+ ==============================
+ Release Notes for Samba 3.5.21
+ , 2013
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.21 include:
+
+o
+
+Changes since 3.5.19:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
+ Release Notes for Samba 3.5.20
+ December 17, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.20 include:
+
+o Fix segfaults in log level = 10 on Solaris (bug #9390).
+o Apply ACL masks correctly when setting ACLs (bug #9236).
+
+
+Changes since 3.5.19:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7781: Samba transforms ShareName to lowercase (sharename) when adding
+ new share via MMC.
+ * BUG 9236: Apply ACL masks correctly when setting ACLs.
+ * BUG 9455: munmap called for an address location not mapped by Samba.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 9345: Fix usage of <smbconfoption> tag.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 9390: Fix segfaults in log level = 10 on Solaris.
+ * BUG 9402: Fix dns updates against BIND9 (used in a Samba4 domain).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.19
+ November 5, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.19 include:
+
+o Connection to outbound trusted domain goes offline (bug #9016).
+o ACL masks incorrectly applied when setting ACLs (bug #9236).
+o Samba panics if a user specifies an invalid port number (bug #9218).
+
+
+Changes since 3.5.18:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 9016: Connection to outbound trusted domain goes offline.
+ * BUG 9117: smbclient can't connect to a Windows 7 server using NTLMv2.
+ * BUG 9213: Bad ASN.1 NegTokenInit packet can cause invalid free.
+ * BUG 9236: ACL masks incorrectly applied when setting ACLs.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8788: libsmb: Initialise ticket to ensure we do not free invalid memory.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8344: autoconf: Fix --with(out)-sendfile-support option handling.
+ * BUG 8732: Fix compile of krb5 locator on Solaris.
+ * BUG 9172: Add quota support for gfs2.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 9259: lib-addns: Ensure that allocated buffer are pre set to 0.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 9218: Samba panics if a user specifies an invalid port number.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.18
+ September 24, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.18 include:
+
+o Fix a smbd crash in reply_lockingX_error (bug #9084).
+o Fix Winbind crashes caused by mis-identified idle clients (bug #9104).
+o Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in
+ _pam_winbind_change_pwd() when password is expiring (bug #9013).
+
+
+Changes since 3.5.17:
+---------------------
+
+o Michael Adam <obnox@samba.org>
+ * BUG 7788: Clarify the idmap_rid manpage.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 9098: Winbind does not refresh Kerberos tickets.
+ * BUG 9147: Winbind can't fetch user or group info from AD via LDAP.
+ * BUG 9150: Valid open requests can cause smbd assert due to incorrect
+ oplock handling on delete requests.
+
+
+o Neil R. Goldberg <ngoldber@mitre.org>
+ * BUG 9100: Winbind doesn't return "Domain Local" groups from own domain.
+
+
+o Hargagan <shargagan@novell.com>
+ * BUG 9085: NMB registration for a duplicate workstation fails with
+ registration refuse.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7814: Fix build of sysquote_xfs.
+ * BUG 8402: Winbind log spammed with idmap messages.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 9084: Fix a smbd crash in reply_lockingX_error.
+
+
+o Herb Lewis <hlewis@panasas.com>
+ * BUG 9104: Fix Winbind crashes caused by mis-identified idle clients.
+
+
+o Luca Lorenzetto <lorenzetto-luca@ubuntu-it.org>
+ * BUG 9013: Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in
+ _pam_winbind_change_pwd() when password is expiring.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.17
+ August 13, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+
+Changes since 3.5.16:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 9034: Fix typo in set_re_uid() call when USE_SETRESUID selected in
+ configure.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8996: Fix build without ads support.
+ * BUG 9011: Second part of a fix for bug #9011 (Build on HP-UX broken).
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 9022: Make vfs_gpfs less verbose in get/set_xattr functions.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.16
+ July 2, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.16 include:
+
+o Fix possible memory leaks in the Samba master process (bug #8970).
+o Fix uninitialized memory read in talloc_free().
+o Fix smbd crash with unknown user (bug #8314).
+
+
+Changes since 3.5.15:
+---------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8314: Fix smbd crash with unknown user.
+ * BUG 8831: Fix inconsistent (with manpage) command-line switch for "help"
+ in smbtree.
+ * BUG 8882: Fix processing of %U with vfs_full_audit when "force user"
+ is set.
+ * BUG 8897: winbind_krb5_locator only returns one IP address.
+ * BUG 8910: resolve_ads() code can return zero addresses and miss valid DC
+ IP addresses.
+ * BUG 8957: Fix typo in pam_winbindd code.
+ * BUG 8972: Directory group write permission bit is set if unix extensions
+ are enabled.
+ * BUG 8974: Kernel oplocks are broken when uid(file) != uid(process).
+ * BUG 8989: Send correct responses to NT Transact Secondary when no data and
+ no params.
+ * BUG 8994: Fix "winbind normalize names".
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8599: Only use SamLogonEx when we can get unencrypted session keys.
+ * BUG 8943: Slow but responsive DC can lock up winbindd for > 10 minutes
+ at a time.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 7564: Fix default name resolve order in the manpage.
+
+
+o John Bradshaw <john@johnbradshaw.org>
+ * BUG 7938: Fix typo (overrided -> overridden) in Samba3-HOWTO.
+
+
+o Olaf Flebbe <o.flebbe@science-computing.de>
+ * BUG 8552: Correct documentation of "case sensitive".
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8869: Remove outdated netscape ds 5 schema file.
+ * BUG 9011: Fix build on HP-UX.
+
+
+o Volker Lendecke <vl@samba.org>
+ * Fix uninitialized memory read in talloc_free().
+ * BUG 8338: OS/X can not deal with a 10-vwv read on normal files.
+ * BUG 8998: Notify code can miss a ChDir.
+ * BUG 9000: Fix a Winbind race leading to 100% CPU.
+ * BUG 9003: Fix posix acl on gpfs.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 8975: Make sure that Winbind can coredump.
+
+
+o Karolin Seeger <kseeger@samba.org>
+ * BUG 7930: Add hint that setting "profile acls = yes" on normal shares can
+ cause trouble.
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 8822: Fix building out-of-tree vfs modules.
+ * BUG 8970: Fix possible memory leaks in the Samba master process.
+
+
+o Simo Sorce <idra@samba.org>
+ * BUG 8915: Fix pam_winbind build against newer iniparser library.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.15
+ April 30, 2012
+ ==============================
+
+
+This is a security release in order to address
+CVE-2012-2111 (Incorrect permission checks when granting/removing
+privileges can compromise file server security).
+
+o CVE-2012-2111:
+ Samba 3.4.x to 3.6.4 are affected by a
+ vulnerability that allows arbitrary users
+ to modify privileges on a file server.
+
+
+Changes since 3.5.14:
+---------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * Fix incorrect permission checks when granting/removing
+ privileges (CVE-2012-2111).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.14
+ April 10, 2012
+ ==============================
+
+
+This is a security release in order to address
+CVE-2012-1182 ("root" credential remote code execution).
+
+o CVE-2012-1182:
+ Samba 3.0.x to 3.6.3 are affected by a
+ vulnerability that allows remote code
+ execution as the "root" user.
+
+
+Changes since 3.5.13:
+---------------------
+
+
+o Stefan Metzmacher <metze@samba.org>
+ *BUG 8815: PIDL based autogenerated code allows overwriting beyond of
+ allocated array (CVE-2012-1182).
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.13
+ March 12, 2012
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.13 include:
+
+o Fix a crash bug in cldap_socket_recv_dgram() (bug #8593).
+o Fully observe password change settings (bug #8561).
+o Fix NT ACL issue (bug #8673).
+o Fix segfault in Winbind if we can't map the last user (bug #8678).
+
+
+Changes since 3.5.12:
+--------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 8327: Fix config reload to reload shares from registry.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 8139: Ignore SMBecho errors.
+ * BUG 8521: Fix Winbind cache timeout expiry test.
+ * BUG 8561: Fully observe password change settings.
+ * BUG 8631: Fix POSIX ACE x permission mapping to and from a DACL.
+ * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still
+ set SEC_DESC_DACL_PRESENT in the type field.
+ * BUG 8644: Make sure that vfs_acl_xattr and vfs_acl_tdb modules add
+ inheritable entries on a directory with no stored ACL.
+ * BUG 8663: Fix deleting a symlink if the symlink target is outside of the
+ * share.
+ * BUG 8664: Fix renaming a symlink if the symlink target is outside of the
+ share.
+ * BUG 8673: Fix NT ACL issue.
+ * BUG 8679: Make sure that recvfile code path using splice() on Linux
+ does not leave data in the pipe on short write.
+ * BUG 8687: Fix typo in 'net memberships' usage.
+
+
+o Christian Ambach <christian.ambach@de.ibm.com>
+ * BUG 8658: Add timeouts to Winbind cache.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 8727: Do not limit read replies to NBT packet sizes.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 8176: Fix perl path.
+ * BUG 8692: Fix malloc/talloc mismatch in ads_keytab_verify_ticket().
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8652: Document the ignore system acls option of vfs_acl_xattr and
+ vfs_acl_tdb.
+
+
+o Jeff Layton <jlayton@redhat.com>
+ * BUG 8648: Document more undocumented mount.cifs options.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 8639: Fix the vfs_commit module.
+ * BUG 8686: Packet validation checks can be done before length validation
+ causing uninitialized memory read.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 5326: Fix cli_write_and_x() against OS/2 print shares.
+ * BUG 8562: Fix double free error (talloc).
+ * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram().
+ * BUG 8684: Try ctdbd_init_connection() as root.
+
+
+o Masafumi Nakayama <MASA23@jp.ibm.com>
+ * BUG 563: Fix 'smbclient tar' for files greater than 8GB on BE machines.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 8599: Make WINBINDD_PAM_AUTH_CRAP return valid user session key.
+ * BUG 8771: Make Winbind change faster from DC1 to DC2.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 8608: Don't fail on users without a uid (Winbind).
+ * BUG 8628: Don't duplicate Kerberos service tickets.
+ * BUG 8645: Add missing prefixpath options for mount.cifs manpage.
+ * BUG 8658: Add an update function for Winbind cache.
+ * BUG 8678: Fix segfault in Winbind if we can't map the last user.
+
+
+o Karolin Seeger <kseeger@samba.org>
+ * BUG 7705: Fix rpm build issues on RHEL4.
+
+
+o Richard Sharpe <realrichardsharpe@gmail.com>
+ * BUG 8607: Simplify building modules outside the Samba source tree.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.12
+ November 2, 2011
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.12 include:
+
+o Fix race condition in Winbind (bug 7844).
+o The VFS ACL modules are no longer experimental but production-ready.
+
+
+Changes since 3.5.11:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7509: smb_acl_to_posix: ACL is invalid for set (Invalid argument).
+ * BUG 7551: Return error of cli_push when 'put - /some/file' is used.
+ * BUG 8156: 'net ads join' fails to use the user's kerberos ticket.
+ * BUG 8370: Fix vfs_chown_fsp.
+ * BUG 8422: Fix infinite loop in ACL module code.
+ * BUG 8443: Be smarter about setting default permissions when a ACL_USER_OBJ
+ isn't given.
+ * BUG 8458: IE9 on Windows 7 cannot download files to samba 3.5.11 share.
+ * BUG 8493: DFS breaks zip file extracting unless "follow symlinks = no"
+ set.
+ * BUG 8507: Make smbd correctly honor the "force create mode" bits from a
+ cifsfs create.
+ * BUG 8541: Fix readlink() on Linux clients if the symlink target is
+ outside of the share.
+ * BUG 8542: smbclient posix_open command fails to return correct info on
+ open file.
+
+
+o Pierre Carrier <pcarrier@redhat.com>
+ * BUG 8186: Allow changing the maximum number of simultaneous clients in
+ Winbind through an smb.conf option.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7465: Fix 'net ads join -k' when KRB5CCNAME is not set.
+ * BUG 7888: Deal with buggy 3.0 based PDCs.
+ * BUG 8491: Fix some coverity issues.
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 8480: acl_xattr can free an invalid pointer if no blob is loaded.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 8256: Add man vfs_aio_fork.
+ * BUG 8362: Fix SWAT build issue on old glibc systems.
+ * BUG 8531: Make DSO_EXPORTS_CMD more portable.
+
+
+o Volodymyr Khomenko <Volodymyr_Khomenko@dell.com>
+ * BUG 8515: Disallow "." in can_set_delete_on_close().
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7844: Fix race condition in Winbind.
+ * BUG 8338: Add a fallback for missing open&x support in OS/X Lion.
+ * BUG 8420: Fix getent group if trusted domains are not reachable.
+
+
+o Stefan Metzmacher <metze@samba.org
+ * BUG 8347: Fix regression on HP-UX, AIX and OSF introduced by the fix for
+ CVE-2011-2522.
+ * BUG 8452: Check the wct of the incoming SMBnegprot responses in libsmb.
+ * BUG 8491: Fix some coverity issues.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.11
+ August 4, 2011
+ ==============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.11 include:
+
+o Fix access to Samba shares when Windows security patch KB2536276 is installed
+ (bug #8238).
+o Fix Winbind panics if verify_idpool() fails (bug #8253).
+
+
+Changes since 3.5.10:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7462: Make SA_RESETHAND conditional on its existance.
+ * BUG 8254: Make "acl check permissions = no" working in all cases.
+
+
+o Gregor Beck <gbeck@sernet.de>
+ * BUG 8253: Fix Winbind panics if verify_idpool() fails.
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 8269: Stop spamming log with "Could not find child X -- ignoring"
+ messages in smbd.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7460: Include sys/file.h only when available.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7841: Explicitly pass domain_sid to wbint_LookupRids().
+ * BUG 8238: Fix access to Samba shares when Windows security patch
+ KB2536276 is installed.
+ * BUG 8322: Add HAVE_FUNCTION_ATTRIBUTE_DESTRUCTOR.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 7841: Make WINBINDD_LOOKUPRIDS ask the right domain.
+ * BUG 8276: Close all sockets attached to a subnet in close_subnet().
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ ==============================
+ Release Notes for Samba 3.5.10
+ July 26, 2011
+ ==============================
+
+
+This is a security release in order to address
+CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
+CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).
+
+
+o CVE-2011-2522:
+ The Samba Web Administration Tool (SWAT) in Samba versions
+ 3.0.x to 3.5.9 are affected by a cross-site request forgery.
+
+
+o CVE-2011-2694:
+ The Samba Web Administration Tool (SWAT) in Samba versions
+ 3.0.x to 3.5.9 are affected by a cross-site scripting
+ vulnerability.
+
+Please note that SWAT must be enabled in order for these
+vulnerabilities to be exploitable. By default, SWAT
+is *not* enabled on a Samba install.
+
+
+Changes since 3.5.9:
+--------------------
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 8289: SWAT contains a cross-site scripting vulnerability.
+ * BUG 8290: CSRF vulnerability in SWAT.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.9
+ June 14, 2011
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.9 include:
+
+o Sgid bit lost on folder rename (bug #7996).
+o ACL can get lost when files are being renamed (bug #7987).
+o Respect "allow trusted domains = no" in Winbind (bug #6966).
+o Samba now follows Windows behaviour as a Kerberos client,
+ requesting a CIFS/ ticket (bug #7893).
+
+New Kerberos behaviour
+----------------------
+
+A new parameter 'client use spnego principal' defaults to 'no' and
+mean Samba will use CIFS/hostname to obtain a kerberos ticket, acting
+more like Windows when using Kerberos against a CIFS server in
+smbclient, winbind and other Samba client tools. This will change
+which servers we will successfully negotiate kerberos connections to.
+This is due to Samba no longer trusting a server-provided hint which
+is not available from Windows 2008 or later. For correct operation
+with all clients, all aliases for a server should be recorded as a as
+a servicePrincipalName on the server's record in AD.
+
+Changes since 3.5.8:
+--------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 6911: Kerberos authentication from Vista to Samba fails when security
+ blob size is greater than 16 kB.
+ * BUG 7080: Quota only shown when logged as root.
+ * BUG 7528: Fix Solaris with NIS autohome.
+ * BUG 7987: ACL can get lost when files are being renamed.
+ * BUG 7996: sgid bit lost on folder rename.
+ * BUG 8040: Fix 'smbclient' segfaults when a Cyrillic netbios name or
+ workgroup is configured.
+ * BUG 8072: Fix panic in create_file_acl_common.
+ * BUG 8038: Fix is_myname_or_ipaddr() to be robust against strange DNS
+ setups.
+ * BUG 8083: "inherit owner = yes" doesn't interact correctly with
+ vfs_acl_xattr or vfs_acl_tdb module.
+ * BUG 8088: Fix segfault in rpccli_samr_chng_pswd_auth_crap if any input
+ blobs are null.
+ * BUG 8111: CIFS VFS: Fix unexpected error on SMB posix open.
+ * BUG 8157: Fix parsing CUPS printcap files in std_pcap_cache_reload().
+ * BUG 8163: Fix our asn.1 parser to handle negative numbers.
+ * BUG 8211: "inherit owner = yes" doesn't interact correctly with "inherit
+ permissions = yes".
+
+
+o Christian Ambach <ambi@samba.org>
+ * BUG 8008: Fix a segfault in the krb5 locator plugin.
+ * BUG 8012: Use getgrset() instead of initgroups() + getgroups() when
+ getgrouplist() is not defined.
+ * BUG 8031: Convert gpfs:sharemodes and gpfs:leases parameters from a
+ global setting to a per share setting.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 7893: Don't ever ask for machine$ principals as a target.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 8074: Fix debug message.
+
+
+o Dmitry Butskoy <dmitry@butskoy.name>
+ * BUG 6966: Respect "allow trusted domains = no" in Winbind.
+
+
+o Marc A. Dahlhaus <mad@wol.de>
+ * BUG 8047: Fix mdns registration if "interfaces=" is used.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7993: Make sure we don't crash when publishing a single printer.
+ * BUG 8085: Fix incorrect timeout handling in ncacn_ip_tcp client code.
+ * BUG 8132: Fix filling printers location field when using CUPS.
+
+
+o David Disseldorp <ddiss@suse.de>
+ * BUG 7836: Make newly added printers visible to clients.
+ * BUG 7994: Use printcap IDL for IPC.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7825: Fix GNU ld version detection with old gcc releases.
+ * BUG 8033: Add explicit configure option whether to enable dmapi
+ support or not.
+
+
+o Sergey Korsak <skif@1plus1.net>
+ * BUG 8099: setpwent() actually does endpwent() on FreeBSD.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 8009: Fix getting username in 'net rap session'.
+ * BUG 8011: Fix memory corruption in shadow_copy2.
+ * BUG 8016: Fix gpfs_get_xattr.
+ * BUG 8042: File creation on OS/X.
+ * BUG 8054: Winbind cache stores/retrieves wrong sizes for 16-bit ints.
+ * BUG 8066: Fix wrong output in 'smbget'.
+ * BUG 8087: Fix wbcChangeUserPasswordEx in RESPONSE mode.
+
+
+o Nikolay Martynov <mar.kolya@gmail.com>
+ * BUG 8010: Fix inode generation so nautilus can count total dir size
+ correctly.
+
+
+o Jim McDonough <jmcd@samba.org>
+ * BUG 6364: Pull realm from supplied username on libnet join.
+ * BUG 8166: Don't lockout users when offline.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 7383: Normalize IPv4 mapped IPv6 addresses in both directions.
+ * BUG 8034: SEC_STD_DELETE is always granted to the owner of a file.
+
+
+o Larry Reid <lcreid@jadesystems.ca>
+ * BUG 8055: Can't see Parts of DFS CIFS share.
+
+
+o Simo Sorce <idra@samba.org>
+ * BUG 7610: winbindd_cache.tdb grows too large when scaled.
+
+
+o Martin Vogt <martin.vogt@itwm.fraunhofer.de>
+ * BUG 6762: Fix ctdb on gpfs error with MS Office.
+
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.8
+ March 7, 2011
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.8 include:
+
+o Fix Winbind crash bug when no DC is available (bug #7730).
+o Fix finding users on domain members (bug #7743).
+o Fix memory leaks in Winbind (bug #7879).
+o Fix printing with Windows 7 clients (bug #7567).
+
+
+Changes since 3.5.7:
+--------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 7594: Fix "log=>ndr_pull_error" in 'wbinfo -u' and 'wbinfo -g'.
+ * BUG 7871: Fix 'net ads dns register' in cluster setups.
+ * BUG 7894: Fix sporadic Winbind panic in rpc query_user_list.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7409: Raise debug level for "reduce_name: couldn't get realpath"
+ messages.
+ * BUG 7716: Store unmodified copies of security descriptors in acl_xattr and
+ acl_tdb modules.
+ * BUG 7733: Fix incorrect unix mode_t caused by invalid client DOS
+ attributes on create.
+ * BUG 7734: Apply appropriate create masks when creating files with "inherit
+ ACLs" set to true.
+ * BUG 7743: Fix finding users on domain members.
+ * BUG 7744: Fix "dfree cache time" parameter.
+ * BUG 7777: Fix requesting lookups for BUILTIN sids.
+ * BUG 7785: Fix atime limit.
+ * BUG 7791: Fix copying files from a SMB share using Gnome vfs and SMB
+ signing.
+ * BUG 7812: ACL inheritance cannot be disabled in vfs_acl_xattr/vfs_acl_tdb.
+ * BUG 7835: vfs_fill_sparse() doesn't use posix_fallocate when strict
+ allocate is on.
+ * BUG 7843: Expand the local SAMs aliases.
+ * BUG 7892: Fix stale lock in open_file_fchmod().
+ * BUG 7950: Revalidate the pathname once re-constructed from a root fsp.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 7356: Fix 'net ads dns register' in Windows 2008 R2 domains.
+
+
+o Björn Baumbach <bb@sernet.de>
+ * BUG 7875: Fix 'nmbd --port'.
+ * BUG 7880: Make 'rpcclient deldriver' delete drivers for all architectures.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7567: Fix printing with Windows 7 clients.
+ * BUG 7641: Handle Windows 9x adddriver calls without config file.
+ * BUG 7945: Let Winbind try to use samlogon validation level 6.
+
+
+o Holger Hetterich <hhetter@novell.com>
+ * BUG 3185: Fix 'testparm' return code when EOF in encountered in param
+ name.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7821: Fix build of shared libraries on Tru64.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7066: Fix "Your Password expires today" message for users of trusted
+ domains.
+ * BUG 7262: Fix maintaining of users' groups via UsrMgr.
+ * BUG 7656: Fix scalability problem with hundreds of printers.
+ * BUG 7665: Fix memory leak in the netapi routines.
+ * BUG 7730: Fix Winbind crash bug when no DC is available.
+ * BUG 7774: Fix a getgrent crash with many groups.
+ * BUG 7779: Fix smbd crash caused by expand_msdfs.
+ * BUG 7800: Make Winbind recover from a signing error.
+ * BUG 7817: Fix "force group" with ntlmssp guest session setup.
+ * BUG 7841: Make WINBINDD_LOOKUPRIDS asking the right domain.
+ * BUG 7842: Make WINBINDD_LOOKUPRIDS returning the domain name.
+ * BUG 7855: ntlm_auth: Support clients which offer a spnego mechs we don't
+ support.
+ * BUG 7879: Fix memory leaks in Winbind.
+ * BUG 7881: Fix flaky Winbind against Windows 2008.
+ * BUG 7917: Fix connections from WinCE.
+ * BUG 7940: Fix opening MS Powerpoint files.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 7567: Fix printing with Windows 7 clients.
+ * BUG 7855: ntlm_auth: Support clients which offer a spnego mechs we don't
+ support.
+ * BUG 7883: Fix SMB session setups with Kerberos against some closed source
+ SMB servers.
+ * BUG 7896: Don't set SAMR_FIELD_FULL_NAME if we just want to set the
+ account name.
+ * BUG 7899: Don't return "-1" on success in 'net rpc vampire keytab'.
+ * BUG 7942: Fix endless loops caused by inotify.
+ * BUG 7944: Catch lookup_names/sids schannel errors over ncacn_ip_tcp.
+
+
+o Jonathan Nieder <jrnieder@gmail.com>
+ * BUG 6837: Make "rlimit_max below minimum Windows limit" notification less
+ scary.
+
+
+o olivier <olivier@virtscano.fakenet>
+ * BUG 7789: vfs_scannedonly: Switch from mtime to ctime which is more reliable.
+
+
+o Rusty Russell <rusty@rustcorp.com.au>
+ * BUG 7498: Fix updating the time on close in vfs_gpfs.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.7
+ February 28, 2011
+ =============================
+
+
+This is a security release in order to address CVE-2011-0719.
+
+
+o CVE-2011-0719:
+ All current released versions of Samba are vulnerable to
+ a denial of service caused by memory corruption. Range
+ checks on file descriptors being used in the FD_SET macro
+ were not present allowing stack corruption. This can cause
+ the Samba code to crash or to loop attempting to select
+ on a bad file descriptor set.
+
+
+Changes since 3.5.6:
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.6
+ October 8, 2010
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.6 include:
+
+ o Fix smbd panic on invalid NetBIOS session request (bug #7698).
+ o Fix smbd crash caused by "%D" in "printer admin" (bug #7541).
+ o Fix crash bug with invalid SPNEGO token (bug #7694).
+ o Fix Winbind internal error (bug #7636).
+
+
+Changes since 3.5.5
+-------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7577: Fix SPNEGO auth when contacting Win7 system using Microsoft Live
+ Sign-in Assistant.
+ * BUG 7578: Fix 'net idmap restore' setting HWM to avoid duplicates.
+ * BUG 7581: Fix "admin users" when using vfs_acl_xattr.
+ * BUG 7583: Fix smbclient to connect to Alfresco JLAN CIFS server using
+ Kerberos.
+ * BUG 7589: Fix using cached credentials in ntlm_auth.
+ * BUG 7590: Fix Winbind offline login.
+ * BUG 7617: Fix smbd coredump due to uninitialized variables in the
+ performance counter code.
+ * BUG 7636: Fix Winbind internal error.
+ * BUG 7651: Fix mknod and mkfifo failing with "No such file or
+ directory".
+ * BUG 7693: Fix smbd changing mode of files on rename.
+ * BUG 7694: Fix crash bug with invalid SPNEGO token.
+ * BUG 7698: Fix smbd panic on invalid NetBIOS session request.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7541: Fix smbd crash caused by "%D" in "printer admin".
+ * BUG 7568: Make sure cm_connect_lsa_tcp does not reset the secure channel.
+ * BUG 7658: Fix "dereferencing type-punned pointer will break
+ strict-aliasing rules" warnings).
+ * BUG 7665: Fix memory leak in netapi connection manager.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7244: Fall back to cups-config for underlinked libs.
+ * BUG 7474: Fix build on platforms without st_blocks and st_blksize stat
+ struct members.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7336: Enable idmap_passdb module build as shared.
+ * BUG 7531: Fix the charset_pull routine.
+ * BUG 7635: Fix 'smbclient -M'.
+ * BUG 7656: Fix scalability problem with hundreds of printers.
+ * BUG 7684: Fix fd leak in libwbclient.so.
+ * BUG 7688: Fix crash bug in rpcclient.
+ * BUG 7470: Standardize S_IREAD and S_IWRITE.
+ * BUG 7715: Fix file corruption when setting Samba "write wache wize".
+
+
+o Jim McDonough <jmcd@samba.org>
+ * BUG 7280: Fix auto printers with registry config.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 7538: Fix GUID_from_data_blob() with length of 32.
+
+
+o Chere Zhou <chere.zhou@isilon.com>
+ * BUG 7662: Align change notify replies on 4-byte boundary.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.5
+ September 14, 2010
+ =============================
+
+
+This is a security release in order to address CVE-2010-3069.
+
+
+o CVE-2010-3069:
+ All current released versions of Samba are vulnerable to
+ a buffer overrun vulnerability. The sid_parse() function
+ (and related dom_sid_parse() function in the source4 code)
+ do not correctly check their input lengths when reading a
+ binary representation of a Windows SID (Security ID). This
+ allows a malicious client to send a sid that can overflow
+ the stack variable that is being used to store the SID in the
+ Samba smbd server.
+
+
+Changes since 3.5.4
+--------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7669: Fix for CVE-2010-3069.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 7669: Fix for CVE-2010-3069.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.4
+ June 23, 2010
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.4 include:
+
+ o Fix smbd crash when sambaLMPassword and sambaNTPassword entries missing
+ from ldap (bug #7448).
+ o Fix init_sam_from_ldap storing group in sid2uid cache (bug #7507).
+
+
+Changes since 3.5.3
+-------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 7507: Fix init_sam_from_ldap storing group in sid2uid cache.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7188: Make ea data checks identical for trans2open and trans2mkdir.
+ * BUG 7410: Samba sends "raw" inode number as uniqueid with unix extensions.
+ * BUG 7449: Fix spnego returning incorrect mechListMIC string.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7341: Fix Winbind over IPv6.
+ * BUG 7459: Fix some crash bugs and missing error codes in AddDriver paths.
+ * BUG 7479: Fix crash bug in _samr_QueryUserInfo{2} level 18.
+ * BUG 7517: Fix session setup from linux kernel cifs clients with
+ "sec=ntlmv2".
+
+
+o Olaf Flebbe <o.flebbe@science-computing.de>
+ * BUG 7209: Fix build on RHEL5.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7427: Using IBM xl_C compiler produces wrong results in configure.
+ * BUG 7503: Fix calculation of st_blocks in vfs_streams_xattr.
+ * BUG 7504: Fix numerous build issues.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7253: Fix Samba login cache problem on Sparc Architecture.
+ * BUG 7262: Fix editing users' groups via UsrMgr.
+
+
+o Buchan Milne <bgmilne@mandriva.org>
+ * BUG 7500: Fix 'not a string literal' warning in netdomjoin-gui.
+
+
+o Matthieu Patou <mat@matws.net>
+ * BUG 7099: Allow previous password to be stored and use it to check
+ tickets.
+
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 7423: Fix printing large formats.
+
+
+o Roel van Meer <rolek@bokxing.nl>
+ * BUG 7448: Fix smbd crash when sambaLMPassword and sambaNTPassword entries
+ missing from ldap.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.3
+ May 19, 2010
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.3 include:
+
+ o Fix MS-DFS functionality (bug #7339).
+ o Fix a Winbind crash when scanning trusts (bug #7389).
+ o Fix problems with SIGCHLD handling in Winbind (bug #7317).
+
+
+Changes since 3.5.2
+-------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7288: Fix SMB job IDs in CUPS job names.
+ * BUG 7339: Fix MS-DFS functionality.
+
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 7354: Fix CLDAP tsocket problem on Solaris.
+
+
+o Ira Cooper <samba@ira.wakeful.net>
+ * BUG 7384: Fix bitmap leak in dptr_Close.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7277: Fix exporting printers via 'cupsaddsmb' command.
+ * BUG 7417: Fix setting of passwords via 'net rpc user password' command.
+ * BUG 7418: Fix 'net rpc printer list' command.
+
+
+o Olaf Flebbe <o.flebbe@science-computing.de>
+ * BUG 7421: Rename mod_name to module_name.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7352: Make TIME_T_MAX defines consistent.
+ * BUG 7385: Fix building with Solaris' gcc.
+
+
+o Jeff Layton <jlayton@redhat.com>
+ * BUG 7315: Fix segfault in mount.cifs.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 7357: Re-fix a bug with smbd serving a windows terminal server.
+ * BUG 7389: Fix a Winbind crash when scanning trusts.
+ * BUG 7398: Fix rename problems with full_audit VFS module.
+
+
+o Jim McDonough <jmcd@samba.org>
+ * BUG 7378: Display an error on 'net conf import' failures.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 7196: Add replacement for IPV6_V6ONLY on linux systems with broken
+ headers.
+ * BUG 7317: Fix problems with SIGCHLD handling in Winbind.
+ * BUG 7354: Fix CLDAP tsocket problem on Solaris.
+
+
+o Luca Olivetti <luca@wetron.es>
+ * BUG 7263: Fix cups encryption setting.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
+ =============================
+ Release Notes for Samba 3.5.2
+ April 7, 2010
+ =============================
+
+
+This is the latest stable release of Samba 3.5.
+
+Major enhancements in Samba 3.5.2 include:
+
+ o Fix smbd segfaults in _netr_SamLogon for clients sending null domain
+ (bug #7237).
+ o Fix smbd segfaults in "waiting for connections" message (bug #7251).
+ o Fix an uninitialized variable read in smbd (bug #7254).
+ o Fix a memleak in Winbind (bug #7278).
+ o Fix Winbind reconnection to it's own domain (bug #7295).
+
+
+Changes since 3.5.1
+-------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 7231: Fix automatic building of vfs_tsmsm if gpfs and dmapi are
+ present.
+ * BUG 7232: Fix race conditions in CTDB persistent transactions.
+ * BUG 7313: Make 'net conf addshare' atomic.
+ * BUG 7314: Eliminate race condition in creating/scanning sorted subkeys in
+ the registry backend.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7075: Fix bug in vfs_scannedonly rmdir implementation.
+ * BUG 7159: Fix handling of bad server data returns in client rpc_transport.
+ * BUG 7234: Symlink delete fails but incorrectly reports success to client.
+ * BUG 7255: Fix "printer admin" functionality.
+ * BUG 7283: Fix smbd segfault if using vfs_acl_tdb.
+ * BUG 7297: Fix smbd crashes with CUPS printers and no [printers] share defined.
+ * BUG 7310: Fix DOS attribute inconsistency with MS Office.
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 7290: Fix core dump in 'ntlm_auth' with "gss-spnego" helper.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 6727: Fix several printing issues.
+ * BUG 7237: Fix smbd segfaults in _netr_SamLogon for clients sending
+ null domain.
+ * BUG 7256: Fix value-needed calculation in_spoolss_EnumPrinterData().
+ * BUG 7258: Fix _winreg_QueryValue crash bugs and implement Windows
+ behavior.
+
+
+o Holger Hetterich <hhetter@novell.com>
+ * BUG 7203: Fix 'net share' command.
+
+
+o Michael Karcher <samba@mkarcher.dialup.fu-berlin.de>
+ * BUG 7269: Fix job management commands for CUPS queues.
+
+
+o Jeff Layton <jlayton@redhat.com>
+ * BUG 6853: Fix race condition in mount.cifs that allows user to replace
+ mountpoint with a symlink.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 5198: Fix parsing of the gecos field.
+ * BUG 7202: Fix access by multi-threaded applications.
+ * BUG 7212: Fix returning of group members with 'getent group'.
+ * BUG 7216: Fix the build of net_afs.c with --fake-kaserver=yes.
+ * BUG 7229: Fix a NULL pointer dereference in smbd.
+ * BUG 7232: Fix race conditions in CTDB persistent transactions.
+ * BUG 7254: Fix an uninitialized variable read in smbd.
+ * BUG 7278: Fix a memleak in Winbind.
+
+
+o Roel van Meer <rolek@alt001.com>
+ * BUG 6814: Fix valgrind warning.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 7170: Never mark external domains as internal in Winbind.
+ * BUG 7225: Make Winbind logs more verbose for troubleshooting.
+ * BUG 7251: Fix smbd segfault in "waiting for connections" message.
+ * BUG 7295: Fix Winbind reconnection to it's own domain.
+ * BUG 7316: Winbind possibly segfaults when trying a trusted domain without
+ inbound trust.
+
+
+o SATOH Fumiyasu <fumiyas@osstech.co.jp>
+ * BUG 1206: Fix segfault if hide files or veto files has no ".AppleDouble".
+
+
+o Simo Sorce <idra@samba.org>
+ * BUG 7204: Fix DN parsing name was always null.
+
+
+o Andrew Tridgell <tridge@samba.org>
+ * BUG 7312: Many disconnecting clients render clustered Samba unusuable
+ for some time.
+
+
+o Bo Yang <boyang@samba.org>
+ * BUG 7206: Signals are processed twice in child.
+
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+----------------------------------------------------------------------
+
+ =============================
+ Release Notes for Samba 3.5.1
+ March 8, 2010
+ =============================
+
+
+This is a security release in order to address CVE-2010-0728.
+
+
+o CVE-2010-0728:
+ In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code
+ was added to fix a problem with Linux asynchronous IO handling.
+ This code introduced a bad security flaw on Linux platforms if the
+ binaries were built on Linux platforms with libcap support.
+ The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE
+ capabilities, allowing all file system access to be allowed
+ even when permissions should have denied access.
+
+
+Changes since 3.5.0
+-------------------
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 7222: Fix for CVE-2010-0728.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.5 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+
+
=============================
Release Notes for Samba 3.5.0
March 1, 2010
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
-
git.samba.org / samba.git / blobdiff