+ ==============================
+ Release Notes for Samba 4.1.22
+ December 16, 2015
+ ==============================
+
+
+This is a security release in order to address the following CVEs:
+
+o CVE-2015-7540 (Remote DoS in Samba (AD) LDAP server)
+o CVE-2015-3223 (Denial of service in Samba Active Directory
+ server)
+o CVE-2015-5252 (Insufficient symlink verification in smbd)
+o CVE-2015-5299 (Missing access control check in shadow copy
+ code)
+o CVE-2015-5296 (Samba client requesting encryption vulnerable
+ to downgrade attack)
+o CVE-2015-8467 (Denial of service attack against Windows
+ Active Directory server)
+o CVE-2015-5330 (Remote memory read in Samba LDAP server)
+
+Please note that if building against a system libldb, the required
+version has been bumped to ldb-1.1.24. This is needed to ensure
+we build against a system ldb library that contains the fixes
+for CVE-2015-5330 and CVE-2015-3223.
+
+=======
+Details
+=======
+
+o CVE-2015-7540:
+ All versions of Samba from 4.0.0 to 4.1.21 inclusive are vulnerable to
+ an anonymous memory exhaustion attack in the samba daemon LDAP server.
+
+ A malicious client can send packets that cause the LDAP server provided
+ by the AD DC in the samba daemon process to consume unlimited memory
+ and be terminated.
+
+o CVE-2015-3223:
+ All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
+ ldb versions up to 1.1.23 inclusive) are vulnerable to
+ a denial of service attack in the samba daemon LDAP server.
+
+ A malicious client can send packets that cause the LDAP server in the
+ samba daemon process to become unresponsive, preventing the server
+ from servicing any other requests.
+
+ This flaw is not exploitable beyond causing the code to loop expending
+ CPU resources.
+
+o CVE-2015-5252:
+ All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to
+ a bug in symlink verification, which under certain circumstances could
+ allow client access to files outside the exported share path.
+
+ If a Samba share is configured with a path that shares a common path
+ prefix with another directory on the file system, the smbd daemon may
+ allow the client to follow a symlink pointing to a file or directory
+ in that other directory, even if the share parameter "wide links" is
+ set to "no" (the default).
+
+o CVE-2015-5299:
+ All versions of Samba from 3.2.0 to 4.3.2 inclusive are vulnerable to
+ a missing access control check in the vfs_shadow_copy2 module. When
+ looking for the shadow copy directory under the share path the current
+ accessing user should have DIRECTORY_LIST access rights in order to
+ view the current snapshots.
+
+ This was not being checked in the affected versions of Samba.
+
+o CVE-2015-5296:
+ Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
+ signing is negotiated when creating an encrypted client connection to
+ a server.
+
+ Without this a man-in-the-middle attack could downgrade the connection
+ and connect using the supplied credentials as an unsigned, unencrypted
+ connection.
+
+o CVE-2015-8467:
+ Samba, operating as an AD DC, is sometimes operated in a domain with a
+ mix of Samba and Windows Active Directory Domain Controllers.
+
+ All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
+ an AD DC in the same domain with Windows DCs, could be used to
+ override the protection against the MS15-096 / CVE-2015-2535 security
+ issue in Windows.
+
+ Prior to MS16-096 it was possible to bypass the quota of machine
+ accounts a non-administrative user could create. Pure Samba domains
+ are not impacted, as Samba does not implement the
+ SeMachineAccountPrivilege functionality to allow non-administrator
+ users to create new computer objects.
+
+o CVE-2015-5330:
+ All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
+ ldb versions up to 1.1.23 inclusive) are vulnerable to
+ a remote memory read attack in the samba daemon LDAP server.
+
+ A malicious client can send packets that cause the LDAP server in the
+ samba daemon process to return heap memory beyond the length of the
+ requested value.
+
+ This memory may contain data that the client should not be allowed to
+ see, allowing compromise of the server.
+
+ The memory may either be returned to the client in an error string, or
+ stored in the database by a suitabily privileged user. If untrusted
+ users can create objects in your database, please confirm that all DN
+ and name attributes are reasonable.
+
+
+Changes since 4.1.21:
+---------------------
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 11552: CVE-2015-8467: samdb: Match MS15-096 behaviour for
+ userAccountControl.
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 9187: CVE-2015-7540: Bogus LDAP request cause samba to use all the
+ memory and be ookilled.
+ * BUG 11325: CVE-2015-3223: Fix LDAP \00 search expression attack DoS.
+ * BUG 11395: CVE-2015-5252: Fix insufficient symlink verification (file
+ access outside the share).
+ * BUG 11529: CVE-2015-5299: s3-shadow-copy2: Fix missing access check on
+ snapdir.
+
+o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+ * BUG 11599: CVE-2015-5330: Fix remote read memory exploit in LDB.
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 11536: CVE-2015-5296: Add man in the middle protection when forcing
+ smb encryption on the client side.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
+ Release Notes for Samba 4.1.21
+ October 13, 2015
+ ==============================
+
+
+This is the last bugfix release of the Samba 4.1 release series.
+There will very likely be security releases beyond this point only.
+
+
+Changes since 4.1.20:
+---------------------
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 11488: Avoid quoting problems in user's DNs.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.20
+ September 1, 2015
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.19:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 11366: docs: Overhaul the description of "smb encrypt" to include SMB3
+ encryption.
+ * BUG 11372: smbd: Fix SMB3 functionality of "smb encrypt".
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10823: s3: winbindd: Fix TALLOC_FREE of uninitialized groups variable.
+ * BUG 11328: Use resource group sids obtained from pac logon_info.
+ * BUG 11339: s3: smbd: Use separate flag to track
+ become_root()/unbecome_root() state.
+ * BUG 11342: s3: smbd: Codenomicon crash in do_smb_load_module().
+ * BUG 11359: lib: replace: Add strsep function (missing on Solaris).
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 11170: s3:param/loadparm fix 'testparm --show-all-parameters'.
+
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 11426: s3-net: Use talloc array in share allowedusers.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 11373: s3-smbd: Reset protocol in smbXsrv_connection_init_tables
+ failure paths.
+
+
+o Justin Maggard <jmaggard@netgear.com>
+ * BUG 11320: s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 11061: Fix logon via MS Remote Desktop.
+ * BUG 11081: s3:winbindd: make sure we pass a valid server to
+ rpccli_netlogon_sam_network_logon*().
+
+
+o Anubhav Rakshit <anubhav.rakshit@gmail.com>
+ * BUG 11361: s3:libsmb: Fix a bug in conversion of ea list to ea array.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 11403: s3-smbd: Leave sys_disk_free() if dfree command is used.
+ * BUG 11404: s3-auth: Fix a possible null pointer dereference.
+
+
+o Roel van Meer <roel@1afa.com>
+ * BUG 11427: s3-util: Compare the maximum allowed length of a NetBIOS name.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.19
+ June 23, 2015
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.18:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 11068: s3: smbcacls: Ensure we read a hex number as %x, not %u.
+ * BUG 11249: Make mangled names work with acl_xattr.
+ * BUG 11295: Excessive cli_resolve_path() usage can slow down transmission.
+
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 11244: Error code path doesn't call END_PROFILE.
+ * BUG 11277: s3:smb2: Add padding to last command in compound requests.
+
+
+o Alexander Bokovoy <ab@samba.org>
+ * BUG 11284: s4: libcli/finddcs_cldap: Continue processing CLDAP until all
+ addresses are used.
+
+
+o Evangelos Foutras <evangelos@foutrelis.com>
+ * BUG 8780: s4:lib/tls: Fix build with gnutls 3.4.
+
+
+o David Holder <david.holder@erion.co.uk>
+ * BUG 11283: s3: IPv6 enabled DNS connections for ADS client.
+
+
+o Steve Howells <steve.howells@moscowfirst.com>
+ * BUG 10924: s4.2/fsmo.py: Fix fsmo transfer exception.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 11141: s3:winbindd: Make sure we remove pending io requests before
+ closing client sockets.
+ * BUG 11182: Fix panic triggered by smbd_smb2_request_notify_done() ->
+ smbXsrv_session_find_channel() in smbd.
+
+
+o Christof Schmitt <cs@samba.org>
+ * BUG 11313: idmap_rfc2307: Fix 'wbinfo --gid-to-sid' query.
+
+
+o Uri Simchoni <urisimchoni@gmail.com>
+ * BUG 11267: libads: Record service ticket endtime for sealed ldap
+ connections.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.18
+ May 12, 2015
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.17:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8905: s3:winbind:grent: Don't stop group enumeration when a group has
+ no gid.
+ * BUG 11058: cli_connect_nb_send: don't segfault on host == NULL.
+ * BUG 11117: vfs_glusterfs manpage corrections.
+ * BUG 11143: s3-winbind: Fix chached user group lookup of trusted domains.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10016: Fix NTLM authentication.
+ * BUG 10888: s3: client - "client use spnego principal = yes" code checks
+ wrong name.
+ * BUG 11079: s3: lib: libsmbclient: If reusing a server struct, check every
+ cli->timout miliseconds if it's still valid before use.
+ * BUG 11094: s3: smbclient: Allinfo leaves the file handle open.
+ * BUG 11144: Fix memory leak in SMB2 notify handling.
+ * BUG 11173: s3: libcli: smb1: Ensure we correctly finish a tevent req if
+ the writev fails in the SMB1 case.
+ * BUG 11177: s3: libsmbclient: Add missing talloc stackframe.
+ * BUG 11186: s3: libsmbclient: After getting attribute server, ensure main
+ srv pointer is still valid.
+ * BUG 11187: s3: Mac OS X 10.10.x fails validate negotiate request to 4.1.x.
+ * BUG 11236: s4: rpc: Refactor dcesrv_alter() function into setup and send
+ steps.
+ * BUG 11240: s3: smbd: Incorrect file size returned in the response of
+ "FILE_SUPERSEDE Create".
+ * BUG 11254: s3: nmbd: Don't set work_changed = True inside
+ update_server_ttl().
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 11100: debug: Set close-on-exec for the main log file FD.
+
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 11224: s3:smbd: Missing tevent_req_nterror.
+ * BUG 11243: vfs: kernel_flock and named streams.
+
+
+o Ira Cooper <ira@samba.org>
+ * BUG 11069: vfs_glusterfs: Add comments to the pipe(2) code.
+ * BUG 11115: smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 10240: vfs: Add glusterfs manpage.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 10808: printing/cups: Pack requested-attributes with IPP_TAG_KEYWORD.
+ * BUG 11018: smbd can't find the GUID for a printer in the registry and
+ fails to publish printers.
+ * BUG 11059: libsmb: Provide authinfo domain for encrypted session
+ referrals.
+ * BUG 11169: docs/idmap_rid: Remove deprecated base_rid from example.
+ * BUG 11210: spoolss: Purge the printer name cache on name change.
+
+
+o Julien Kerihuel <j.kerihuel@openchange.org>
+ * BUG 11225: s4:rpc_server: Add multiplex state to dcerpc flags and control
+ over multiplex PFC flag in bind_ack and and dcesrv_alter replies.
+ * BUG 11226: Fix terminate connection behavior for asynchronous endpoint
+ with PUSH notification flavors.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 11041: smbd: Fix CID 1063259 Uninitialized scalar variable.
+ * BUG 11051: net: Fix 'net sam addgroupmem'.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 9702: s3:smb2_server: protect against integer wrap with "smb2 max
+ credits = 65535".
+ * BUG 11144: Fix memory leak in SMB2 notify handling.
+ * BUG 11164: s4:auth/gensec_gssapi: let gensec_gssapi_update() return
+ NT_STATUS_LOGON_FAILURE for unknown errors.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 10984: spoolss: Clear PrinterInfo on GetPrinter error.
+ * BUG 11008: s3-util: Fix authentication with long hostnames.
+ * BUG 11037: s3-libads: Fix a possible segfault in kerberos_fetch_pac().
+ * BUG 11058: utils: Fix 'net time' segfault.
+ * BUG 11066: s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().
+ * BUG 11127: doc-xml: Add 'sharesec' reference to 'access based share enum'.
+ * BUG 11180: s4-process_model: Do not close random fds while forking.
+ * BUG 11185: s3-passdb: Fix 'force user' with winbind default domain.
+
+
+o Richard Sharpe <rsharpe@nutanix.com>
+ * BUG 11234: Fix crash in 'net ads dns gethostbyname' with an error in TALLOC_FREE
+ if you enter invalid values.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.17
+ February 23, 2015
+ ==============================
+
+
+This is a security release in order to address CVE-2015-0240 (Unexpected
+code execution in smbd).
+
+o CVE-2015-0240:
+ All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an
+ unexpected code execution vulnerability in the smbd file server
+ daemon.
+
+ A malicious client could send packets that may set up the stack in
+ such a way that the freeing of memory in a subsequent anonymous
+ netlogon packet could allow execution of arbitrary code. This code
+ would execute with root privileges.
+
+
+Changes since 4.1.16:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 11077: CVE-2015-0240: talloc free on uninitialized stack pointer
+ in netlogon server could lead to security vulnerability.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 11077: CVE-2015-0240: s3-netlogon: Make sure we do not deference
+ a NULL pointer.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.16
+ January 15, 2015
+ ==============================
+
+
+This is a security release in order to address CVE-2014-8143 (Elevation
+of privilege to Active Directory Domain Controller).
+
+o CVE-2014-8143:
+ Samba's AD DC allows the administrator to delegate
+ creation of user or computer accounts to specific users or groups.
+
+ However, all released versions of Samba's AD DC did not implement the
+ additional required check on the UF_SERVER_TRUST_ACCOUNT bit in the
+ userAccountControl attributes.
+
+
+Changes since 4.1.15:
+---------------------
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 10993: CVE-2014-8143: dsdb-samldb: Check for extended access
+ rights before we allow changes to userAccountControl.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+-----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.15
+ January 12, 2015
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.14:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10966: libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a
+ Windows client does.
+ * BUG 10982 s3: smbd/modules: Fix *allocate* calls to follow POSIX error
+ return convention.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 9629: Fix profiles tool.
+
+
+o Samuel Cabrero <scabrero@zentyal.com>
+ * BUG 11006: idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 9056: pam_winbind: Fix warn_pwd_expire implementation.
+
+
+o Guenter Kukkukk <linux@kukkukk.com>
+ * BUG 10952: s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 9299: nsswitch: Fix soname of linux nss_*.so.2 modules.
+ * BUG 10949: s4:dsdb/rootdse: Expand extended dn values with the AS_SYSTEM
+ control.
+ * BUG 10958: s3:smb2_server: Allow reauthentication without signing.
+ * BUG 11006: Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack'
+ attribute 'supported_extensions'.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 11006: Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack'
+ attribute 'supported_extensions'.
+
+
+o Christof Schmitt <cs@samba.org>
+ * BUG 11034: winbind: Retry LogonControl RPC in ping-dc after session
+ expiration.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 10279: s3-lib: Do not require a password with --use-ccache.
+ * BUG 10960: s3-smbclient: Return success if we listed the shares.
+ * BUG 10961: s3-smbstatus: Fix exit code of profile output.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.14
+ December 1, 2014
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.13:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 10472: Revert buildtools/wafadmin/Tools/perl.py back to upstream
+ state.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10711: nmbd fails to accept "--piddir" option.
+ * BUG 10896: s3-nmbd: Fix netbios name truncation.
+ * BUG 10904: s3: libsmbclient-smb2. MacOSX 10 SMB2 server doesn't set
+ STATUS_NO_MORE_FILES when handed a non-wildcard path.
+ * BUG 10920: s3: nmbd: Ensure NetBIOS names are only 15 characters stored.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 10942: Cleanup add_string_to_array and usage.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 10898: spoolss: Fix handling of bad EnumJobs levels.
+ * BUG 10905: spoolss: Fix jobid in level 3 EnumJobs response.
+
+
+o Amitay Isaacs <amitay@gmail.com>
+ * BUG 10620: s4-dns: Add support for BIND 9.10.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 10835: nss_winbind: Add getgroupmembership for FreeBSD.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10932: pdb_tdb: Fix a TALLOC/SAFE_FREE mixup.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 10472: pidl/wscript: Remove --with-perl-* options.
+ * BUG 10921: s3:smbd: Fix file corruption using "write cache size != 0".
+
+
+o Jose A. Rivera <jarrpa@redhat.com>
+ * BUG 10889: vfs_glusterfs: Remove "integer fd" code and store the glfs
+ pointers.
+
+
+o Matt Rogers <mrogers@redhat.com>
+ * BUG 10933: s3-keytab: Fix keytab array NULL termination.
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 10880: S3: source3/smbd/process.c::srv_send_smb() returns true on the
+ error path.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.13
+ October 20, 2014
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.12:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 10809: s3:smbd:open_file: Use a more natural check.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10717: s3: winbindd: Old NT Domain code sets struct
+ winbind_domain->alt_name to be NULL. Ensure this is safe with modern
+ AD-DCs.
+ * BUG 10779: pthreadpool: Slightly serialize jobs.
+ * BUG 10809: s3: smbd: Open logic fix.
+ * BUG 10830: s3: nmbd: Ensure the main nmbd process doesn't create zombies.
+ * BUG 10831: s3: lib: Signal handling - ensure smbrun and change password
+ code save and restore existing SIGCHLD handlers.
+ * BUG 10848: s3: smb2cli: Query info return length check was reversed.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 9984: s3-libnet: Make sure we do not overwrite precreated SPNs.
+
+
+o Björn Jacke <bj@sernet.de
+ * BUG 10814: docs: Mention incompatibility between kernel oplocks and
+ streams_xattr.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10735: Fix unstrcpy.
+ * BUG 10797: s3: smbd: streams - Ensure share mode validation ignores
+ internal opens (op_mid == 0).
+ * BUG 10813: vfs_media_harmony: Fix a crash bug.
+ * BUG 10860: registry: Don't leave dangling transactions.
+
+
+o Christof Schmitt <cs@samba.org>
+ * BUG 10826: s3-winbindd: Use correct realm for trusted domains in idmap
+ child.
+ * BUG 10837: idmap_rfc2307: Fix a crash after connection problem to DC.
+ * BUG 10838: s3-winbindd: Do not use domain SID from LookupSids for
+ Sids2UnixIDs call.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 9984: s3-libnet: Add libnet_join_get_machine_spns().
+ * BUG 9985: s3-libads: Add all machine account principals to the keytab.
+ * BUG 10816: nmbd: Send waiting status to systemd.
+ * BUG 10817: libcli: Fix a segfault calling smbXcli_req_set_pending() on
+ NULL.
+ * BUG 10824: nsswitch: Skip groups we were not able to map.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.12
+ September 8, 2014
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+Major enhancements in Samba 4.1.12 include:
+
+o New parameter "winbind request timeout" has been added (bug #3204). Please
+ see smb.conf man page for details.
+o Fix smbd crashes when filename contains non-ascii character (bug #10716).
+o dnsserver: Handle updates of tombstoned dnsNode objects (bug #10749).
+
+
+Changes since 4.1.11:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 10369: build: Fix configure to honour '--without-dmapi'.
+ * BUG 10737: s3:idmap: Don't log missing range config if range checking not
+ requested.
+ * BUG 10741: Fix flapping VFS gpfs offline bit.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 3204: s3: winbindd: On new client connect, prune idle or hung
+ connections older than "winbind request timeout". Add new parameter
+ "winbind request timeout".
+ * BUG 10640: lib: tevent: make TEVENT_SIG_INCREMENT atomic.
+ * BUG 10650: Make "case sensitive = True" option working with
+ "max protocol = SMB2" or higher in large directories.
+ * BUG 10716: Fix smbd crashes when filename contains non-ascii
+ character.
+ * BUG 10728: 'net time': Fix usage and core dump.
+ * BUG 10773: s3: smbd: POSIX ACLs. Remove incorrect check for
+ SECINFO_PROTECTED_DACL in incoming security_information flags in
+ posix_get_nt_acl_common().
+ * BUG 10794: vfs_dirsort: Fix an off-by-one error that can cause
+ uninitialized memory read.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 10543: s3: Enforce a positive allocation_file_size for non-empty
+ files.
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 10466: provision: Correctly provision the SOA record minimum TTL.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 10652: Samba 4 consuming a lot of CPU when re-reading printcap info.
+ * BUG 10787: dosmode: Fix FSCTL_SET_SPARSE request validation.
+
+
+o Amitay Isaacs <amitay@gmail.com>
+ * BUG 10742: s4-rpc: dnsserver: Allow . to be specified for @ record.
+
+
+o Daniel Kobras <d.kobras@science-computing.de>
+ * BUG 10731: sys_poll_intr: Fix timeout arithmetic.
+
+
+o Ross Lagerwall <rosslagerwall@gmail.com>
+ * BUG 10778: s3:libsmb: Set a max charge for SMB2 connections.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10716: lib: strings: Simplify strcasecmp.
+ * BUG 10758: lib: Remove unused nstrcpy.
+ * BUG 10782: smbd: Properly initialize mangle_hash.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 9831: s4:setup/dns_update_list: make use of the new substitution
+ variables.
+ * BUG 10723: Allow netr_ServerReqChallenge() and netr_ServerAuthenticate3()
+ on different connections.
+ * BUG 10749: s4-rpc: dnsserver: Handle updates of tombstoned dnsNode
+ objects.
+ * BUG 10751: s4-rpc: dnsserver: return DNS_RANK_NS_GLUE recors when
+ explicitly asked for.
+ * BUG 10773: libcli/security: Add better detection of
+ SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info().
+
+
+o Marc Muehlfeld <mmuehlfeld@samba.org>
+ * BUG 10761: docs: Fix typos in smb.conf (inherit acls).
+
+
+o Shirish Pargaonkar <spargaonkar@suse.com>
+ * BUG 10755: samba: Retain case sensitivity of cifs client.
+
+
+o Arvid Requate <requate@univention.de>
+ * BUG 9570: passdb: Fix NT_STATUS_NO_SUCH_GROUP.
+
+
+o Har Gagan Sahai <SHarGagan@novell.com>
+ * BUG 10759: Fix a memory leak in cli_set_mntpoint().
+
+
+o Roel van Meer <roel@1afa.com>
+ * BUG 10777: Don't discard result of checking grouptype.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.11
+ August 1, 2014
+ ==============================
+
+
+This is a security release in order to address
+CVE-2014-3560 (Remote code execution in nmbd).
+
+o CVE-2014-3560:
+ Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on
+ unauthenticated nmbd NetBIOS name services.
+
+ A malicious browser can send packets that may overwrite the heap of
+ the target nmbd NetBIOS name services daemon. It may be possible to
+ use this to generate a remote code execution vulnerability as the
+ superuser (root).
+
+
+Changes since 4.1.10:
+---------------------
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10735: CVE-2014-3560: Fix unstrcpy macro length.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 4.1.10
+ July 28, 2014
+ ==============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.9:
+--------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 10693: Backport ldb-1.1.17 + changes from master.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10587: s3: libsmbclient: Work around bugs in SLES cifsd and Apple smbx
+ SMB1 servers.
+ * BUG 10653: Samba won't start on a machine configured with only IPv4.
+ * BUG 10671: s3: smbd: Prevent file truncation on an open that fails with
+ share mode violation.
+ * BUG 10673: s3: SMB2: Fix leak of blocking lock records in the database.
+ * BUG 10684: SMB1 blocking locks can fail notification on unlock, causing
+ client timeout.
+ * BUG 10685: s3: smbd: Locking, fix off-by one calculation in
+ brl_pending_overlap().
+ * BUG 10692: wbcCredentialCache fails if challenge_blob is not first.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 10693: lib/ldb: Fix compiler warnings.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8077: dbcheck: Add check and test for various invalid userParameters
+ values.
+ * BUG 8449: Simple use case results in "no talloc stackframe around, leaking
+ memory" error.)
+ * BUG 10130: dsdb: Always store and return the userParameters as a array of
+ LE 16-bit values.
+ * BUG 10582: dsdb: Rename private_data to rootdse_private_data in rootdse.
+ * BUG 10627: rid_array used before status checked - segmentation fault due
+ to null pointer dereference.
+ * BUG 10693: ldb: make the successful ldb_transaction_start() message
+ clearer.
+ * BUG 10694: dsdb: Return NO_SUCH_OBJECT if a basedn is a deleted object.
+ * BUG 10700: Backport access check related fixes from master.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 10674: samba-tool: Add --site parameter to provision command.
+
+
+o Howard Chu <hyc@symas.com>
+ * BUG 10693: Fix SEGV from improperly formed SUBSTRING/PRESENCE filter.
+
+
+o Jeroen Dekkers <jeroen@dekkers.ch>
+ * BUG 10693: ldb: Do not build libldb-cmdline when using system ldb.
+
+
+o Nadezhda Ivanova <nivanova@symas.com>
+ * BUG 10693: s4-openldap: Remove use of talloc_reference in
+ ldb_map_outbound.c
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 3263: net/doc: Make clear that net vampire is for NT4 domains only.
+
+
+o Abhidnya Joshi <achirmul@in.ibm.com>
+ * BUG s3: Fix missing braces in nfs4_acls.c.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 10593: Fix "PANIC: assert failed at ../source3/smbd/open.c(1582): ret".
+ * BUG 10663: msg_channel: Fix a 100% CPU loop.
+ * BUG 10671: s3: smbd: Prevent file truncation on an open that fails with
+ share mode violation.
+ * BUG 10680: smbstatus: Fix an uninitialized variable.
+ * BUG 10687: 'RW2' smbtorture test fails when -N <numprocs> is set to 2 due
+ to the invalid status check in the second client.
+ * BUG 10693: ldb: Fix 1138330 Dereference null return value, fix CIDs
+ 241329, 240798, 1034791, 1034792 1034910, 1034910).
+ * BUG 10699: smbd: Avoid double-free in get_print_db_byname.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 8077: s4:dsdb/samldb: Don't allow 'userParameters' to be modified over
+ LDAP for now.
+ * BUG 9763: s4:dsdb/repl_meta_data: Make sure objectGUID can't be deleted.
+ * BUG 10469: ldb-samba: fix a memory leak in
+ ldif_canonicalise_objectCategory().
+ * BUG 10294: s4:repl_meta_data: fix array assignment in
+ replmd_process_linked_attribute().
+ * BUG 10536: dbchecker: Verify and fix broken dn values.
+ * BUG 10692: wbcCredentialCache fails if challenge_blob is not first.
+ * BUG 10693: ldb:pyldb: Add some more helper functions for LdbDn.
+ * BUG 10694: s4:dsdb/extended_dn_in: Don't force DSDB_SEARCH_SHOW_RECYCLED.
+ * BUG 10696: Backport autobuild/selftest fixes from master.
+ * BUG 10706: s3:smb2_read: let smb2_sendfile_send_data() behave like
+ send_file_readX().
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 10693: pyldb: Decrement ref counters on py_results and quiet warnings.
+ * BUG 10698: Backport drs-crackname fixes from master.
+
+
+o Pavel Reichl <pavel.reichl@redhat.com>
+ * BUG 10693: ldb: Use of NULL pointer bugfix.
+
+
+o Garming Sam <garming@catalyst.net.nz>
+ * BUG 10703: Backport provision fixes from master.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 10693: ldb: Add a env variable to disable RTLD_DEEPBIND.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 4.1.9
+ June 23, 2014
+ =============================
+
+
+This is a security release in order to address
+CVE-2014-0244 (Denial of service - CPU loop) and
+CVE-2014-3493 (Denial of service - Server crash/memory corruption).
+
+o CVE-2014-0244:
+ All current released versions of Samba are vulnerable to a denial of
+ service on the nmbd NetBIOS name services daemon. A malformed packet
+ can cause the nmbd server to loop the CPU and prevent any further
+ NetBIOS name service.
+
+ This flaw is not exploitable beyond causing the code to loop expending
+ CPU resources.
+
+o CVE-2014-3493:
+ All current released versions of Samba are affected by a denial of service
+ crash involving overwriting memory on an authenticated connection to the
+ smbd file server.
+
+
+Changes since 4.1.8:
+--------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 10633: CVE-2014-0244: Fix nmbd denial of service.
+ * BUG 10654: CVE-2014-3493: Fix segmentation fault in
+ smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 4.1.8
+ June 3, 2014
+ =============================
+
+
+This is the latest stable release of Samba 4.1.
+
+Please note that this bug fix release also addresses two minor security issues
+without being a dedicated security release:
+
+ o CVE-2014-0239: dns: Don't reply to replies (bug #10609).
+ o CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response
+ (bug #10549).
+
+For more details including security advisories and patches, please see
+
+ http://www.samba.org/samba/history/security.html
+
+
+Changes since 4.1.7:
+--------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 10548: build: Fix ordering problems with lib-provided and internal
+ RPATHs.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 3124: s3: smb2: Fix 'xcopy /d' with samba shares.
+ * BUG 10544: s3: lib/util: Fix logic inside set_namearray loops.
+ * BUG 10564: Fix lock order violation and file lost.
+ * BUG 10577: Fix wildcard unlink to fail if we get an error rather than
+ trying to continue.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 10569: dsdb: Do checks for invalid renames in samldb, before
+ repl_meta_data.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 10239: s3: nmbd: Reset debug settings after reading config file.
+ * BUG 10544: s3: lib/util: set_namearray reads across end of namelist
+ * BUG 10556: lib-util: Rename memdup to smb_memdup and fix all callers.
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 10609: CVE-2014-0239: dns: Don't reply to replies.
+
+
+o Alexander Bokovoy <ab@samba.org>
+ * BUG 10517: Use exit_daemon() to communicate status of startup to
+ systemd.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 10590: byteorder: Do not assume PowerPC is big-endian.
+ * BUG 10612: printing: Fix purge of all print jobs.
+
+
+o Benjamin Franzke <benjaminfranzke@googlemail.com>
+ * BUG 10524: Fix adding NetApps.
+
+
+o Abhidnya Joshi <achirmul@in.ibm.com>
+ * BUG 10547: idmap_autorid: Fix failure in reverse lookup if ID is from
+ domain range index #0.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 10472: script/autobuild: Make use of
+ '--with-perl-{arch,lib}-install-dir'.
+
+
+o Noel Power <nopower@suse.com>
+ * BUG 10554: Fix read of deleted memory in reply_writeclose()'.
+
+
+o Jose A. Rivera <jarrpa@redhat.com>
+ * BUG 10151: Extra ':' in msg for Waf Cross Compile Build System with
+ Cross-answers command.
+ * BUG 10348: Fix empty body in if-statement in continue_domain_open_lookup.
+
+
+o Christof Schmitt <christof.schmitt@us.ibm.com>
+ * BUG 10549: CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS
+ response.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 10472: wafsamba: Fix the installation on FreeBSD.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 4.1.7
+ April 17, 2014
+ =============================
+
+
+This is the latest stable release of Samba 4.1.
+
+
+Changes since 4.1.6:
+--------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 9878: Make "force user" work as expected.
+ * BUG 9942: Fix problem with server taking too long to respond to a
+ MSG_PRINTER_DRVUPGRADE message.
+ * BUG 9993: s3-printing: Fix obvious memory leak in
+ printer_list_get_printer().
+ * BUG 10344: SessionLogoff on a signed connection with an outstanding notify
+ request crashes smbd.
+ * BUG 10431: Fix STATUS_NO_MEMORY response from Query File Posix Lock request.
+ * BUG 10508: smbd: Correctly add remote users into local groups.
+ * BUG 10534: Cleanup messages.tdb record after unclean smbd shutdown.
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 9911: Fix build on AIX with IBM XL C/C++ (gettext detection issues).
+ * BUG 10308: Fix String Conversion Errors with Samba 4.1.0 Build on AIX 7.1.
+
+
+o Gregor Beck <gbeck@sernet.de>
+ * BUG 10230: Make (lib)smbclient work with NetApp.
+ * BUG 10458: Fix 'wbinfo -i' with one-way trust.
+ * s3:rpc_server: Minor refactoring of process_request_pdu().
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 10471: Don't respond with NXDOMAIN to records that exist with another
+ type.
+
+
+o Alexander Bokovoy <ab@samba.org>
+ * BUG 10504: lsa.idl: Define lsa.ForestTrustCollisionInfo and
+ ForestTrustCollisionRecord as public structs.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 10439: Increase max netbios name components.
+
+
+o David Disseldorp <ddiss@samba.org>
+ * BUG 10188: doc: Add "spoolss: architecture" parameter usage.
+ * BUG 10484: Initial FSRVP rpcclient requests fail with
+ NT_STATUS_PIPE_NOT_AVAILABLE.
+ * BUG 10521: rpcclient FSRVP request UNCs should include a trailing
+ backslash.
+
+
+o Daniel Liberman <danielvl@gmail.com>
+ * BUG 10387: 'net ads search' on high latency networks can return a partial
+ list with no error indication.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 10200: Make 'smbclient' support DFS shares with SMB2/3.
+ * BUG 10344: SessionLogoff on a signed connection with an outstanding notify
+ request crashes smbd.
+ * BUG 10422: max xmit > 64kb leads to segmentation fault.
+ * BUG 10444: smbd_server_connection_terminate("CTDB_SRVID_RELEASE_IP")
+ panics from within ctdbd_migrate() with invalid lock_order.
+ * BUG 10464: samba4 services not binding on IPv6 addresses causing
+ connection delays.
+
+
+o Garming Sam <garming@catalyst.net.nz>
+ * BUG 10378: dfs: Always call create_conn_struct with root privileges.
+
+
+o Andreas Schneider <asn@cryptomilk.org>
+ * BUG 10467: s3-vfs: Fix stream_depot vfs module on btrfs.
+ * BUG 10472: pidl: waf should have an option for the dir to install perl
+ files and do not glob.
+ * BUG 10474: s3-spoolssd: Don't register spoolssd if epmd is not running.
+ * BUG 10481: s3-rpc_server: Fix handling of fragmented rpc requests.
+
+
+o Gustavo Zacarias <gustavo@zacarias.com.ar>
+ * BUG 10506: Make 'smbreadline' build with readline 6.3.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
=============================
Release Notes for Samba 4.1.6
March 11, 2014
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.1.5
git.samba.org / samba.git / blobdiff