X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=WHATSNEW.txt;h=15518651c73f031571151007230a2d0d621dd911;hb=a812254ce8bbe67234a185054661e6c2f01b1134;hp=5d4351257d4c64c565df07eda08d0f647c8dd60b;hpb=6f2f4c36284ef61230d491fa627bc4c55478ec4f;p=samba.git diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 5d4351257d4..15518651c73 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,6 +1,505 @@ + ============================== + Release Notes for Samba 3.5.19 + November 5, 2012 + ============================== + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.19 include: + +o + +Changes since 3.5.17: +--------------------- + +o Jeremy Allison + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================== + Release Notes for Samba 3.5.18 + September 24, 2012 + ============================== + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.18 include: + +o Fix a smbd crash in reply_lockingX_error (bug #9084). +o Fix Winbind crashes caused by mis-identified idle clients (bug #9104). +o Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in + _pam_winbind_change_pwd() when password is expiring (bug #9013). + + +Changes since 3.5.17: +--------------------- + +o Michael Adam + * BUG 7788: Clarify the idmap_rid manpage. + + +o Jeremy Allison + * BUG 9098: Winbind does not refresh Kerberos tickets. + * BUG 9147: Winbind can't fetch user or group info from AD via LDAP. + * BUG 9150: Valid open requests can cause smbd assert due to incorrect + oplock handling on delete requests. + + +o Neil R. Goldberg + * BUG 9100: Winbind doesn't return "Domain Local" groups from own domain. + + +o Hargagan + * BUG 9085: NMB registration for a duplicate workstation fails with + registration refuse. + + +o Björn Jacke + * BUG 7814: Fix build of sysquote_xfs. + * BUG 8402: Winbind log spammed with idmap messages. + + +o Volker Lendecke + * BUG 9084: Fix a smbd crash in reply_lockingX_error. + + +o Herb Lewis + * BUG 9104: Fix Winbind crashes caused by mis-identified idle clients. + + +o Luca Lorenzetto + * BUG 9013: Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in + _pam_winbind_change_pwd() when password is expiring. + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + + ============================== + Release Notes for Samba 3.5.17 + August 13, 2012 + ============================== + + +This is the latest stable release of Samba 3.5. + + +Changes since 3.5.16: +--------------------- + +o Jeremy Allison + * BUG 9034: Fix typo in set_re_uid() call when USE_SETRESUID selected in + configure. + + +o Björn Jacke + * BUG 8996: Fix build without ads support. + * BUG 9011: Second part of a fix for bug #9011 (Build on HP-UX broken). + + +o Stefan Metzmacher + * BUG 9022: Make vfs_gpfs less verbose in get/set_xattr functions. + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + + ============================== + Release Notes for Samba 3.5.16 + July 2, 2012 + ============================== + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.16 include: + +o Fix possible memory leaks in the Samba master process (bug #8970). +o Fix uninitialized memory read in talloc_free(). +o Fix smbd crash with unknown user (bug #8314). + + +Changes since 3.5.15: +--------------------- + +o Jeremy Allison + * BUG 8314: Fix smbd crash with unknown user. + * BUG 8831: Fix inconsistent (with manpage) command-line switch for "help" + in smbtree. + * BUG 8882: Fix processing of %U with vfs_full_audit when "force user" + is set. + * BUG 8897: winbind_krb5_locator only returns one IP address. + * BUG 8910: resolve_ads() code can return zero addresses and miss valid DC + IP addresses. + * BUG 8957: Fix typo in pam_winbindd code. + * BUG 8972: Directory group write permission bit is set if unix extensions + are enabled. + * BUG 8974: Kernel oplocks are broken when uid(file) != uid(process). + * BUG 8989: Send correct responses to NT Transact Secondary when no data and + no params. + * BUG 8994: Fix "winbind normalize names". + + +o Andrew Bartlett + * BUG 8599: Only use SamLogonEx when we can get unencrypted session keys. + * BUG 8943: Slow but responsive DC can lock up winbindd for > 10 minutes + at a time. + + +o Björn Baumbach + * BUG 7564: Fix default name resolve order in the manpage. + + +o John Bradshaw + * BUG 7938: Fix typo (overrided -> overridden) in Samba3-HOWTO. + + +o Olaf Flebbe + * BUG 8552: Correct documentation of "case sensitive". + + +o Björn Jacke + * BUG 8869: Remove outdated netscape ds 5 schema file. + * BUG 9011: Fix build on HP-UX. + + +o Volker Lendecke + * Fix uninitialized memory read in talloc_free(). + * BUG 8338: OS/X can not deal with a 10-vwv read on normal files. + * BUG 8998: Notify code can miss a ChDir. + * BUG 9000: Fix a Winbind race leading to 100% CPU. + * BUG 9003: Fix posix acl on gpfs. + + +o Matthieu Patou + * BUG 8975: Make sure that Winbind can coredump. + + +o Karolin Seeger + * BUG 7930: Add hint that setting "profile acls = yes" on normal shares can + cause trouble. + + +o Richard Sharpe + * BUG 8822: Fix building out-of-tree vfs modules. + * BUG 8970: Fix possible memory leaks in the Samba master process. + + +o Simo Sorce + * BUG 8915: Fix pam_winbind build against newer iniparser library. + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + + ============================== + Release Notes for Samba 3.5.15 + April 30, 2012 + ============================== + + +This is a security release in order to address +CVE-2012-2111 (Incorrect permission checks when granting/removing +privileges can compromise file server security). + +o CVE-2012-2111: + Samba 3.4.x to 3.6.4 are affected by a + vulnerability that allows arbitrary users + to modify privileges on a file server. + + +Changes since 3.5.14: +--------------------- + + +o Jeremy Allison + * Fix incorrect permission checks when granting/removing + privileges (CVE-2012-2111). + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + + ============================== + Release Notes for Samba 3.5.14 + April 10, 2012 + ============================== + + +This is a security release in order to address +CVE-2012-1182 ("root" credential remote code execution). + +o CVE-2012-1182: + Samba 3.0.x to 3.6.3 are affected by a + vulnerability that allows remote code + execution as the "root" user. + + +Changes since 3.5.13: +--------------------- + + +o Stefan Metzmacher + *BUG 8815: PIDL based autogenerated code allows overwriting beyond of + allocated array (CVE-2012-1182). + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + + ============================== + Release Notes for Samba 3.5.13 + March 12, 2012 + ============================== + + +This is the latest stable release of Samba 3.5. + +Major enhancements in Samba 3.5.13 include: + +o Fix a crash bug in cldap_socket_recv_dgram() (bug #8593). +o Fully observe password change settings (bug #8561). +o Fix NT ACL issue (bug #8673). +o Fix segfault in Winbind if we can't map the last user (bug #8678). + + +Changes since 3.5.12: +-------------------- + + +o Michael Adam + * BUG 8327: Fix config reload to reload shares from registry. + + +o Jeremy Allison + * BUG 8139: Ignore SMBecho errors. + * BUG 8521: Fix Winbind cache timeout expiry test. + * BUG 8561: Fully observe password change settings. + * BUG 8631: Fix POSIX ACE x permission mapping to and from a DACL. + * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still + set SEC_DESC_DACL_PRESENT in the type field. + * BUG 8644: Make sure that vfs_acl_xattr and vfs_acl_tdb modules add + inheritable entries on a directory with no stored ACL. + * BUG 8663: Fix deleting a symlink if the symlink target is outside of the + * share. + * BUG 8664: Fix renaming a symlink if the symlink target is outside of the + share. + * BUG 8673: Fix NT ACL issue. + * BUG 8679: Make sure that recvfile code path using splice() on Linux + does not leave data in the pipe on short write. + * BUG 8687: Fix typo in 'net memberships' usage. + + +o Christian Ambach + * BUG 8658: Add timeouts to Winbind cache. + + +o Andrew Bartlett + * BUG 8727: Do not limit read replies to NBT packet sizes. + + +o Günther Deschner + * BUG 8176: Fix perl path. + * BUG 8692: Fix malloc/talloc mismatch in ads_keytab_verify_ticket(). + + +o Björn Jacke + * BUG 8652: Document the ignore system acls option of vfs_acl_xattr and + vfs_acl_tdb. + + +o Jeff Layton + * BUG 8648: Document more undocumented mount.cifs options. + + +o Volker Lendecke + * BUG 8639: Fix the vfs_commit module. + * BUG 8686: Packet validation checks can be done before length validation + causing uninitialized memory read. + + +o Stefan Metzmacher + * BUG 5326: Fix cli_write_and_x() against OS/2 print shares. + * BUG 8562: Fix double free error (talloc). + * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram(). + * BUG 8684: Try ctdbd_init_connection() as root. + + +o Masafumi Nakayama + * BUG 563: Fix 'smbclient tar' for files greater than 8GB on BE machines. + + +o Matthieu Patou + * BUG 8599: Make WINBINDD_PAM_AUTH_CRAP return valid user session key. + * BUG 8771: Make Winbind change faster from DC1 to DC2. + + +o Andreas Schneider + * BUG 8608: Don't fail on users without a uid (Winbind). + * BUG 8628: Don't duplicate Kerberos service tickets. + * BUG 8645: Add missing prefixpath options for mount.cifs manpage. + * BUG 8658: Add an update function for Winbind cache. + * BUG 8678: Fix segfault in Winbind if we can't map the last user. + + +o Karolin Seeger + * BUG 7705: Fix rpm build issues on RHEL4. + + +o Richard Sharpe + * BUG 8607: Simplify building modules outside the Samba source tree. + + +###################################################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 3.5 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +---------------------------------------------------------------------- + + ============================== Release Notes for Samba 3.5.12 - , 2011 + November 2, 2011 ============================== @@ -8,13 +507,69 @@ This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.12 include: -o +o Fix race condition in Winbind (bug 7844). +o The VFS ACL modules are no longer experimental but production-ready. + Changes since 3.5.11: -------------------- -o +o Jeremy Allison + * BUG 7509: smb_acl_to_posix: ACL is invalid for set (Invalid argument). + * BUG 7551: Return error of cli_push when 'put - /some/file' is used. + * BUG 8156: 'net ads join' fails to use the user's kerberos ticket. + * BUG 8370: Fix vfs_chown_fsp. + * BUG 8422: Fix infinite loop in ACL module code. + * BUG 8443: Be smarter about setting default permissions when a ACL_USER_OBJ + isn't given. + * BUG 8458: IE9 on Windows 7 cannot download files to samba 3.5.11 share. + * BUG 8493: DFS breaks zip file extracting unless "follow symlinks = no" + set. + * BUG 8507: Make smbd correctly honor the "force create mode" bits from a + cifsfs create. + * BUG 8541: Fix readlink() on Linux clients if the symlink target is + outside of the share. + * BUG 8542: smbclient posix_open command fails to return correct info on + open file. + + +o Pierre Carrier + * BUG 8186: Allow changing the maximum number of simultaneous clients in + Winbind through an smb.conf option. + + +o Günther Deschner + * BUG 7465: Fix 'net ads join -k' when KRB5CCNAME is not set. + * BUG 7888: Deal with buggy 3.0 based PDCs. + * BUG 8491: Fix some coverity issues. + + +o David Disseldorp + * BUG 8480: acl_xattr can free an invalid pointer if no blob is loaded. + + +o Björn Jacke + * BUG 8256: Add man vfs_aio_fork. + * BUG 8362: Fix SWAT build issue on old glibc systems. + * BUG 8531: Make DSO_EXPORTS_CMD more portable. + + +o Volodymyr Khomenko + * BUG 8515: Disallow "." in can_set_delete_on_close(). + + +o Volker Lendecke + * BUG 7844: Fix race condition in Winbind. + * BUG 8338: Add a fallback for missing open&x support in OS/X Lion. + * BUG 8420: Fix getent group if trusted domains are not reachable. + + +o Stefan Metzmacher o Stefan Metzmacher * BUG 7841: Make WINBINDD_LOOKUPRIDS ask the right domain. - * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open. * BUG 8276: Close all sockets attached to a subnet in close_subnet().