+ =============================
+ Release Notes for Samba 3.6.6
+ , 2012
+ =============================
+
+
+This is is the latest stable release of Samba 3.6.
+
+Major enhancements in Samba 3.6.6 include:
+
+o
+
+Changes since 3.6.5:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
+ Release Notes for Samba 3.6.5
+ April 30, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.6.4:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.4
+ April 10, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-1182 ("root" credential remote code execution).
+
+o CVE-2012-1182:
+ Samba 3.0.x to 3.6.3 are affected by a
+ vulnerability that allows remote code
+ execution as the "root" user.
+
+
+Changes since 3.6.3:
+--------------------
+
+
+o Stefan Metzmacher <metze@samba.org>
+ *BUG 8815: PIDL based autogenerated code allows overwriting beyond of
+ allocated array (CVE-2012-1182).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.6.3
+ January 29, 2012
+ =============================
+
+
+This is a security release in order to address
+CVE-2012-0817 (Memory leak/Denial of service).
+
+o CVE-2012-0817:
+ The Samba File Serving daemon (smbd) in Samba versions
+ 3.6.0 to 3.6.2 is affected by a memory leak that can
+ cause a server denial of service.
+
+
+Changes since 3.6.2:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+o Ira Cooper <samba@ira.wakeful.net>
+ * BUG 8724: Fix memory leak in parent smbd on connection.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
=============================
Release Notes for Samba 3.6.2
- , 2011
+ January 25, 2012
=============================
Major enhancements in Samba 3.6.2 include:
-o
+o Make Winbind receive user/group information (bug #8371).
+o Several SMB2 fixes.
+
Changes since 3.6.1:
--------------------
+o Michael Adam <obnox@samba.org>
+ * BUG 8528: Fix SEGFAULT from net registry export on not zero terminated
+ REG_SZ values.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8541: readlink() on Linux clients fails if the symlink target is
+ outside of the share.
+ * BUG 8542: smbclient posix_open command fails to return correct info on
+ open file.
+ * BUG 8548: winbind_samlogon_retry_loop ignores logon_parameters flags.
+ * BUG 8561: Password change settings not fully observed.
+ * BUG 8562: Fix double free error in talloc.
+ * BUG 8614: Ensure we correctly calculate reply credits over all returned
+ SMB2 replies.
+ * BUG 8631: POSIX ACE x permission becomes rx following mapping to and from
+ a DACL.
+ * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still
+ set SEC_DESC_DACL_PRESENT in the type field.
+ * BUG 8644: vfs_acl_xattr and vfs_acl_tdb modules can fail to add
+ inheritable entries on a directory with no stored ACL.
+ * BUG 8663: Fix deleting a symlink if the symlink target is outside of
+ * the share.
+ * BUG 8664: Fix renaming a symlink if the symlink target is outside of
+ the share.
+ * BUG 8673: Fix NT ACL issue.
+ * BUG 8674: Fix buffer overflow issue with AES encryption in samba traffic
+ analyzer.
+ * BUG 8679: recvfile code path using splice() on Linux leaves data in the
+ pipe on short write.
+ * BUG 8687: Fix typo in 'net memberships' usage.
+ * BUG 8710: Fix major leak with SMB2 in connections.tdb.
+ * Fix a crash bug in the spoolss code.
+ * Add new contributing FAQ announcing acceptance of corporate (C).
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8444: Add an allocation pool to idmap_autorid.
+ * BUG 8585: Increase a debug level.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8623: Fix crash bug when trying to browse Samba printers.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 8580: Enable inotify if sys or kernel inotify is available.
+ * BUG 8618: Fix migrate printer code.
+
+
+o Gregor Beck <gbeck@sernet.de>
+ * BUG 8528: Fix SEGFAULT from net registry export on not zero terminated
+ REG_SZ values.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7465: Remove pointless use_memory_krb5_ccache.
+ * BUG 8176: Fix perl path.
+ * BUG 8591: Fix marshalling of samr_ChangePasswordUser3.
+ * BUG 8692: libads: Fix malloc/talloc mismatch in
+ ads_keytab_verify_ticket().
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 4942: DeletePrinterDriverEx deletes files in use.
+ * BUG 8575: Add systemd service files.
+ * BUG 8606: Fix intermittent print job failures caused by character
+ conversion errors.
+ * BUG 8697: Make DeletePrinterDriverEx remove printer driver files.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8531: Make DSO_EXPORTS_CMD more portable.
+ * BUG 8616: Allow to set TCP_NODELAYACK socket option on AIX.
+ * BUG 8652: Document the "ignore system acls" option of vfs_acl_xattr and
+ vfs_acl_tdb vfs modules.
+
+
+o Frank Lahm <franklahm@googlemail.com>
+ * BUG 8419: Make VFS op "streaminfo" stackable.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 8371: Make Winbind receive user/group information.
+ * BUG 8639: Fix the vfs_commit module.
+ * BUG 8686: Packet validation checks can be done before length validation
+ causing uninitialized memory read.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 5326: Fix cli_write_and_x() against OS/2 print shares.
+ * BUG 8357: Grant credits in async interim responses (SMB2).
+ * BUG 8560: Make SMB2 handle compound request headers in the same way
+ as Windows.
+ * BUG 8573: Fix alignment in the non-extended-security negprot.
+ * BUG 8586: libsmb: Only align unicode pipe_name.
+ * BUG 8579: smb2_flush: Don't send uninitialized memory.
+ * BUG 8592: Don't limit the number of open dptrs for SMB2.
+ * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram().
+ * BUG 8684: Try ctdbd_init_connection() as root.
+
+
+o Masafumi Nakayama <MASA23@jp.ibm.com>
+ * BUG 563: Fix 'smbclient tar' for files greater than 8GB on BE machines.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 8600: Make cldap work over IPv6.
+ * BUG 8674: Fix buffer overflow issue with AES encryption in samba traffic
+ analyzer.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 8550: Fix setting the machine account password.
+ * BUG 8575: Add systemd service files.
+ * BUG 8608: Winbind: Don't fail on users without a uid.
+ * BUG 8628: libsmb: Don't duplicate Kerberos service tickets.
+ * BUG 8643: Add an update function for Winbind cache.
+ * BUG 8678: Fix Winbind segfault if we can't map the last user.
+
+
+o Karolin Seeger <kseeger@samba.org>
+ * BUG 7705: Fix some RHEL packaging issues.
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 8607: Improve configure.in so it can be used outside the Samba source
+ tree.
+
+
+o Brad Smith <brad@comstyle.com>
+ * BUG 8525: Fix bug with sys_fseek() wrapper on *BSD / OS X).
+
+
+o Henry Wong <henry@stuffedcow.net>
+ * BUG 8384: Fix Windows XP clients crashing smbd process every once in a
+ while.
######################################################################
== The Samba Team
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 3.6.1