team: Add employer for Christof

[samba-web.git] / history / samba-4.14.11.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Samba 4.14.11 - Release Notes</title>
</head>
<body>
<H2>Samba 4.14.11 Available for Download</H2>
<p>
<a href="https://download.samba.org/pub/samba/stable/samba-4.14.11.tar.gz">Samba 4.14.11 (gzipped)</a><br>
<a href="https://download.samba.org/pub/samba/stable/samba-4.14.11.tar.asc">Signature</a>
</p>
<p>
<a href="https://download.samba.org/pub/samba/patches/samba-4.14.10-4.14.11.diffs.gz">Patch (gzipped) against Samba 4.14.10</a><br>
<a href="https://download.samba.org/pub/samba/patches/samba-4.14.10-4.14.11.diffs.asc">Signature</a>
</p>
<p>
<pre>
                   ===============================
                   Release Notes for Samba 4.14.11
                          December 15, 2021
                   ===============================


This is the latest stable release of the Samba 4.14 release series.

Important Notes
===============

There have been a few regressions in the security release 4.14.10:

o CVE-2020-25717: A user on the domain can become root on domain members.
                  https://www.samba.org/samba/security/CVE-2020-25717.html
                  PLEASE [RE-]READ!
                  The instructions have been updated and some workarounds
                  initially adviced for 4.14.10 are no longer required and
                  should be reverted in most cases.

o BUG-14902: User with multiple spaces (eg Fred&lt;space&gt;&lt;space&gt;Nurk) become
             un-deletable. While this release should fix this bug, it is
             adviced to have a look at the bug report for more detailed
             information, see https://bugzilla.samba.org/show_bug.cgi?id=14902.

Changes since 4.14.10
---------------------

o  Jeremy Allison &lt;jra@samba.org&gt;
   * BUG 14878: Recursive directory delete with veto files is broken.
   * BUG 14879: A directory containing dangling symlinks cannot be deleted by
     SMB2 alone when they are the only entry in the directory.

o  Andrew Bartlett &lt;abartlet@samba.org&gt;
   * BUG 14656: Spaces incorrectly collapsed in ldb attributes.
   * BUG 14694: Ensure that the LDB request has not timed out during filter
     processing as the LDAP server MaxQueryDuration is otherwise not honoured.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.
   * BUG 14902: User with multiple spaces (eg Fred&lt;space&gt;&lt;space&gt;Nurk) become un-
     deletable.

o  Ralph Boehme &lt;slow@samba.org&gt;
   * BUG 14127: Avoid storing NTTIME_THAW (-2) as value on disk
   * BUG 14922: Kerberos authentication on standalone server in MIT realm
     broken.
   * BUG 14923: Segmentation fault when joining the domain.

o  Alexander Bokovoy &lt;ab@samba.org&gt;
   * BUG 14903: Support for ROLE_IPA_DC is incomplete.

o  Stefan Metzmacher &lt;metze@samba.org&gt;
   * BUG 14788: Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before
     smbd_smb2_ioctl_send.
   * BUG 14899: winbindd doesn&apos;t start when &quot;allow trusted domains&quot; is off.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.

o  Joseph Sutton &lt;josephsutton@catalyst.net.nz&gt;
   * BUG 14694: Ensure that the LDB request has not timed out during filter
     processing as the LDAP server MaxQueryDuration is otherwise not honoured.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.


</pre>
</p>
</body>
</html>