Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available under the GNU General Public License.
Please read these instructions on how to verify the GPG signature for Samba releases.
Latest Samba 3.0 security release: Samba 3.0.5
gzipped
release notes
signature
Latest Samba 2.2 security release: Samba 2.2.10
gzipped
release notes
signature
The second release candidate of Samba 3.0.6 is now available for download. Previously released snapshots in this series were referred to as 3.0.5pre1 and 3.0.5rc1. These were later renamed as the 3.0.6 series due to the 3.0.5 security release. Samba 3.0.6rc2 can be downloaded in gzipped format. The GPG signature is for the uncompressed tarball. There have been several bug fixes since the 3.0.4/5 release that we feel are important to make available to the Samba community for wider testings. This release is not intended for production servers. Use at your own risk. All testing is very much appreciated. Please refer to the Release Notes for descriptions of the exact changes.
RPMS for RedHat 8/9 and Fedora Core 1/2 can also be downloaded.
Two potential buffer overruns have been discovered in Samba >= 3.0.2 CAN-2004-0600,CAN-2004-0686). One of these issues, CAN-2004-0686, also affects Samba 2.2.x. Samba administrators are encouraged to review the 3.0.5 and 2.2.10 release notes and upgrade any affected servers. Samba 3.0.5 and 2.2.10 are identical to the previous release in each respective series with the exception of fixing these issues. Samba 3.0.5rc1 has been removed from the download area on Samba.org and 3.0.6rc2 will be available later this week.
The 3.0.5 and 2.2.10 releases are available for download including the gpg signatures of the uncompressed tarballs. Binary packages for various platforms will be available following the initial release.
A security release page has been added to samba.org. The page lists all security releases since Samba 2.0.0. An overview is provided by date of release and features a quick-glance overview of the security concern, affected releases, and download links. A link is provided to full release notes for those requiring more in-depth information.
A link to the page has been added to the navigation menu at the top of each page. Or go directly to the new Samba security page here.
October 1, 2004 has been designated as the end-of-life (EOL) for the Samba 2.2 codebase. Samba 2.2 has been in maintenance mode since the release of v3.0.0 last September. With this announcement it is being officially announced that there will be no further 2.2 releases (including security fixes) following the October 1 deadline. All Samba administrators are encouraged to upgrade aging Samba 2.x servers to Samba v3.0.5.
Vance is joining the Samba Team as maintainer of the build farm. Vance has been around Samba for a while now. He has previous contributions to the build farm and has worked on Samba's documentation, and though he didn't consider himself a C programmer at the time, he did build the 'build options' support for smbd. We are glad to welcome Vance to the team!
The first preview release of Samba 3.0.5 is now available for download in gzipped format. The GPG signature is for the uncompressed tarball. There have been several bug fixes since the 3.0.4 release that we feel are important to make available to the Samba community for wider testings. This release is not intended for production servers. Use at your own risk. Please refer to the Release Notes for descriptions of the exact changes.
ATTENTION! NEW BEHAVIOR!
Beginning with Samba 3.0.5pre1, clients supporting the UNIX extensions to the CIFS protocol can create symlinks to absolute paths which will be followed by the server. This functionality has been requested in order to correctly support certain applications when the user's home directory is mounted using some type of CIFS client (e.g. the cifsvfs in the Linux 2.6 kernel).
If this behavior is not acceptable for your production environment, you can set wide links = no in the specific share declaration in the server's smb.conf. Be aware that disabling wide link support out of a share in Samba may impact the server's performance due to the fact that smbd will now have to check each path additional times before traversing it.
RPMS for RedHat 8/9 and Fedora Core 1 can also be downloaded.
Please use the closest mirror site for these web pages. The popularity of Samba puts a strain on our network. By using a mirror site you can do your bit to reduce the load.