- ================================
- Release Notes for Samba 3.6.0rc3
- July , 2011
- ================================
+ =============================
+ Release Notes for Samba 3.6.6
+ May 24, 2012
+ =============================
-This is the third release candidate of Samba 3.6.0. This is *not*
-intended for production environments and is designed for testing
-purposes only. Please report any defects via the Samba bug reporting
-system at https://bugzilla.samba.org/.
+This is is the latest stable release of Samba 3.6.
+Major enhancements in Samba 3.6.6 include:
+
+o
+
+Changes since 3.6.5:
+--------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8738: SMB2 server will not release unused shares.
+ * BUG 8749: Sign non guest sessions in SessionSetup.
+ * BUG 8921: Fix race writing registry values.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8723: Add pthread-based aio VFS module.
+ * BUG 8784: When calculating the share security mask, take priviliges into
+ account for the connecting user.
+ * BUG 8837: Fix crash in smbd when deleting directory and veto files are
+ enabled.
+ * BUG 8857: Setting traverse rights fails to enable directory traversal when
+ acl_xattr in use.
+ * BUG 8897: Make winbind_krb5_locator not only returning one IP address.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8406: Fix a return code check in Winbind.
+ * BUG 8807: Fix crash in dcerpc_lsa_lookup_sids_noalloc() crashes when
+ groups has more than 1000 groups.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8599: Only use SamLogonEx when we can get unencrypted session keys.
+ * BUG 8727: Fix smbclients with posix large reads.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 7564: Fix default name resolve order in the manpage.
+ * BUG 8554, 8612, 8748: Add new printers to registry.
+ * BUG 8789: Remove whitespace in example samba.ldif.
+
+
+o Alejandro Escanero Blanco <aescanero@gmail.com>
+ * BUG 8798: The primary rid should be in the groups rid array.
+
+
+o Ira Cooper <samba@ira.wakeful.net>
+ * BUG 8729: Fix getpass regressions on Solaris/Illumos.
+ * BUG 8743: Fix configure.developer builds on Solaris.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 8762: Fix crash in printer_list_set_printer().
+
+
+o Olaf Flebbe <o.flebbe@science-computing.de>
+ * BUG 8859: Fix assertion in reg_parse.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8869: Remove outdated netscape ds 5 schema file.
+
+
+o Steve Langasek <steve.langasek@ubuntu.com>
+ * BUG 8920: Fix null dereference in pdb_interface.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 8567: Fix segfault in dom_sid_compare.
+ * BUG 8733: Delete streams on directories (streams_depot).
+ * BUG 8760: Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY.
+ * BUG 8836: Fix segfaults on "smbcontrol close-share" in aio_fork.
+ * BUG 8861: Fix a segfault with debug level 3 on Solaris.
+ * BUG 8904: Fix Winbind crash triggered by 'wbinfo --lookup-sids ""'.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 8139: Ignore SMBecho errors (the server may not support it).
+ * BUG 8527: db_ctdb_traverse fails to traverse records created within the
+ current transaction.
+ * BUG 8739: Fill the sids array of the info in
+ wbcAuthUserInfo_to_netr_SamInfo3().
+ * BUG 8749: Sign non guest sessions in SessionSetup.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 8599: Set the can_do_validation6 also for trusted domain.
+ * BUG 8734: Don't try to do clever thing if the username is not found while
+ authenticating through Winbind.
+ * BUG 8771: Winbind takes up to 20 minutes to change from DC 1 to DC 2.
+
+
+o SATOH Fumiyasu <fumiyas@osstech.co.jp>
+ * BUG 8826: Prepend '/' to filename argument (docs).
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 8768: Honor SeTakeOwnershipPrivilege when file opened with SEC_STD_WRITE_OWNER.
+ * BUG 8797: Correctly handle DENY ACEs when privileges apply.
+ * BUG 8822: Fix building out-of-tree modules.
+
+
+o Simo Sorce <idra@samba.org>
+ * BUG 8915: Fix pam_winbind build against newer iniparser library.
+
+
+o Joseph Tam <jtam.home@gmail.com>
+ * BUG 8877: Syslog broken owing to mistyping of debug_settings.syslog.
+
+
+o Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
+ * BUG 8845: Move print_backend_init() behind init_system_info().
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
+ Release Notes for Samba 3.6.5
+ April 30, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.6.4:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.4
+ April 10, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-1182 ("root" credential remote code execution).
+
+o CVE-2012-1182:
+ Samba 3.0.x to 3.6.3 are affected by a
+ vulnerability that allows remote code
+ execution as the "root" user.
+
+
+Changes since 3.6.3:
+--------------------
+
+
+o Stefan Metzmacher <metze@samba.org>
+ *BUG 8815: PIDL based autogenerated code allows overwriting beyond of
+ allocated array (CVE-2012-1182).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.3
+ January 29, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-0817 (Memory leak/Denial of service).
+
+o CVE-2012-0817:
+ The Samba File Serving daemon (smbd) in Samba versions
+ 3.6.0 to 3.6.2 is affected by a memory leak that can
+ cause a server denial of service.
+
+
+Changes since 3.6.2:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+o Ira Cooper <samba@ira.wakeful.net>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.2
+ January 25, 2012
+ =============================
+
+
+This is the latest stable release of Samba 3.6.
+
+Major enhancements in Samba 3.6.2 include:
+
+o Make Winbind receive user/group information (bug #8371).
+o Several SMB2 fixes.
+
+
+Changes since 3.6.1:
+--------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8528: Fix SEGFAULT from net registry export on not zero terminated
+ REG_SZ values.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8541: readlink() on Linux clients fails if the symlink target is
+ outside of the share.
+ * BUG 8542: smbclient posix_open command fails to return correct info on
+ open file.
+ * BUG 8548: winbind_samlogon_retry_loop ignores logon_parameters flags.
+ * BUG 8561: Password change settings not fully observed.
+ * BUG 8562: Fix double free error in talloc.
+ * BUG 8614: Ensure we correctly calculate reply credits over all returned
+ SMB2 replies.
+ * BUG 8631: POSIX ACE x permission becomes rx following mapping to and from
+ a DACL.
+ * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still
+ set SEC_DESC_DACL_PRESENT in the type field.
+ * BUG 8644: vfs_acl_xattr and vfs_acl_tdb modules can fail to add
+ inheritable entries on a directory with no stored ACL.
+ * BUG 8663: Fix deleting a symlink if the symlink target is outside of
+ * the share.
+ * BUG 8664: Fix renaming a symlink if the symlink target is outside of
+ the share.
+ * BUG 8673: Fix NT ACL issue.
+ * BUG 8674: Fix buffer overflow issue with AES encryption in samba traffic
+ analyzer.
+ * BUG 8679: recvfile code path using splice() on Linux leaves data in the
+ pipe on short write.
+ * BUG 8687: Fix typo in 'net memberships' usage.
+ * BUG 8710: Fix major leak with SMB2 in connections.tdb.
+ * Fix a crash bug in the spoolss code.
+ * Add new contributing FAQ announcing acceptance of corporate (C).
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8444: Add an allocation pool to idmap_autorid.
+ * BUG 8585: Increase a debug level.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8623: Fix crash bug when trying to browse Samba printers.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 8580: Enable inotify if sys or kernel inotify is available.
+ * BUG 8618: Fix migrate printer code.
+
+
+o Gregor Beck <gbeck@sernet.de>
+ * BUG 8528: Fix SEGFAULT from net registry export on not zero terminated
+ REG_SZ values.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7465: Remove pointless use_memory_krb5_ccache.
+ * BUG 8176: Fix perl path.
+ * BUG 8591: Fix marshalling of samr_ChangePasswordUser3.
+ * BUG 8692: libads: Fix malloc/talloc mismatch in
+ ads_keytab_verify_ticket().
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 4942: DeletePrinterDriverEx deletes files in use.
+ * BUG 8575: Add systemd service files.
+ * BUG 8606: Fix intermittent print job failures caused by character
+ conversion errors.
+ * BUG 8697: Make DeletePrinterDriverEx remove printer driver files.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8531: Make DSO_EXPORTS_CMD more portable.
+ * BUG 8616: Allow to set TCP_NODELAYACK socket option on AIX.
+ * BUG 8652: Document the "ignore system acls" option of vfs_acl_xattr and
+ vfs_acl_tdb vfs modules.
+
+
+o Frank Lahm <franklahm@googlemail.com>
+ * BUG 8419: Make VFS op "streaminfo" stackable.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 8371: Make Winbind receive user/group information.
+ * BUG 8639: Fix the vfs_commit module.
+ * BUG 8686: Packet validation checks can be done before length validation
+ causing uninitialized memory read.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 5326: Fix cli_write_and_x() against OS/2 print shares.
+ * BUG 8357: Grant credits in async interim responses (SMB2).
+ * BUG 8560: Make SMB2 handle compound request headers in the same way
+ as Windows.
+ * BUG 8573: Fix alignment in the non-extended-security negprot.
+ * BUG 8586: libsmb: Only align unicode pipe_name.
+ * BUG 8579: smb2_flush: Don't send uninitialized memory.
+ * BUG 8592: Don't limit the number of open dptrs for SMB2.
+ * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram().
+ * BUG 8684: Try ctdbd_init_connection() as root.
+
+
+o Masafumi Nakayama <MASA23@jp.ibm.com>
+ * BUG 563: Fix 'smbclient tar' for files greater than 8GB on BE machines.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 8600: Make cldap work over IPv6.
+ * BUG 8674: Fix buffer overflow issue with AES encryption in samba traffic
+ analyzer.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 8550: Fix setting the machine account password.
+ * BUG 8575: Add systemd service files.
+ * BUG 8608: Winbind: Don't fail on users without a uid.
+ * BUG 8628: libsmb: Don't duplicate Kerberos service tickets.
+ * BUG 8643: Add an update function for Winbind cache.
+ * BUG 8678: Fix Winbind segfault if we can't map the last user.
+
+
+o Karolin Seeger <kseeger@samba.org>
+ * BUG 7705: Fix some RHEL packaging issues.
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 8607: Improve configure.in so it can be used outside the Samba source
+ tree.
+
+
+o Brad Smith <brad@comstyle.com>
+ * BUG 8525: Fix bug with sys_fseek() wrapper on *BSD / OS X).
+
+
+o Henry Wong <henry@stuffedcow.net>
+ * BUG 8384: Fix Windows XP clients crashing smbd process every once in a
+ while.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.1
+ October 20, 2011
+ =============================
+
+
+This is the latest stable release of Samba 3.6.
+
+Major enhancements in Samba 3.6.1 include:
+
+o Fix smbd crashes triggered by Windows XP clients (bug #8384).
+o Fix a Winbind race leading to 100% CPU load (bug #8409).
+o Several SMB2 fixes.
+o The VFS ACL modules are no longer experimental but production-ready.
+
+
+Changes since 3.6.0:
+--------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8368: Fix the fallback to the deprecated spelling idmap:script.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7509: smb_acl_to_posix: ACL is invalid for set (Invalid argument).
+ * BUG 8229: Fix 'widelinks' regression.
+ * BUG 8370: Fix vfs_chown_fsp.
+ * BUG 8412: Fix "saving as" of MS Office 2007 (Word) documents on Samba
+ shares with SMB2.
+ * BUG 8422: Fix infinite loop in ACL module code.
+ * BUG 8429: Compound SMB2 requests on an IPC connection can corrupt the
+ reply stream.
+ * BUG 8443: Be smarter about setting default permissions when a ACL_USER_OBJ
+ isn't given.
+ * BUG 8453: Fix smbclient segfaults when dialect option -m is used for
+ legacy dialects.
+ * BUG 8458: IE9 on Windows 7 cannot download files to samba 3.5.11 share.
+ * BUG 8473: smb2_find uses a hard coded max reply size of 0x10000 instead of
+ smb2_max_trans.
+ * BUG 8474: SMB2 create doesn't cope with an Apple client using NULL blob in
+ create.
+ * BUG 8476: Samba asserts when SMB2 client breaks the crediting rules.
+ * BUG 8477: Map to guest can return uninitialized blob of data.
+ * BUG 8493: DFS breaks zip file extracting unless "follow symlinks = no"
+ set.
+ * BUG 8494: Remove "experimental" label on VFS ACL modules.
+ * BUG 8507: smbd doesn't correctly honor the "force create mode" bits from a
+ cifsfs create.
+ * BUG 8509: Read-only handles on SAMR allow SAMR_DOMAIN_ACCESS_CREATE_USER.
+ * BUG 8521: Winbind cache timeout expiry test was reversed.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8428: Fix wrong reply to DHnC (durable handle reconnect).
+ * BUG 8518: SMB2 create call returns incorrect file allocation size.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 8364: Fix the build of gpfs.c on RHEL 6.0 with gpfs 3.4.0-4.
+
+
+o Bram <fnzon@lists.wizbit.be>
+ * BUG 7551: Return error of cli_push when 'put - /some/file' is used.
+
+
+o Ira Cooper <ira@wakeful.net>
+ * BUG 8395: Optimize serverid_exists() for Solaris.
+ * BUG 8442: NFSv4 DENY ACLs always include SYNCHRONIZE flag - blocking
+ renames.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 8401: registry/reg_format.c must include includes.h.
+ * BUG 7465: Fix 'net ads join -k' when KRB5CCNAME is not set.
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 8480: acl_xattr can free an invalid pointer if no blob is loaded.
+ * BUG 8520: Fix SMB2 SMB2_OP_GETINFO and SMB2_OP_IOCTL parsing requirements.
+
+
+o Wilco Baan Hofman <wilco@baanhofman.nl>
+ * BUG 8455: Fix uninitialized memory problem in group_sids_to_info3.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8256: Add man vfs_aio_fork.
+ * BUG 8363: Fix build of vfs_prealloc on SLES8.
+
+
+o Volodymyr Khomenko <Volodymyr_Khomenko@dell.com>
+ * BUG 8515: Disallow "." in can_set_delete_on_close().
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7864: Fix usage of cli_errstr().
+ * BUG 8334: smb2: smbd logs "Invalid SMB packet: first request: 0x0008" and crashes.
+ * BUG 8338: Add a fallback for missing open&x support in MAC OS/X Lion.
+ * BUG 8360: OS/2 sends an unexpected write&x/read&x chain.
+ * BUG 8385: Fix smbclient access to NT4 shares.
+ * BUG 8409: Fix a Winbind race leading to 100% CPU load.
+ * BUG 8420: Fix 'getent group' if trusted domains are not reachable.
+ * BUG 8433: Fix segfault in iconv.c.
+ * BUG 8455: Samba PDC is looking up only primary user group.
+
+
+o Herb Lewis <hlewis@panasas.com>
+ * BUG 8365: Fix warning messages on Freebsd 4.6.2.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 8407: SMB2 server can return requests out-of-order when processing
+ a compound request.
+ * BUG 8452: Check the wct of the incoming SMBnegprot responses.
+ * BUG 8473: smb2_find uses a hard coded max reply size of 0x10000 instead of
+ smb2_max_trans.
+ * BUG 8476: Don't call smbd_terminate_connection in
+ smb2_validate_message_id().
+ * BUG 8503: SMB2_OP_CANCEL requests don't have to be signed.
+ * BUG 8520: Fix SMB2 SMB2_OP_GETINFO and SMB2_OP_IOCTL parsing requirements.
+
+
+o SATOH Fumiyasu <fumiyas@osstech.co.jp>
+ * BUG 8390: Fix the build of vfs_aixacl2.c.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 8236: Empty notify servername.
+ * BUG 8351: While migrating forms, don't fail if the form already exists.
+
+
+o Andrew Tridgell <tridge@samba.org>
+ * BUG 8384: Fix smbd crashes triggered by Windows XP clients.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.0
+ August 9, 2011
+ =============================
+
+
+This is the first release of Samba 3.6.0.
Major enhancements in Samba 3.6.0 include:
multicast dns register New Yes
ncalrpc dir New
send spnego principal New No
- smb2 max credits New 128
+ smb2 max credits New 8192
smb2 max read New 1048576
smb2 max trans New 1048576
smb2 max write New 1048576
* Add an Endpoint Mapper daemon.
+Changes since 3.6.0rc3
+----------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8327: Fix the reload of the configuration, also reload activated
+ registry shares.
+ * BUG 8328: Cleanup of idmap_tdb2 code.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7462: Make SA_RESETHAND conditional on its existance.
+ * BUG 8324: smbclient cannot list directories from a big-endian machine.
+ * BUG 8335: File copy aborts with smb2_validate_message_id: bad message_id.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8330: Fix NFSv4 ACL merging logic.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8326: WinXP cannot join a Samba3 domain with a 'even' hostname.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 8303: db_ctdb_send_schedule_for_deletion() is not defined.
+
+
+o Alban Browaeys <prahal@yahoo.com>
+ * BUG 8341: Fix segfault in libsmbclient.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8362: Fix build issue on old glibc systems.
+
+
+o Volker Lendecke <vlendec@samba.org>
+ * BUG 8343: Fix SMB2 crash reading with aio_fork beyond the end of file.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 8347: Fix regression for HP-UX, AIX and OSF.
+ * BUG 8357: Make sure we grant credits on async read/write operations.
+ * BUG 8358: Fix a bug in run_poll_events().
+
+
Changes since 3.6.0rc2
----------------------
* BUG 8254: Fix "acl check permissions = no".
* BUG 8293: Fix log file rotating in SMB2.
* BUG 8304: Fix uninitialized variable in error path.
+ * BUG 8307: brl_close_fnum does not call SMB_VFS_BRL_UNLOCK_WINDOWS on all
+ locks.
+ * BUG 8310: toupper_ascii() is broken on big-endian systems.
+ * BUG 8314: Fix smbd crash with unknown user.
o Christian Ambach <ambi@samba.org>
* BUG 8231: Fix crash bug in 'net cache get'.
* BUG 8244: Fix copying files larger than 2 GB to a Samba share.
+ * BUG 8263: Fix build with --with-fake-kaserver or --with-vfs-afsacl.
* BUG 8278: Fix smbd panic when CTDB is unhealthy.
* BUG 8286: Fix smbd crash on premature end of smb2 conn.
* BUG 8253: Fix Winbind panic if verify_idpool() fails.
+o Kai Blin <kai@samba.org>
+ * BUG 8289: Fix possible XSS attack (CVE-2011-2694).
+ * BUG 8290: Fix Cross-Site Request Forgery in SWAT (CVE-2011-2522).
+
+
o Günther Deschner <gd@samba.org>
* BUG 7888: Deal with buggy 3.0 based PDCs.
* BUG 8214: Fix smbd crash on printer driver upgrade.
o Volker Lendecke <vl@samba.org>
* BUG 7841: Explicitly pass domain_sid to wbint_LookupRids().
+ * BUG 8102: Do not allow to change file ACLs from normal domusers.
* BUG 8247: Fix Coverity ID 2582: FORWARD_NULL.
o Stefan Metzmacher <metze@samba.org>
+ * BUG 8102: Do not allow to change file ACLs from normal domusers.
* BUG 8195: Make rpc client code working against NT4 servers.
* BUG 8224: Fix the build on FreeBSD.
* BUG 8226: Use c99 initializers which are supported by old gcc 2.95
* BUG 8260: Fix DCERPC responses with fragments larger than 1024 bytes.
* BUG 8264: Fix Valgrind bugs in svcctl.
* BUG 8276: Close all sockets attached to a subnet in close_subnet().
+ * BUG 8292: Fix a major architectural flaw in the SMB2 server code.
o Andreas Schneider <asn@samba.org>