukris <iboukris@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13685 BUG #13685]: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum.

https://www.samba.org/samba/history/samba-4.9.8.html

==Samba 4.9.7==
:Release Notes for Samba 4.9.7
:May 1, 2019

===This is the latest stable release of the Samba 4.9 release series.===

===Changes since 4.9.6:===

* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13837 BUG #13837]: py/kcc_utils: py2.6 compatibility.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13882 BUG #13882]: py/provision: Fix for Python 2.6.
* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13840 BUG #13840]BUG : regfio: Update code near recent changes to match README.Coding.
* Günther Deschner <gd@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13861 BUG #13861]: 'net ads join' to child domain fails when using "-U admin@forestroot".
* David Disseldorp <ddiss@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13858 BUG #13858]: vfs_snapper: Drop unneeded fstat handler.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13896 BUG #13896]: vfs_ceph: Explicitly enable libcephfs POSIX ACL support.
* Philipp Gesang <philipp.gesang@intra2net.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13869 BUG #13869]: libcli: Permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response.
* Michael Hanselmann <public@hansmi.ch>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13840 BUG #13840]: regfio: Improve handling of malformed registry hive files.
* Amitay Isaacs <amitay@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13895 BUG #13895]: ctdb-common: Avoid race between fd and signal events.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13813 BUG #13813]: Fix idmap cache pollution with S-1-22- IDs on winbind hickup.
* Marcos Mello <marcosfrm@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=11568 BUG #11568]: Send status to systemd on daemon start.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=10097 BUG #10097]: s3:smbd: Handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO.
:* [https://bugzilla.samba.org/show_bug.cgi?id=10344 BUG #10344]: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
:* [https://bugzilla.samba.org/show_bug.cgi?id=12844 BUG #12844]: smb2_tcon: Avoid STATUS_PENDING responses for tree connect.
:* [https://bugzilla.samba.org/show_bug.cgi?id=12845 BUG #12845]: smb2_sesssetup: Avoid STATUS_PENDING responses for session setup.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13698 BUG #13698]: smb2_tcon: Avoid STATUS_PENDING responses for tree connect.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13796 BUG #13796]: smb2_sesssetup: Avoid STATUS_PENDING responses for session setup.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13816 BUG #13816]: dbcheck in the middle of the tombstone garbage collection causes replication failures.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13818 BUG #13818]: ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT().
:* [https://bugzilla.samba.org/show_bug.cgi?id=13862 BUG #13862]: vfs_default: Fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13863 BUG #13863]: smb2_server: Grant all 8192 credits to clients.
* Noel Power <noel.power@suse.com>
:* python/samba: extra ndr_unpack needs bytes function
* Anoop C S <anoopcs@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13872 BUG #13872]: s3/vfs_glusterfs[_fuse]: Dynamically determine NAME_MAX.
* Christof Schmitt <cs@samba.org>
:* passdb: Update ABI to 0.27.2.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13813 BUG #13813]: lib/winbind_util: Add winbind_xid_to_sid for --without-winbind.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13865 BUG #13865]: memcache: Increase size of default memcache to 512k.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13823 BUG #13823]: lib:util: Move debug message for mkdir failing to log level 1.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13832 BUG #13832]: Printing via smbspool backend with Kerberos auth fails.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13847 BUG #13847]: s4:librpc: Fix installation of Samba.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13848 BUG #13848]: s3:lib: Fix the debug message for adding cache entries.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13853 BUG #13853]: s3:waf: Fix the detection of makdev() macro on Linux.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13857 BUG #13857]: docs: Update smbclient manpage for --max-protocol.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13861 BUG #13861]: 'net ads join' to child domain fails when using "-U admin@forestroot".
* Zhu Shangzhong <zhu.shangzhong@zte.com.cn>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13839 BUG #13839]: ctdb: Initialize addr struct to zero before reparsing as IPV4.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13838 BUG #13838]: ctdb package should not own system library directory.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13860 BUG #13860]: CTDB restarts failed NFS RPC services by hand, which is incompatible with systemd.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13888 BUG #13888]: ctdb-daemon: Revert "We can not assume that just because we could complete a TCP handshake".

https://www.samba.org/samba/history/samba-4.9.7.html

==Samba 4.9.6==
:Release Notes for Samba 4.9.6
:April 8, 2019

===This is a security release in order to address the following defects:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870 CVE-2019-3870] (World writable files in Samba AD DC private/ dir)
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 CVE-2019-3880] (Save registry file outside share as unprivileged user)

===Details===
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870 CVE-2019-3870]: During the provision of a new Active Directory DC, some files in the private/directory are created world-writable.
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 CVE-2019-3880]: Authenticated users with write permission can trigger a symlink traversal to write or detect files outside the Samba share.

For more details and workarounds, please refer to the security advisories.
* [https://www.samba.org/samba/security/CVE-2019-3870.html CVE-2019-3870]
* [https://www.samba.org/samba/security/CVE-2019-3880.html CVE-2019-3880]

===Changes since 4.9.5:===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13834 BUG #13834] : [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870 CVE-2019-3870]: pysmbd: Ensure a zero umask is set for smbd.mkdir().
* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13851 BUG #13851]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880 CVE-2019-3880]: rpc: winreg: Remove implementations of SaveKey/RestoreKey.

https://www.samba.org/samba/history/samba-4.9.6.html

==Samba 4.9.5==
:Release Notes for Samba 4.9.5
:March 12, 2019

===Changes since 4.9.4:===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13714 BUG #13714]: audit_logging: Remove debug log header and JSON Authentication: prefix.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13760 BUG #13760]: Fix upgrade from 4.7 (or earlier) to 4.9.
* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=11495 BUG #11495]: s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13690 BUG #13690]: smbd: uid: Don't crash if 'force group' is added to an existing share connection.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13770 BUG #13770]: s3: VFS: vfs_fruit. Fix the NetAtalk deny mode compatibility code.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13803 BUG #13803]: s3: SMB1 POSIX mkdir does case insensitive name lookup.
* Christian Ambach <ambi@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13199 BUG #13199]: s3:utils/smbget fix recursive download with empty source directories.
* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13716 BUG #13716]: samba-tool drs showrepl: Do not crash if no dnsHostName found.
* Tim Beale <timbeale@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13736 BUG #13736]: s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13747 BUG #13747]: join: Throw CommandError instead of Exception for simple errors.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13762 BUG #13762]: ldb: Avoid inefficient one-level searches.
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13736 BUG #13736]: s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list().
:* [https://bugzilla.samba.org/show_bug.cgi?id=13776 BUG #13776]: tldap: Avoid use after free errors.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13802 BUG #13802]: Fix idmap xid2sid cache churn.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13812 BUG #13812]: access_check_max_allowed() doesn't process "Owner Rights" ACEs.
* Günther Deschner <gd@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13720 BUG #13720]: s3-smbd: Avoid assuming fsp is always intact after close_file call.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13725 BUG #13725]: s3-vfs-fruit: Add close call.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13746 BUG #13746]: s3-smbd: Use fruit:model string for mDNS registration.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13774 BUG #13774]: s3-vfs: add glusterfs_fuse vfs module.
* David Disseldorp <ddiss@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13766 BUG #13766]: printing: Check lp_load_printers() prior to pcap cache update.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13807 BUG #13807]: vfs_ceph: vfs_ceph strict_allocate_ftruncate calls (local FS) ftruncate and fallocate.
* Philipp Gesang <philipp.gesang@intra2net.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13737 BUG #13737]: lib/audit_logging: Actually create talloc.
* Joe Guo <joeg@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13728 BUG #13728]: netcmd/user: python[3]-gpgme unsupported and replaced by python[3]-gpg.
* Aaron Haslett <aaronhaslett@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13738 BUG #13738]: dns: Changing onelevel search for wildcard to subtree.
* Björn Jacke <bj@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13721 BUG #13721]: samba-tool: Don't print backtrace on simple DNS errors.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13759 BUG #13759]: sambaundoguididx: Use the right escaped oder unescaped sam ldb files.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13742 BUG #13742]: ctdb: Print locks latency in machinereadable stats.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13786 BUG #13786]: messages_dgm: Messaging gets stuck when pids are recycled.
* Gary Lockyer <gary@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13715 BUG #13715]: audit_logging: auth_json_audit required auth_json.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13765 BUG #13765]: man pages: Document prefork process model.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13773 BUG #13773]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3824 CVE-2019-3824] ldb: Release ldb 1.4.6.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13697 BUG #13697]: s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13722 BUG #13722]: s3:auth_winbind: Ignore a missing winbindd as NT4 PDC/BDC without trusts.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13723 BUG #13723]: s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13752 BUG #13752]: s4:server: Add support for 'smbcontrol samba shutdown' and 'smbcontrol <pid> debug/debuglevel'.
* Noel Power <noel.power@suse.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13616 BUG #13616]: Python: Ensure ldb.Dn can doesn't rencoded str with py2.
* Anoop C S <anoopcs@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13330 BUG #13330]: vfs_glusterfs: Adapt to changes in libgfapi signatures.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13774 BUG #13774]: s3-vfs: Use ENOATTR in errno comparison for getxattr.
* Jura Sasek <jiri.sasek@oracle.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13704 BUG #13704]: notifyd: Fix SIGBUS on sparc.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13787 BUG #13787]: waf: Check for libnscd.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13770 BUG #13770]: s3:vfs: Correctly check if OFD locks should be enabled or not.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13717 BUG #13717]: lib/util: Count a trailing line that doesn't end in a newline.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13800 BUG #13800]: Recovery lock bug fixes.
* Justin Stephenson <jstephen@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13726 BUG #13726]: s3: net: Do not set NET_FLAGS_ANONYMOUS with -k.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13727 BUG #13727]: s3:libsmb: Honor disable_netbios option in smbsock_connect_send.
* Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13741 BUG #13741]: vfs_fileid: Fix get_connectpath_ino.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13744 BUG #13744]: vfs_fileid: Fix fsname_norootdir algorithm.

https://www.samba.org/samba/history/samba-4.9.5.html

==Samba 4.9.4==
:Release Notes for Samba 4.9.4
:December 20, 2018


===Major bug fixes include:===

* dns: Fix CNAME loop prevention using counter regression [https://bugzilla.samba.org/show_bug.cgi?id=13600 BUG #13600].


===Changes since 4.9.3:===
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=9175 BUG #9175]: libcli/smb: Don't overwrite status code.
:* [https://bugzilla.samba.org/show_bug.cgi?id=12164 BUG #12164]: wbinfo --group-info 'NT AUTHORITY\System' does not work.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13661 BUG #13661]: Session setup reauth fails to sign response.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13677 BUG #13677]: vfs_fruit: Validation of writes on AFP_AfpInfo stream.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13688 BUG #13688]: vfs_shadow_copy2: Nicely deal with attempts to open previous version for writing.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13455 BUG #13455]: Restoring previous version of stream with vfs_shadow_copy2 fails with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name.
* Isaac Boukris <iboukris@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13571 BUG #13571]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853 CVE-2018-16853]: Fix S4U2Self crash with MIT KDC build.
* Günther Deschner <gd@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13708 BUG #13708]: s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs.
* Joe Guo <joeg@catalyst.net.nz>
:* PEP8: fix E231: missing whitespace after ','.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13629 BUG #13629]: winbindd: Fix crash when taking profiles.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13600 BUG #13600]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629 CVE-2018-14629] dns: Fix CNAME loop prevention using counter regression.
* Garming Sam <garming@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13686 BUG #13686]: 'samba-tool user syscpasswords' fails on a domain with many DCs.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13571 BUG #13571]: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853 CVE-2018-16853]: Do not segfault if client is not set.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13679 BUG #13679]: lib:util: Fix DEBUGCLASS pointer initializiation.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13696 BUG #13696]: ctdb-daemon: Exit with error if a database directory does not exist.
* Justin Stephenson <jstephen@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13498 BUG #13498]: s3:libads: Add net ads leave keep-account option.

https://www.samba.org/samba/history/samba-4.9.4.html

==Samba 4.9.3==
:Release Notes for Samba 4.9.3
:November 27, 2018

===This is a security release in order to address the following defects:===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629 CVE-2018-14629] Unprivileged adding of CNAME record causing loop in AD Internal DNS server
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841 CVE-2018-16841] Double-free in Samba AD DC KDC with PKINIT
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851 CVE-2018-16851] NULL pointer de-reference in Samba AD DC LDAP server
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852 CVE-2018-16852] NULL pointer de-reference in Samba AD DC DNS servers
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853 CVE-2018-16853] Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported)
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857 CVE-2018-16857] Bad password count in AD DC not always effective

===Details===

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629 CVE-2018-14629]:
::All versions of Samba from 4.0.0 onwards are vulnerable to infinite query recursion caused by CNAME loops. Any dns record can be added via ldap by an unprivileged user using the ldbadd tool, so this is a security issue.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841 CVE-2018-16841]:
::When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ.

::This is only possible after authentication with a trusted certificate.

::talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.

::There is no further vulnerability associated with this issue, merely a denial of service.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851 CVE-2018-16851]:
::During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process.

::There is no further vulnerability associated with this issue, merely a denial of service.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852 CVE-2018-16852]:
::During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate.

::There is no further vulnerability associated with this issue, merely a denial of service.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853 CVE-2018-16853]:
::A user in a Samba AD domain can crash the KDC when Samba is built in the non-default MIT Kerberos configuration.

::With this advisory we clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration.

* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857 CVE-2018-16857]:
::AD DC Configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all.

For more details and workarounds, please refer to the security advisories.


===Changes since 4.9.2:===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13628 BUG #13628]BUG 13628: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841 CVE-2018-16841]: heimdal: Fix segfault on PKINIT with mis-matching principal.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13678 BUG #13678]BUG 13678: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853 CVE-2018-16853]: build: The Samba AD DC, when build with MIT Kerberos is experimental
* Tim Beale <timbeale@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13683 BUG #13683]BUG 13683: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857 CVE-2018-16857]: dsdb/util: Correctly treat lockOutObservationWindow as 64-bit int.
* Joe Guo <joeg@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13683 BUG #13683]BUG 13683: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857 CVE-2018-16857] PEP8: Fix E305: Expected 2 blank lines after class or function definition, found 1.
* Aaron Haslett <aaronhaslett@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13600 BUG #13600]BUG 13600: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629 CVE-2018-14629]: dns: CNAME loop prevention using counter.
* Gary Lockyer <gary@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13669 BUG #13669]BUG 13669: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852 CVE-2018-16852]: Fix NULL pointer de-reference in Samba AD DC DNS management.
* Garming Sam <garming@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13674 BUG #13674]BUG 13674: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851 CVE-2018-16851]: ldap_server: Check ret before manipulating blob.

https://www.samba.org/samba/history/samba-4.9.3.html

==Samba 4.9.2==
:Release Notes for Samba 4.9.2
:November 08, 2018

===This is the latest stable release of the Samba 4.9 release series.===

===Changes since 4.9.1:===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13418 BUG #13418]: dsdb: Add comments explaining the limitations of our current backlink behaviour.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13621 BUG #13621]: Fix problems running domain backups (handling SMBv2, sites).
* Tim Beale <timbeale@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13621 BUG #13621]: Fix problems running domain backups (handling SMBv2, sites).
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13465 BUG #13465]: testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13642 BUG #13642]: Make vfs_fruit able to cleanup AppleDouble files.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13646 BUG #13646]: File saving issues with vfs_fruit on samba >= 4.8.5.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13649 BUG #13649]: Enabling vfs_fruit looses FinderInfo.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13667 BUG #13667]: Cancelling of SMB2 aio reads and writes returns wrong error NT_STATUS_INTERNAL_ERROR.
* Amitay Isaacs <amitay@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13641 BUG #13641]: Fix CTDB recovery record resurrection from inactive nodes and simplify vacuuming.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13465 BUG #13465]: examples: Fix the smb2mount build.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13629 BUG #13629]: libtevent: Fix build due to missing open_memstream on Illiumos.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13662 BUG #13662]: winbindd_cache: Fix timeout calculation for sid<->name cache.
* Gary Lockyer <gary@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13653 BUG #13653]: dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13418 BUG #13418]: Extended DN SID component missing for member after switching group membership.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13624 BUG #13624]: Return STATUS_SESSION_EXPIRED error encrypted, if the request was encrypted.
* David Mulder <dmulder@suse.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13621 BUG #13621]: python: Allow forced signing via smb.SMB().
:* [https://bugzilla.samba.org/show_bug.cgi?id=13665 BUG #13665]: lib:socket: If returning early, set ifaces.
* Noel Power <noel.power@suse.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13616 BUG #13616]: ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept utf8 encoded unicode.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13465 BUG #13465]: testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13673 BUG #13673]: smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13601 BUG #13601]: waf: Add -fstack-clash-protection.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13668 BUG #13668]: winbind: Fix segfault if an invalid passdb backend is configured.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13659 BUG #13659]: Fix bugs in CTDB event handling.
:* [https://bugzilla.samba.org/show_bug.cgi?id=13670 BUG #13670]: Misbehaving nodes are sometimes not banned.

https://www.samba.org/samba/history/samba-4.9.2.html

==Samba 4.9.1==
:Release Notes for Samba 4.9.1
:September 24, 2018

===This is the latest stable release of the Samba 4.9 release series.===

===Major enhancements include:===
* s3: nmbd: Stop nmbd network announce storm ([https://bugzilla.samba.org/show_bug.cgi?id=13620 BUG #13620]).

===Changes since 4.9.0:===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13620 BUG #13620]: s3: nmbd: Stop nmbd network announce storm.
* Günther Deschner <gd@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13597 BUG #13597]: s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13617 BUG #13617]: CTDB recovery lock has some race conditions.
* Justin Stephenson <jstephen@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13597 BUG #13597]: s3-rpc_client: Advertise Windows 7 client info.
*Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13610 BUG #13610]: ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page.

https://www.samba.org/samba/history/samba-4.9.1.html


==Samba 4.9.0==
==Samba 4.9.0==
<onlyinclude>
:Release Notes for Samba 4.9.0
:Release Notes for Samba 4.9.0
:September 13, 2018
:September 13, 2018

===Release Announcements===
===Release Announcements===


Line 307: Line 968:


Any external VFS modules will need to be updated to match these changes in order to work with 4.9.x.
Any external VFS modules will need to be updated to match these changes in order to work with 4.9.x.
</onlyinclude>

===CHANGES SINCE 4.9.0rc5===
===CHANGES SINCE 4.9.0rc5===



Revision as of 19:53, 11 December 2019

Samba 4.9 is ''Security Fixes_Only Mode.

Samba 4.9.17

Release Notes for Samba 4.9.17
December 10, 2019

This is a security release in order to address the following defects:

  • CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server (dnsserver).
  • CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition on Samba AD DC.

Details

An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name.
The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC.

For more details and workarounds, please refer to the security advisories.

Changes since 4.9.16:

  • Andrew Bartlett <abartlet@samba.org>
  • Isaac Boukris <iboukris@gmail.com>
https://www.samba.org/samba/history/samba-4.9.17.html

Samba 4.9.16

Release Notes for Samba 4.9.16
November 27, 2019

This is an additional bug fix release to address BUG #14175

CTDB: Incoming queue can be orphaned causing communication breakdown.

Changes since 4.9.15:


  • Volker Lendecke <vl@samba.org>
  • BUG #14175: ctdb: Avoid communication breakdown on node reconnect.
  • Martin Schwenke <martin@meltin.net>
  • BUG #14175: ctdb: Incoming queue can be orphaned causing communication breakdown.
https://www.samba.org/samba/history/samba-4.9.16.html

Samba 4.9.15

Release Notes for Samba 4.9.15
October 29, 2019

This is a security release in order to address the following defects:

  • CVE-2019-10218: Client code can return filenames containing path separators.
  • CVE-2019-14833: Samba AD DC check password script does not receive the full password.
  • CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync.

Details

Malicious servers can cause Samba client code to return filenames containing path separators to calling code.
When the password contains multi-byte (non-ASCII) characters, the check password script does not receive the full password string.
Users with the "get changes" extended access right can crash the AD DC LDAP server by requesting an attribute using the range= syntax.

For more details and workarounds, please refer to the security advisories.

Changes since 4.9.14:

  • Jeremy Allison <jra@samba.org>
  • BUG #14071: CVE-2019-10197CVE-2019-10218 - s3: libsmb: Protect SMB1 and SMB2 client code from evil server returned names.
  • Andrew Bartlett <abartlet@samba.org>
  • Björn Baumbach <bb@sernet.de>
https://www.samba.org/samba/history/samba-4.9.15.html

Samba 4.9.14

Release Notes for Samba 4.9.14
October 22, 2019

This is the last bugfix release of the Samba 4.9 release series. There will be security releases only beyond this point.

Changes since 4.9.13:

  • Jeremy Allison <jra@samba.org>
  • BUG #14094: smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir().
  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • BUG #13978: s4/scripting: MORE py3 compatible print functions.
  • Andrew Bartlett <abartlet@samba.org>
  • ldb: release ldb 1.4.8
  • BUG #13959: ldb_tdb fails to check error return when parsing pack formats.
  • BUG #13978: undoguididx: Add "or later" to warning about using tools from Samba 4.8.
  • Ralph Boehme <slow@samba.org>
  • BUG #14038: ctdb: Fix compilation on systems with glibc robust mutexes.
  • Isaac Boukris <iboukris@gmail.com>
  • BUG #14106: Fix spnego fallback from kerberos to ntlmssp in smbd server.
  • Poornima G <pgurusid@redhat.com>
  • BUG #14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
  • Aaron Haslett <aaronhaslett@catalyst.net.nz>
  • BUG #13977: ldb: baseinfo pack format check on init.
  • BUG #13978: sambaundoguidindex is untested and py2-only.
  • Amitay Isaacs <amitay@gmail.com>
  • BUG #14147: ctdb-vacuum: Process all records not deleted on a remote node.
  • Björn Jacke <bj@sernet.de>
  • BUG #14139: Fault.c: Improve fault_report message text pointing to our wiki.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #14055: libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID.
  • Martin Schwenke <martin@meltin.net>
  • BUG #14084: ctdb-tcp: Mark node as disconnected if incoming connection goes away.
  • BUG #14087: 'ctdb stop' command completes before databases are frozen.
  • BUG #14129: Exit code of ctdb nodestatus should not be influenced by deleted nodes.
  • Evgeny Sinelnikov <sin@altlinux.org>
  • BUG #14007: s3:ldap: Fix join with don't exists machine account.
https://www.samba.org/samba/history/samba-4.9.14.html

Samba 4.9.13

Release Notes for Samba 4.9.13
September 03, 2019

This is a security release in order to address the following defect:

  • CVE-2019-10197: Combination of parameters and permissions can allow user to escape from the share path definition.

Details

Under certain parameter configurations, when an SMB client accesses a network share and the user does not have permission to access the share root directory, it is possible for the user to escape from the share to see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.

Changes since 4.9.12:

  • Jeremy Allison <jra@samba.org>
  • Stefan Metzmacher <metze@samba.org>
https://www.samba.org/samba/history/samba-4.9.13.html

Samba 4.9.12

Release Notes for Samba 4.9.12
August 27, 2019

This is the latest stable release of the Samba 4.9 release series.

Changes since 4.9.11:

  • Michael Adam <obnox@samba.org>
  • BUG #13972: vfs:glusterfs_fuse: Different Device Id for GlusterFS FUSE mount is causing data loss in CTDB cluster.
  • BUG #14010: vfs:glusterfs_fuse: Unable to create or rename file/directory inside shares configured with fs_glusterfs_fuse module.
  • Björn Baumbach <bb@sernet.de>
  • BUG #13973: samba-tool: Add 'import samba.drs_utils' to fsmo.py.
  • Tim Beale <timbeale@catalyst.net.nz>
  • BUG #14008: dsdb: Handle DB corner-case where PSO container doesn't exist.
  • BUG #14021: s4/libnet: Fix joining a Windows pre-2008R2 DC.
  • Ralph Boehme <slow@samba.org>
  • BUG #14015: vfs_catia: Pass stat info to synthetic_smb_fname().
  • BUG #14033: Samba 4.9 doesn't build with libtevent 0.9.39.
  • Alexander Bokovoy <ab@samba.org>
  • BUG #14091: lookup_name: Allow own domain lookup when flags == 0.
  • Isaac Boukris <iboukris@gmail.com>
  • BUG #11362: Add PrimaryGroupId to group array in DC response.
  • Anoop C S <anoopcs@redhat.com>
  • BUG #14035: vfs_glusterfs: Enable profiling for file system operations.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #13915: DEBUGC and DEBUGADDC doesn't print into a class specific log file.
  • BUG #13949: Request to keep deprecated option "server schannel", VMWare Quickprep requires "auto".
  • BUG #13967: dbcheck: Fallback to the default tombstoneLifetime of 180 days.
  • BUG #13969: dnsProperty fails to decode values from older Windows versions.
  • BUG #13973: samba-tool: fsmo transfer is not reliable for the dns related partitions role transfer.
  • Christof Schmitt <cs@samba.org>
  • BUG #14032: vfs_gpfs: Fix NFSv4 ACL for owner with IDMAP_TYPE_BOTH.
  • Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
  • BUG #14017BUG 14017: ctdb-config: Depend on /etc/ctdb/nodes file.
https://www.samba.org/samba/history/samba-4.9.12.html

Samba 4.9.11

Release Notes for Samba 4.9.11
July 03, 2019

This is the latest stable release of the Samba 4.9 release series.

In yesterday's Samba 4.9.10 release, LDAP_REFERRAL_SCHEME_OPAQUE was added to db_module.h in order to fix bug #12478. Unfortunately, the ldb version was not raised. Samba >= 4.9.10 is no longer able to build with ldb 1.4.6. This version includes the new ldb version. Please note that there are just the version bumps in ldb and Samba, no code change. If you don't build Samba with an external ldb library, you can ignore this release and keep using 4.9.11.


Changes since 4.9.10:

  • Stefan Metzmacher <metze@samba.org>
https://www.samba.org/samba/history/samba-4.9.11.html

Samba 4.9.10

Release Notes for Samba 4.9.10
July 02, 2019

This is the latest stable release of the Samba 4.9 release series.

Changes since 4.9.9:

  • Jeremy Allison <jra@samba.org>
  • BUG #13938: s3: SMB1: Don't allow recvfile on stream fsp's.
  • BUG #13956: s3: winbind: Fix crash when invoking winbind idmap scripts.
  • BUG #13964: smbd does not correctly parse arguments passed to dfree and quota scripts.
  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13981: docs: Improve documentation of "lanman auth" and "ntlm auth" connection.
  • Björn Baumbach <bb@sernet.de>
  • BUG #14002: python/ntacls: Use correct "state directory" smb.conf option instead of "state dir".
  • Ralph Boehme <slow@samba.org>
  • BUG #13840: registry: Add a missing include.
  • BUG #13938: s3:smbd: Don't use recvfile on streams.
  • BUG #13944: SMB guest authentication may fail.
  • BUG #13958: AppleDouble conversion breaks Resourceforks.
  • BUG #13964: s3: lib: Rename all uses of file_pload_XXX -> file_ploadv_XXX.
  • BUG #13968: vfs_fruit makes direct use of syscalls like mmap() and pread().
  • BUG #13987: s3:mdssvc: Fix flex compilation error.
  • Günther Deschner <gd@samba.org>
  • BUG #13872: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly.
  • David Disseldorp <ddiss@samba.org>
  • BUG #13940: vfs_ceph: Fix cephwrap_flistxattr() debug message.
  • Aaron Haslett <aaronhaslett@catalyst.net.nz>
  • BUG #13799: dsdb:samdb: Schemainfo update with relax control.
  • Amitay Isaacs <amitay@gmail.com>
  • BUG #13943: ctdb-common: Fix memory leak in run_proc.
  • Aliaksei Karaliou <akaraliou@panasas.com>
  • BUG #13964: smbd does not correctly parse arguments passed to dfree and quota scripts.
  • Volker Lendecke <vl@samba.org>
  • Gary Lockyer <gary@catalyst.net.nz>
  • BUG #12478: ldap server: Generate correct referral schemes.
  • BUG #13902: lib util debug: Increase format buffer to 4KiB.
  • BUG #13941: Fix use after free detected by AddressSanitizer.
  • BUG #13942: s4 dsdb: Fix use after free in samldb_rename_search_base_callback.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #12204: Samba fails to replicate schema 69.
  • BUG #13713: Schema replication fails if link crosses chunk boundary backwards.
  • BUG #13799: 'samba-tool domain schemaupgrade' uses relax control and skips the schemaInfo update.
  • BUG #13916: dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ...".
  • BUG #13917: python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to get the ACL.
  • BUG #13919: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
  • Shyamsunder Rathi <shyam.rathi@nutanix.com>
  • BUG #13947: s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary.
  • Robert Sander <r.sander@heinlein-support.de>
  • BUG #13918: s3: modules: ceph: Use current working directory instead of share path.
  • Christof Schmitt <cs@samba.org>
  • BUG #13831: Fix inconsistent output from wbinfo --sid-to-name depending on cache state.
  • Andreas Schneider <asn@samba.org>
  • BUG #13937: Fix several issues detected by GCC 9.
  • BUG #13939: s3:smbspool: Fix regression printing with Kerberos credentials.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13923: ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL.
  • BUG #13930: ctdb-daemon: Never use 0 as a client ID.
  • BUG #13943: ctdb-common: Fix memory leak.
  • Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
  • BUG #13984: ctdb-scripts: Fix tcp_tw_recycle existence check.
  • Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
https://www.samba.org/samba/history/samba-4.9.10.html

Samba 4.9.9

Release Notes for Samba 4.9.9
June 19, 2019

This is a security release in order to address the following defect:

  • CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server (dnsserver))

Details

An authenticated user can crash the Samba AD DC's RPC server process via a NULL pointer dereference.


For more details and workarounds, please refer to the security advisories.

Changes since 4.9.8:

  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>


https://www.samba.org/samba/history/samba-4.9.9.html

Samba 4.9.8

Release Notes for Samba 4.9.8
May 14, 2019

This is a security release in order to address the following defect:


Details

The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target (client) principal.

For more details and workarounds, please refer to the security advisory.


Changes since 4.9.7:

  • Isaac Boukris <iboukris@gmail.com>
  • BUG #13685: CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum.
https://www.samba.org/samba/history/samba-4.9.8.html

Samba 4.9.7

Release Notes for Samba 4.9.7
May 1, 2019

This is the latest stable release of the Samba 4.9 release series.

Changes since 4.9.6:

  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13840BUG : regfio: Update code near recent changes to match README.Coding.
  • Günther Deschner <gd@samba.org>
  • BUG #13861: 'net ads join' to child domain fails when using "-U admin@forestroot".
  • David Disseldorp <ddiss@samba.org>
  • BUG #13858: vfs_snapper: Drop unneeded fstat handler.
  • BUG #13896: vfs_ceph: Explicitly enable libcephfs POSIX ACL support.
  • Philipp Gesang <philipp.gesang@intra2net.com>
  • BUG #13869: libcli: Permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response.
  • Michael Hanselmann <public@hansmi.ch>
  • BUG #13840: regfio: Improve handling of malformed registry hive files.
  • Amitay Isaacs <amitay@samba.org>
  • BUG #13895: ctdb-common: Avoid race between fd and signal events.
  • Volker Lendecke <vl@samba.org>
  • BUG #13813: Fix idmap cache pollution with S-1-22- IDs on winbind hickup.
  • Marcos Mello <marcosfrm@gmail.com>
  • BUG #11568: Send status to systemd on daemon start.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #10097: s3:smbd: Handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO.
  • BUG #10344: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
  • BUG #12844: smb2_tcon: Avoid STATUS_PENDING responses for tree connect.
  • BUG #12845: smb2_sesssetup: Avoid STATUS_PENDING responses for session setup.
  • BUG #13698: smb2_tcon: Avoid STATUS_PENDING responses for tree connect.
  • BUG #13796: smb2_sesssetup: Avoid STATUS_PENDING responses for session setup.
  • BUG #13816: dbcheck in the middle of the tombstone garbage collection causes replication failures.
  • BUG #13818: ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT().
  • BUG #13862: vfs_default: Fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check.
  • BUG #13863: smb2_server: Grant all 8192 credits to clients.
  • Noel Power <noel.power@suse.com>
  • python/samba: extra ndr_unpack needs bytes function
  • Anoop C S <anoopcs@redhat.com>
  • BUG #13872: s3/vfs_glusterfs[_fuse]: Dynamically determine NAME_MAX.
  • Christof Schmitt <cs@samba.org>
  • passdb: Update ABI to 0.27.2.
  • BUG #13813: lib/winbind_util: Add winbind_xid_to_sid for --without-winbind.
  • BUG #13865: memcache: Increase size of default memcache to 512k.
  • Andreas Schneider <asn@samba.org>
  • BUG #13823: lib:util: Move debug message for mkdir failing to log level 1.
  • BUG #13832: Printing via smbspool backend with Kerberos auth fails.
  • BUG #13847: s4:librpc: Fix installation of Samba.
  • BUG #13848: s3:lib: Fix the debug message for adding cache entries.
  • BUG #13853: s3:waf: Fix the detection of makdev() macro on Linux.
  • BUG #13857: docs: Update smbclient manpage for --max-protocol.
  • BUG #13861: 'net ads join' to child domain fails when using "-U admin@forestroot".
  • Zhu Shangzhong <zhu.shangzhong@zte.com.cn>
  • BUG #13839: ctdb: Initialize addr struct to zero before reparsing as IPV4.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13838: ctdb package should not own system library directory.
  • BUG #13860: CTDB restarts failed NFS RPC services by hand, which is incompatible with systemd.
  • BUG #13888: ctdb-daemon: Revert "We can not assume that just because we could complete a TCP handshake".
https://www.samba.org/samba/history/samba-4.9.7.html

Samba 4.9.6

Release Notes for Samba 4.9.6
April 8, 2019

This is a security release in order to address the following defects:

  • CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
  • CVE-2019-3880 (Save registry file outside share as unprivileged user)

Details

  • CVE-2019-3870: During the provision of a new Active Directory DC, some files in the private/directory are created world-writable.
  • CVE-2019-3880: Authenticated users with write permission can trigger a symlink traversal to write or detect files outside the Samba share.

For more details and workarounds, please refer to the security advisories.

Changes since 4.9.5:

  • Andrew Bartlett <abartlet@samba.org>
  • Jeremy Allison <jra@samba.org>
https://www.samba.org/samba/history/samba-4.9.6.html

Samba 4.9.5

Release Notes for Samba 4.9.5
March 12, 2019

Changes since 4.9.4:

  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13714: audit_logging: Remove debug log header and JSON Authentication: prefix.
  • BUG #13760: Fix upgrade from 4.7 (or earlier) to 4.9.
  • Jeremy Allison <jra@samba.org>
  • BUG #11495: s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607.
  • BUG #13690: smbd: uid: Don't crash if 'force group' is added to an existing share connection.
  • BUG #13770: s3: VFS: vfs_fruit. Fix the NetAtalk deny mode compatibility code.
  • BUG #13803: s3: SMB1 POSIX mkdir does case insensitive name lookup.
  • Christian Ambach <ambi@samba.org>
  • BUG #13199: s3:utils/smbget fix recursive download with empty source directories.
  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • BUG #13716: samba-tool drs showrepl: Do not crash if no dnsHostName found.
  • Tim Beale <timbeale@catalyst.net.nz>
  • BUG #13736: s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection.
  • BUG #13747: join: Throw CommandError instead of Exception for simple errors.
  • BUG #13762: ldb: Avoid inefficient one-level searches.
  • Ralph Boehme <slow@samba.org>
  • BUG #13736: s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list().
  • BUG #13776: tldap: Avoid use after free errors.
  • BUG #13802: Fix idmap xid2sid cache churn.
  • BUG #13812: access_check_max_allowed() doesn't process "Owner Rights" ACEs.
  • Günther Deschner <gd@samba.org>
  • BUG #13720: s3-smbd: Avoid assuming fsp is always intact after close_file call.
  • BUG #13725: s3-vfs-fruit: Add close call.
  • BUG #13746: s3-smbd: Use fruit:model string for mDNS registration.
  • BUG #13774: s3-vfs: add glusterfs_fuse vfs module.
  • David Disseldorp <ddiss@samba.org>
  • BUG #13766: printing: Check lp_load_printers() prior to pcap cache update.
  • BUG #13807: vfs_ceph: vfs_ceph strict_allocate_ftruncate calls (local FS) ftruncate and fallocate.
  • Philipp Gesang <philipp.gesang@intra2net.com>
  • BUG #13737: lib/audit_logging: Actually create talloc.
  • Joe Guo <joeg@catalyst.net.nz>
  • BUG #13728: netcmd/user: python[3]-gpgme unsupported and replaced by python[3]-gpg.
  • Aaron Haslett <aaronhaslett@catalyst.net.nz>
  • BUG #13738: dns: Changing onelevel search for wildcard to subtree.
  • Björn Jacke <bj@sernet.de>
  • BUG #13721: samba-tool: Don't print backtrace on simple DNS errors.
  • BUG #13759: sambaundoguididx: Use the right escaped oder unescaped sam ldb files.
  • Volker Lendecke <vl@samba.org>
  • BUG #13742: ctdb: Print locks latency in machinereadable stats.
  • BUG #13786: messages_dgm: Messaging gets stuck when pids are recycled.
  • Gary Lockyer <gary@catalyst.net.nz>
  • Stefan Metzmacher <metze@samba.org>
  • BUG #13697: s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration.
  • BUG #13722: s3:auth_winbind: Ignore a missing winbindd as NT4 PDC/BDC without trusts.
  • BUG #13723: s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available.
  • BUG #13752: s4:server: Add support for 'smbcontrol samba shutdown' and 'smbcontrol <pid> debug/debuglevel'.
  • Noel Power <noel.power@suse.com>
  • BUG #13616: Python: Ensure ldb.Dn can doesn't rencoded str with py2.
  • Anoop C S <anoopcs@redhat.com>
  • BUG #13330: vfs_glusterfs: Adapt to changes in libgfapi signatures.
  • BUG #13774: s3-vfs: Use ENOATTR in errno comparison for getxattr.
  • Jura Sasek <jiri.sasek@oracle.com>
  • Christof Schmitt <cs@samba.org>
  • Andreas Schneider <asn@samba.org>
  • BUG #13770: s3:vfs: Correctly check if OFD locks should be enabled or not.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13717: lib/util: Count a trailing line that doesn't end in a newline.
  • BUG #13800: Recovery lock bug fixes.
  • Justin Stephenson <jstephen@redhat.com>
  • BUG #13726: s3: net: Do not set NET_FLAGS_ANONYMOUS with -k.
  • BUG #13727: s3:libsmb: Honor disable_netbios option in smbsock_connect_send.
  • Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
  • BUG #13741: vfs_fileid: Fix get_connectpath_ino.
  • BUG #13744: vfs_fileid: Fix fsname_norootdir algorithm.
https://www.samba.org/samba/history/samba-4.9.5.html

Samba 4.9.4

Release Notes for Samba 4.9.4
December 20, 2018


Major bug fixes include:

  • dns: Fix CNAME loop prevention using counter regression BUG #13600.


Changes since 4.9.3:

  • Ralph Boehme <slow@samba.org>
  • BUG #9175: libcli/smb: Don't overwrite status code.
  • BUG #12164: wbinfo --group-info 'NT AUTHORITY\System' does not work.
  • BUG #13661: Session setup reauth fails to sign response.
  • BUG #13677: vfs_fruit: Validation of writes on AFP_AfpInfo stream.
  • BUG #13688: vfs_shadow_copy2: Nicely deal with attempts to open previous version for writing.
  • BUG #13455: Restoring previous version of stream with vfs_shadow_copy2 fails with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name.
  • Isaac Boukris <iboukris@gmail.com>
  • Günther Deschner <gd@samba.org>
  • BUG #13708: s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs.
  • Joe Guo <joeg@catalyst.net.nz>
  • PEP8: fix E231: missing whitespace after ','.
  • Volker Lendecke <vl@samba.org>
  • BUG #13629: winbindd: Fix crash when taking profiles.
  • Stefan Metzmacher <metze@samba.org>
  • Garming Sam <garming@catalyst.net.nz>
  • BUG #13686: 'samba-tool user syscpasswords' fails on a domain with many DCs.
  • Andreas Schneider <asn@samba.org>
  • Martin Schwenke <martin@meltin.net>
  • BUG #13696: ctdb-daemon: Exit with error if a database directory does not exist.
  • Justin Stephenson <jstephen@redhat.com>
  • BUG #13498: s3:libads: Add net ads leave keep-account option.
https://www.samba.org/samba/history/samba-4.9.4.html

Samba 4.9.3

Release Notes for Samba 4.9.3
November 27, 2018

This is a security release in order to address the following defects:

  • CVE-2018-14629 Unprivileged adding of CNAME record causing loop in AD Internal DNS server
  • CVE-2018-16841 Double-free in Samba AD DC KDC with PKINIT
  • CVE-2018-16851 NULL pointer de-reference in Samba AD DC LDAP server
  • CVE-2018-16852 NULL pointer de-reference in Samba AD DC DNS servers
  • CVE-2018-16853 Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported)
  • CVE-2018-16857 Bad password count in AD DC not always effective

Details

All versions of Samba from 4.0.0 onwards are vulnerable to infinite query recursion caused by CNAME loops. Any dns record can be added via ldap by an unprivileged user using the ldbadd tool, so this is a security issue.
When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ.
This is only possible after authentication with a trusted certificate.
talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.
There is no further vulnerability associated with this issue, merely a denial of service.
During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process.
There is no further vulnerability associated with this issue, merely a denial of service.
During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate.
There is no further vulnerability associated with this issue, merely a denial of service.
A user in a Samba AD domain can crash the KDC when Samba is built in the non-default MIT Kerberos configuration.
With this advisory we clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration.
AD DC Configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all.

For more details and workarounds, please refer to the security advisories.


Changes since 4.9.2:

  • Andrew Bartlett <abartlet@samba.org>
  • Tim Beale <timbeale@catalyst.net.nz>
  • Joe Guo <joeg@catalyst.net.nz>
  • Aaron Haslett <aaronhaslett@catalyst.net.nz>
  • Gary Lockyer <gary@catalyst.net.nz>
  • Garming Sam <garming@catalyst.net.nz>
https://www.samba.org/samba/history/samba-4.9.3.html

Samba 4.9.2

Release Notes for Samba 4.9.2
November 08, 2018

This is the latest stable release of the Samba 4.9 release series.

Changes since 4.9.1:

  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13418: dsdb: Add comments explaining the limitations of our current backlink behaviour.
  • BUG #13621: Fix problems running domain backups (handling SMBv2, sites).
  • Tim Beale <timbeale@catalyst.net.nz>
  • BUG #13621: Fix problems running domain backups (handling SMBv2, sites).
  • Ralph Boehme <slow@samba.org>
  • BUG #13465: testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3.
  • BUG #13642: Make vfs_fruit able to cleanup AppleDouble files.
  • BUG #13646: File saving issues with vfs_fruit on samba >= 4.8.5.
  • BUG #13649: Enabling vfs_fruit looses FinderInfo.
  • BUG #13667: Cancelling of SMB2 aio reads and writes returns wrong error NT_STATUS_INTERNAL_ERROR.
  • Amitay Isaacs <amitay@gmail.com>
  • BUG #13641: Fix CTDB recovery record resurrection from inactive nodes and simplify vacuuming.
  • Volker Lendecke <vl@samba.org>
  • BUG #13465: examples: Fix the smb2mount build.
  • BUG #13629: libtevent: Fix build due to missing open_memstream on Illiumos.
  • BUG #13662: winbindd_cache: Fix timeout calculation for sid<->name cache.
  • Gary Lockyer <gary@catalyst.net.nz>
  • BUG #13653: dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #13418: Extended DN SID component missing for member after switching group membership.
  • BUG #13624: Return STATUS_SESSION_EXPIRED error encrypted, if the request was encrypted.
  • David Mulder <dmulder@suse.com>
  • BUG #13621: python: Allow forced signing via smb.SMB().
  • BUG #13665: lib:socket: If returning early, set ifaces.
  • Noel Power <noel.power@suse.com>
  • BUG #13616: ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept utf8 encoded unicode.
  • Christof Schmitt <cs@samba.org>
  • BUG #13465: testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3.
  • BUG #13673: smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute.
  • Andreas Schneider <asn@samba.org>
  • BUG #13601: waf: Add -fstack-clash-protection.
  • BUG #13668: winbind: Fix segfault if an invalid passdb backend is configured.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13659: Fix bugs in CTDB event handling.
  • BUG #13670: Misbehaving nodes are sometimes not banned.
https://www.samba.org/samba/history/samba-4.9.2.html

Samba 4.9.1

Release Notes for Samba 4.9.1
September 24, 2018

This is the latest stable release of the Samba 4.9 release series.

Major enhancements include:

  • s3: nmbd: Stop nmbd network announce storm (BUG #13620).

Changes since 4.9.0:

  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13620: s3: nmbd: Stop nmbd network announce storm.
  • Günther Deschner <gd@samba.org>
  • BUG #13597: s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13617: CTDB recovery lock has some race conditions.
  • Justin Stephenson <jstephen@redhat.com>
  • BUG #13597: s3-rpc_client: Advertise Windows 7 client info.
  • Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
  • BUG #13610: ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page.
https://www.samba.org/samba/history/samba-4.9.1.html

Samba 4.9.0

Release Notes for Samba 4.9.0
September 13, 2018

Release Announcements

This is the first stable release of the Samba 4.9 release series. Please read the release notes carefully before upgrading.

NEW FEATURES/CHANGES

'net ads setspn'

There is a new 'net ads setspn' sub command for managing Windows SPN(s) on the AD. This command aims to give the basic functionality that is provided on windows by 'setspn.exe' e.g. ability to add, delete and list Windows SPN(s) stored in a Windows AD Computer object.

The format of the command is:

net ads setspn list [machine]
net ads setspn [add | delete ] SPN [machine]

'machine' is the name of the computer account on the AD that is to be managed. If 'machine' is not specified the name of the 'client' running the command is used instead.

The format of a Windows SPN is

 'serviceclass/host:port/servicename' (servicename and port are optional)

serviceclass/host is generally sufficient to specify a host based service.

'net ads keytab' changes

net ads keytab add no longer attempts to convert the passed serviceclass (e.g. nfs, html etc.) into a Windows SPN which is added to the Windows AD computer object. By default just the keytab file is modified.

A new keytab subcommand 'add_update_ads' has been added to preserve the legacy behaviour. However the new 'net ads setspn add' subcommand should really be used instead.

net ads keytab create no longer tries to generate SPN(s) from existing entries in a keytab file. If it is required to add Windows SPN(s) then 'net ads setspn add' should be used instead.

Local authorization plugin for MIT Kerberos

This plugin controls the relationship between Kerberos principals and AD accounts through winbind. The module receives the Kerberos principal and the local account name as inputs and can then check if they match. This can resolve issues with canonicalized names returned by Kerberos within AD. If the user tries to log in as 'alice', but the samAccountName is set to ALICE (uppercase), Kerberos would return ALICE as the username. Kerberos would not be able to map 'alice' to 'ALICE' in this case and auth would fail. With this plugin account names can be correctly mapped. This only applies to GSSAPI authentication, not for getting the initial ticket granting ticket.

VFS audit modules

The vfs_full_audit module has changed its default set of monitored successful and failed operations from "all" to "none". That helps to prevent potential denial of service caused by simple addition of the module to the VFS objects.

Also, modules vfs_audit, vfs_ext_audit and vfs_full_audit now accept any valid syslog(3) facility, in accordance with the manual page.

Database audit support

Changes to the Samba AD's sam.ldb database are now logged to Samba's debug log under the "dsdb_audit" debug class and "dsdb_json_audit" for JSON formatted log entries.

Transaction commits and roll backs are now logged to Samba's debug logs under the "dsdb_transaction_audit" debug class and "dsdb_transaction_json_audit" for JSON formatted log entries.

Password change audit support

Password changes in the AD DC are now logged to Samba's debug logs under the "dsdb_password_audit" debug class and "dsdb_password_json_audit" for JSON formatted log entries.

Group membership change audit support

Group membership changes on the AD DC are now logged to Samba's debug log under the "dsdb_group_audit" debug class and "dsdb_group_json_audit" for JSON formatted log entries.

Log Authentication duration

For NTLM and Kerberos KDC authentication, the authentication duration is now logged. Note that the duration is only included in the JSON formatted log entries.

JSON library Jansson required for the AD DC

By default, the Jansson JSON library is required for Samba to build. It is strictly required for the Samba AD DC, and is optional for builds "--without-ad-dc" by specifying "--without-json-audit" at configure time.

New Experimental LMDB LDB backend

A new Experimental LDB backend using LMDB is now available. This allows databases larger than 4Gb (Currently the limit is set to 6Gb, but this will be increased in a future release). To enable lmdb, provision or join a domain using the "--backend-store=mdb" option.

This requires that a version of lmdb greater than 0.9.16 is installed and that samba has not been built with the "--without-ldb-lmdb" option.

Please note this is an experimental feature and is not recommended for production deployments.

Password Settings Objects

Support has been added for Password Settings Objects (PSOs). This AD feature is also known as Fine-Grained Password Policies (FGPP).

PSOs allow AD administrators to override the domain password policy settings for specific users, or groups of users. For example, PSOs can force certain users to have longer password lengths, or relax the complexity constraints for other users, and so on. PSOs can be applied to groups or to individual users. When multiple PSOs apply to the same user, essentially the PSO with the best precedence takes effect.

PSOs can be configured and applied to users/groups using the 'samba-tool domain passwordsettings pso' set of commands.

Domain backup and restore

A new 'samba-tool' command has been added that allows administrators to create a backup-file of their domain DB. In the event of a catastrophic failure of the domain, this backup-file can be used to restore Samba services.

The new 'samba-tool domain backup online' command takes a snapshot of the domain DB from a given DC. In the event of a catastrophic DB failure, all DCs in the domain should be taken offline, and the backup-file can then be used to recreate a fresh new DC, using the 'samba-tool domain backup restore' command. Once the backed-up domain DB has been restored on the new DC, other DCs can then subsequently be joined to the new DC, in order to repopulate the Samba network.

Domain rename tool

Basic support has been added for renaming a Samba domain. The rename feature is designed for the following cases:

  1. Running a temporary alternate domain, in the event of a catastrophic failure of the regular domain. Using a completely different domain name and realm means that the original domain and the renamed domain can both run at the same time, without interfering with each other. This is an advantage over creating a regular 'online' backup - it means the renamed/alternate domain can provide core Samba network services, while trouble-shooting the fault on the original domain can be done in parallel.
  2. Creating a realistic lab domain or pre-production domain for testing.

Note that the renamed tool is currently not intended to support a long-term rename of the production domain. Currently renaming the GPOs is not supported and would need to be done manually.

The domain rename is done in two steps:

first, the 'samba-tool domain backup rename' command will clone the domain DB, renaming it in the process, and producing a backup-file.
Then, the 'samba-tool domain backup restore' command takes the backup-file and restores the renamed DB to disk on a fresh DC.

New samba-tool options for diagnosing DRS replication issues

The 'samba-tool drs showrepl' command has two new options controlling the output. With --summary, the command says very little when DRS replication is working well. With --json, JSON is produced. These options are intended for human and machine audiences, respectively.

The 'samba-tool visualize uptodateness' visualizes replication lag as a heat-map matrix based on the DRS uptodateness vectors. This will show you if (but not why) changes are failing to replicate to some DCs.

Automatic site coverage and GetDCName improvements

Samba's AD DC now automatically claims otherwise empty sites based on which DC is the nearest in the replication topology.

This, combined with efforts to correctly identify the client side in the GetDCName Netlogon call will improve service to sites without a local DC.

Improved 'samba-tool computer' command

The 'samba-tool computer' command allow manipulation of computer accounts including creating a new computer and resetting the password. This allows an 'offline join' of a member server or workstation to the Samba AD domain.

New 'samba-tool ou' command

The new 'samba-tool ou' command allows to manage organizational units.

Available subcommands are:

 create       - Create an organizational unit.
 delete       - Delete an organizational unit.
 list         - List all organizational units
 listobjects  - List all objects in an organizational unit.
 move         - Move an organizational unit.
 rename       - Rename an organizational unit.

In addition to the ou commands, there are new subcommands for the user and group management, which can make use of the organizational units:

 group move   - Move a group to an organizational unit/container.
 user move    - Move a user to an organizational unit/container.
 user show    - Display a user AD object.

Samba performance tool now operates against Microsoft Windows AD

The Samba AD performance testing tool 'traffic_reply' can now operate against a Windows based AD domain. Previously it only operated correctly against Samba.

DNS entries are now cleaned up during DC demote

DNS records are now cleaned up as part of the 'samba-tool domain demote' including both the default and '--remove-other-dead-server' modes.

Additionally, DNS records can be automatically cleaned up for a given name with the 'samba-tool dns cleanup' command, which aids in cleaning up partially removed DCs.

samba-tool ntacl sysvolreset is now much faster

The 'samba-tool ntacl sysvolreset' command, used on the Samba AD DC, is now much faster than in previous versions, after an internal rework.

Samba now tested with CI GitLab

Samba developers now have pre-commit testing available in GitLab, giving reviewers confidence that the submitted patches pass a full CI before being submitted to the Samba Team's own autobuild system.

Dynamic DNS record scavenging support

It is now possible to enable scavenging of DNS Zones to remove DNS records that were dynamically created and have not been touched in some time.

This support should however only be enabled on new zones or new installations. Sadly old Samba versions suffer from BUG #12451 and mark dynamic DNS records as static and static records as dynamic. While a dbcheck rule may be able to find these in the future, currently a reliable test has not been devised.

Finally, there is not currently a command-line tool to enable this feature, currently it should be enabled from the DNS Manager tool from Windows. Also the feature needs to have been enabled by setting the smb.conf parameter "dns zone scavenging = yes".

Improved support for trusted domains (as AD DC)

The support for trusted domains/forests has been further improved.

External domain trusts, as well a transitive forest trusts, are supported in both directions (inbound and outbound) for Kerberos and NTLM authentication.

The following features are new in 4.9 (compared to 4.8):

  • It's now possible to add users/groups of a trusted domain into domain groups. The group memberships are expanded on trust boundaries.
  • foreignSecurityPrincipal objects (FPO) are now automatically created when members (as SID) of a trusted domain/forest are added to a group.
  • The 'samba-tool group *members' commands allow members to be specified as foreign SIDs.

However there are currently still a few limitations:

  • Both sides of the trust need to fully trust each other!
  • No SID filtering rules are applied at all!
  • This means DCs of domain A can grant domain admin rights in domain B.
  • Selective (CROSS_ORGANIZATION) authentication is not supported. It's possible to create such a trust, but the KDC and winbindd ignore them.
  • Samba can still only operate in a forest with just one single domain.

CTDB changes

There are many changes to CTDB in this release.

  • Configuration has been completely overhauled
  • Daemon and tool options are now specified in a new ctdb.conf Samba-style configuration file. See ctdb.conf(5) for details.
  • Event script configuration is no longer specified in the top-level configuration file. It can now be specified per event script. For example, configuration options for the 50.samba event script can be placed alongside the event script in a file called 50.samba.options. Script options can also be specified in a new script.options file. See ctdb-script.options(5) for details.
  • Options that affect CTDB startup should be configured in the distribution-specific configuration file. See ctdb.sysconfig(5) for details.
  • Tunable settings are now loaded from ctdb.tunables. Using CTDB_SET_TunableVariable=<value> in the main configuration file is no longer supported. See ctdb-tunables(7) for details.
A example script to migrate an old-style configuration to the new style is available in ctdb/doc/examples/config_migrate.sh.
  • The following configuration variables and corresponding ctdbd command-line options have been removed and not replaced with counterparts in the new configuration scheme:
   CTDB_PIDFILE                      --pidfile
   CTDB_SOCKET			     --socket
   CTDB_NODES			     --nlist
   CTDB_PUBLIC_ADDRESSES	     --public-addresses
   CTDB_EVENT_SCRIPT_DIR	     --event-script-dir
   CTDB_NOTIFY_SCRIPT		     --notification-script
   CTDB_PUBLIC_INTERFACE	     --public-interface
   CTDB_MAX_PERSISTENT_CHECK_ERRORS  --max-persistent-check-errors
  • ify.d/ subdirectory of the configuration directory are now run by unconditionally.
  • Interfaces for public IP addresses must always be specified in the
public_addresses file using the currently supported format.
Some related items that have been removed are:
  • The ctdb command's --socket command-line option
  • The ctdb command's CTDB_NODES environment variable
When writing tests there are still mechanisms available to change the locations of certain directories and files.
  • The following ctdbd.conf and ctdbd options have been replaced by new ctdb.conf options:
   CTDB_LOGGING/--logging                     logging  -> location
   CTDB_DEBUGLEVEL/-d                         logging  -> log level
   CTDB_TRANSPORT/--transport                 cluster  -> transport
   CTDB_NODE_ADDRESS/--listen                 cluster  -> node address
   CTDB_RECOVERY_LOCK/--reclock               cluster  -> recovery lock
   CTDB_DBDIR/--dbdir                         database -> volatile database directory
   CTDB_DBDIR_PERSISTENT/--dbdir-persistent   database -> peristent database directory
   CTDB_DBDIR_STATE/--dbdir-state             database -> state database directory
   CTDB_DEBUG_LOCKS                           database -> lock debug script
   CTDB_DEBUG_HUNG_SCRIPT                     event    -> debug script
   CTDB_NOSETSCHED/--nosetsched               legacy   -> realtime scheduling
   CTDB_CAPABILITY_RECMASTER/--no-recmaster   legacy   -> recmaster capability
   CTDB_CAPABILITY_LMASTER/--no-lmaster       legacy   -> lmaster capability
   CTDB_START_AS_STOPPED/--start-as-stopped   legacy   -> start as stopped
   CTDB_START_AS_DISABLED/--start-as-disabled legacy   -> start as disabled
   CTDB_SCRIPT_LOG_LEVEL/--script-log-level   legacy   -> script log level
  • Event scripts have moved to the scripts/legacy subdirectory of the configuration directory
Event scripts must now end with a ".script" suffix.
  • The "ctdb event" command has changed in 2 ways:
  • A component is now required for all commands
In this release the only valid component is "legacy".
  • There is no longer a default event when running "ctdb event status"
Listing the status of the "monitor" event is now done via:
ctdb event status legacy monitor
See ctdb(1) for details.
  • The following service-related event script options have been removed:
   CTDB_MANAGES_SAMBA
   CTDB_MANAGES_WINBIND
   CTDB_MANAGES_CLAMD
   CTDB_MANAGES_HTTPD
   CTDB_MANAGES_ISCSI
   CTDB_MANAGES_NFS
   CTDB_MANAGES_VSFTPD
   CTDB_MANAGED_SERVICES
Event scripts for services are now disabled by default. To enable an event script and, therefore, manage a service use a command like the following:
   ctdb event script enable legacy 50.samba
  • Notification scripts have moved to the scripts/notification subdirectory of the configuration directory
Notification scripts must now end with a ".script" suffix.
  • Support for setting CTDB_DBDIR=tmpfs has been removed
This feature has not been implemented in the new configuration system. If this is desired then a tmpfs filesystem should be manually mounted on the directory pointed to by the "volatile database directory" option. See ctdb.conf(5) for more details.
  • The following tunable options are now ctdb.conf options:
   DisabledIPFailover    failover -> disabled
   TDBMutexEnabled       database -> tdb mutexes
  • Support for the NoIPHostOnAllDisabled tunable has been removed
If all nodes are unhealthy or disabled then CTDB will not host public IP addresses. That is, CTDB now behaves as if NoIPHostOnAllDisabled were set to 1.
  • The onnode command's CTDB_NODES_FILE environment variable has been removed
The -f option can still be used to specify an alternate node file.
  • The 10.external event script has been removed
  • The CTDB_SHUTDOWN_TIMEOUT configuration variable has been removed
As with other daemons, if ctdbd does not shut down when requested then manual intervention is required. There is no safe way of automatically killing ctdbd after a failed shutdown.
  • CTDB_SUPPRESS_COREFILE and CTDB_MAX_OPEN_FILES configuration variable have been removed
These should be setup in the systemd unit/system file or, for SYSV init, in the distribution-specific configuration file for the ctdb service.
  • CTDB_PARTIALLY_ONLINE_INTERFACES incompatibility no longer enforced
11.natgw and 91.lvs will no longer fail if CTDB_PARTIALLY_ONLINE_INTERFACES=yes. The incompatibility is, however, well documented. This option will be removed in future and replaced by sensible behaviour where public IP addresses simply switch interfaces or become unavailable when interfaces are down.
  • Configuration file /etc/ctdb/sysconfig/ctdb is no longer supported

GPO Improvements

The 'samba_gpoupdate' command (used in applying Group Policies to the samba machine itself) has been renamed to 'samba_gpupdate' and had the syntax changed to better match the same tool on Windows.

REMOVED FEATURES

smb.conf changes

As the most popular Samba install platforms (Linux and FreeBSD) both support extended attributes by default, the parameters "map readonly", "store dos attributes" and "ea support" have had their defaults changed to allow better Windows fileserver compatibility in a default install.

 Parameter Name                     Description             Default
 --------------                     -----------             -------
 map readonly                       Default changed              no
 store dos attributes               Default changed             yes
 ea support                         Default changed             yes
 full_audit:success                 Default changed            none
 full_audit:failure                 Default changed            none

VFS interface changes

The VFS ABI interface version has changed to 39. Function changes are:

SMB_VFS_FSYNC: Removed: Only async versions are used.
SMB_VFS_READ: Removed: Only PREAD or async versions are used.
SMB_VFS_WRITE: Removed: Only PWRITE or async versions are used.
SMB_VFS_CHMOD_ACL: Removed: Only CHMOD is used.
SMB_VFS_FCHMOD_ACL: Removed: Only FCHMOD is used.

Any external VFS modules will need to be updated to match these changes in order to work with 4.9.x.

CHANGES SINCE 4.9.0rc5

  • Björn Baumbach <bb at sernet.de>
  • BUG #13605: samba_dnsupdate: Honor 'dns zone scavenging' option, only update if needed.
  • Andreas Schneider <asn at samba.org>

CHANGES SINCE 4.9.0rc4

  • Jeremy Allison <jra@samba.org>
  • BUG #13565: s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames.
  • Paulo Alcantara <paulo@paulo.ac>
  • BUG #13578: s3: util: Do not take over stderr when there is no log file.
  • Ralph Boehme <slow@samba.org>
  • BUG #13549: Durable Reconnect fails because cookie.allow_reconnect is not set.
  • Alexander Bokovoy <ab@samba.org>
  • BUG #13539: krb5-samba: Interdomain trust uses different salt principal.
  • Volker Lendecke <vl@samba.org>
  • BUG #13441: vfs_fruit: Don't unlink the main file.
  • BUG #13602: smbd: Fix a memleak in async search ask sharemode.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #11517: Fix Samba GPO issue when Trust is enabled.
  • BUG #13539: samba-tool: Add "virtualKerberosSalt" attribute to 'user getpassword/syncpasswords'.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13589: Fix CTDB configuration issues.
  • BUG #13592: ctdbd logs an error until it can successfully connect to eventd.

CHANGES SINCE 4.9.0rc3

  • Jeremy Allison <jra@samba.org>
  • BUG #13585: s3: smbd: Ensure get_real_filename() copes with empty pathnames.
  • Tim Beale <timbeale@catalyst.net.nz>
  • BUG #13566: samba domain backup online/rename commands force user to specify password on CLI.
  • Alexander Bokovoy <ab@samba.org>
  • BUG #13579: wafsamba/samba_abi: Always hide ABI symbols which must be local.
  • Volker Lendecke <vl@samba.org>
  • BUG #13584: Fix a panic if fruit_access_check detects a locking conflict.
  • Andreas Schneider <asn@samba.org>
  • Martin Schwenke <martin@meltin.net>
  • BUG #13588: Aliasing issue causes incorrect IPv6 checksum.
  • BUG #13589: Fix CTDB configuration issues.
  • Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
  • BUG #13568: s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv().

CHANGES SINCE 4.9.0rc2

  • Jeremy Allison <jra@samba.org>
  • Andrew Bartlett <abartlet@samba.org>
  • BUG #13374: CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140
  • BUG #13552: CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user.
  • Tim Beale <timbeale@catalyst.net.nz>
  • Samuel Cabrero <scabrero@suse.de>
  • BUG #13540: ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler.
  • Günther Deschner <gd@samba.org>
  • David Disseldorp <ddiss@samba.org>
  • BUG #13540: ctdb_mutex_ceph_rados_helper: Fix deadlock via lock renewals.
  • Andrej Gessel <Andrej.Gessel@janztec.com>
  • Amitay Isaacs <amitay@gmail.com>
  • Volker Lendecke <vl@samba.org>
  • BUG #13553: Fix CIDs 1438243, (Unchecked return value) 1438244 (Unsigned compared against 0), 1438245 (Dereference before null check) and 1438246 (Unchecked return value).
  • BUG #13554: ctdb: Fix a cut&paste error.
  • Oleksandr Natalenko <oleksandr@redhat.com>
  • BUG #13559: systemd: Only start smb when network interfaces are up.
  • Noel Power <noel.power@suse.com>
  • BUG #13553: Fix quotas don't work with SMB2.
  • BUG #13563: s3/smbd: Ensure quota code is only called when quota support detected.
  • Anoop C S <anoopcs@redhat.com>
  • BUG #13204: s3/libsmb: Explicitly set delete_on_close token for rmdir.
  • Andreas Schneider <asn@samba.org>
  • BUG #13561: s3:waf: Install eventlogadm to /usr/sbin.
  • Justin Stephenson <jstephen@redhat.com>
  • BUG #13562: Shorten description in vfs_linux_xfs_sgid manual.


CHANGES SINCE 4.9.0rc1

  • Jeremy Allison <jra@samba.org>
  • BUG #13537: s3: smbd: Using "sendfile = yes" with SMB2 can cause CPU spin.
  • Ralph Boehme <slow@samba.org>
  • BUG #13535: s3: smbd: Fix path check in smbd_smb2_create_durable_lease_check().
  • Alexander Bokovoy <ab@samba.org>
  • BUG #13538: samba-tool trust: Support discovery via netr_GetDcName.
  • BUG #13542: s4-dsdb: Only build dsdb Python modules for AD DC.
  • Amitay Isaacs <amitay@gmail.com>
  • Gary Lockyer <gary@catalyst.net.nz>
  • BUG #13536: DNS wildcard search does not handle multiple labels correctly.
  • Stefan Metzmacher <metze@samba.org>
  • BUG #13308: samba-tool domain trust: Fix trust compatibility to Windows Server 1709 and FreeIPA.
  • Martin Schwenke <martin@meltin.net>
  • BUG #13520: Fix portability issues on freebsd.
  • BUG #13545: ctdb-protocol: Fix CTDB compilation issues.
  • BUG #13546: ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option.
  • BUG #13550: ctdb-doc: Provide an example script for migrating old configuration.
  • BUG #13551: ctdb-event: Implement event tool "script list" command.

KNOWN ISSUES

Release_Planning_for_Samba_4.9#Release_blocking_bugs

 https://www.samba.org/samba/history/samba-4.9.0.html