-Release Announcements
-=====================
+ ==============================
+ Release Notes for Samba 4.19.6
+ April 08, 2024
+ ==============================
-This is the first pre release of Samba 4.19. This is *not*
-intended for production environments and is designed for testing
-purposes only. Please report any defects via the Samba bug reporting
-system at https://bugzilla.samba.org/.
-Samba 4.19 will be the next version of the Samba suite.
+This is the latest stable release of the Samba 4.19 release series.
-UPGRADING
-=========
+Changes since 4.19.5
+--------------------
+o Ralph Boehme <slow@samba.org>
+ * BUG 15527: fd_handle_destructor() panics within an smbd_smb2_close() if
+ vfs_stat_fsp() fails in fd_close().
+
+o Guenther Deschner <gd@samba.org>
+ * BUG 15588: samba-gpupdate: Correctly implement site support.
+
+o Noel Power <noel.power@suse.com>
+ * BUG 15527: fd_handle_destructor() panics within an smbd_smb2_close() if
+ vfs_stat_fsp() fails in fd_close().
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 15588: samba-gpupdate: Correctly implement site support.
+ * BUG 15599: libgpo: Segfault in python bindings.
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15580: Packet marshalling push support missing for
+ CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
+ CTDB_CONTROL_TCP_CLIENT_PASSED.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.5
+ February 19, 2024
+ ==============================
+
+
+This is the latest stable release of the Samba 4.19 release series.
+
+
+Changes since 4.19.4
+--------------------
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 13688: Windows 2016 fails to restore previous version of a file from a
+ shadow_copy2 snapshot.
+ * BUG 15549: Symlinks on AIX are broken in 4.19 (and a few version before
+ that).
+
+o Bjoern Jacke <bj@sernet.de>
+ * BUG 12421: Fake directory create times has no effect.
+
+o Björn Jacke <bjacke@samba.org>
+ * BUG 15550: ctime mixed up with mtime by smbd.
+
+o David Mulder <dmulder@samba.org>
+ * BUG 15548: samba-gpupdate --rsop fails if machine is not in a site.
+
+o Gabriel Nagy <gabriel.nagy@canonical.com>
+ * BUG 15557: gpupdate: The root cert import when NDES is not available is
+ broken.
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 15552: samba-gpupdate should print a useful message if cepces-submit
+ can't be found.
+ * BUG 15558: samba-gpupdate logging doesn't work.
+
+o Jones Syue <jonessyue@qnap.com>
+ * BUG 15555: smbpasswd reset permissions only if not 0600.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.4
+ January 08, 2024
+ ==============================
+
+
+This is the latest stable release of the Samba 4.19 release series.
+
+
+Changes since 4.19.3
+--------------------
+
+o Samuel Cabrero <scabrero@samba.org>
+ * BUG 13577: net changesecretpw cannot set the machine account password if
+ secrets.tdb is empty.
+
+o Björn Jacke <bjacke@samba.org>
+ * BUG 15540: For generating doc, take, if defined, env XML_CATALOG_FILES.
+ * BUG 15541: Trivial C typo in nsswitch/winbind_nss_netbsd.c.
+ * BUG 15542: vfs_linux_xfs is incorrectly named.
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 15377: systemd stumbled over copyright-message at smbd startup.
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 15505: Following intermediate abolute share-local symlinks is broken.
+ * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+ * BUG 15544: shadow_copy2 broken when current fileset's directories are
+ removed.
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 15377: systemd stumbled over copyright-message at smbd startup.
+ * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+ * BUG 15534: smbd does not detect ctdb public ipv6 addresses for multichannel
+ exclusion.
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 15469: 'force user = localunixuser' doesn't work if 'allow trusted
+ domains = no' is set.
+ * BUG 15525: smbget debug logging doesn't work.
+ * BUG 15532: smget: username in the smburl and interactive password entry
+ doesn't work.
+ * BUG 15538: smbget auth function doesn't set values for password prompt
+ correctly.
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+
+o Shachar Sharon <ssharon@redhat.com>
+ * BUG 15440: Unable to copy and write files from clients to Ceph cluster via
+ SMB Linux gateway with Ceph VFS module.
+
+o Jones Syue <jonessyue@qnap.com>
+ * BUG 15547: Multichannel refresh network information.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.3
+ November 27, 2023
+ ==============================
+
+
+This is the latest stable release of the Samba 4.19 release series.
+It contains the security-relevant bugfix CVE-2018-14628:
+
+ Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
+ allow read of object tombstones over LDAP
+ (Administrator action required!)
+ https://www.samba.org/samba/security/CVE-2018-14628.html
+
+
+Description of CVE-2018-14628
+-----------------------------
+
+All versions of Samba from 4.0.0 onwards are vulnerable to an
+information leak (compared with the established behaviour of
+Microsoft's Active Directory) when Samba is an Active Directory Domain
+Controller.
+
+When a domain was provisioned with an unpatched Samba version,
+the ntSecurityDescriptor is simply inherited from Domain/Partition-HEAD-Object
+instead of being very strict (as on a Windows provisioned domain).
+
+This means also non privileged users can use the
+LDAP_SERVER_SHOW_DELETED_OID control in order to view,
+the names and preserved attributes of deleted objects.
+
+No information that was hidden before the deletion is visible, but in
+with the correct ntSecurityDescriptor value in place the whole object
+is also not visible without administrative rights.
+
+There is no further vulnerability associated with this error, merely an
+information disclosure.
+
+Action required in order to resolve CVE-2018-14628!
+---------------------------------------------------
+
+The patched Samba does NOT protect existing domains!
+
+The administrator needs to run the following command
+(on only one domain controller)
+in order to apply the protection to an existing domain:
+
+ samba-tool dbcheck --cross-ncs --attrs=nTSecurityDescriptor --fix
+
+The above requires manual interaction in order to review the
+changes before they are applied. Typicall question look like this:
+
+ Reset nTSecurityDescriptor on CN=Deleted Objects,DC=samba,DC=org back to provision default?
+ Owner mismatch: SY (in ref) DA(in current)
+ Group mismatch: SY (in ref) DA(in current)
+ Part dacl is different between reference and current here is the detail:
+ (A;;LCRPLORC;;;AU) ACE is not present in the reference
+ (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY) ACE is not present in the reference
+ (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;DA) ACE is not present in the reference
+ (A;;CCDCLCSWRPWPSDRCWDWO;;;SY) ACE is not present in the current
+ (A;;LCRP;;;BA) ACE is not present in the current
+ [y/N/all/none] y
+ Fixed attribute 'nTSecurityDescriptor' of 'CN=Deleted Objects,DC=samba,DC=org'
+
+The change should be confirmed with 'y' for all objects starting with
+'CN=Deleted Objects'.
+
+
+Changes since 4.19.2
+--------------------
+
+o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+ * BUG 15520: sid_strings test broken by unix epoch > 1700000000.
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 15487: smbd crashes if asked to return full information on close of a
+ stream handle with delete on close disposition set.
+ * BUG 15521: smbd: fix close order of base_fsp and stream_fsp in
+ smb_fname_fsp_destructor().
+
+o Pavel Filipenský <pfilipensky@samba.org>
+ * BUG 15499: Improve logging for failover scenarios.
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 15093: Files without "read attributes" NFS4 ACL permission are not
+ listed in directories.
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 13595: CVE-2018-14628 [SECURITY] Deleted Object tombstones visible in
+ AD LDAP to normal users.
+ * BUG 15492: Kerberos TGS-REQ with User2User does not work for normal
+ accounts.
+
+o Christof Schmitt <cs@samba.org>
+ * BUG 15507: vfs_gpfs stat calls fail due to file system permissions.
+
+o Andreas Schneider <asn@samba.org>
+ * BUG 15513: Samba doesn't build with Python 3.12.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.2
+ October 16, 2023
+ ==============================
+
+
+This is the latest stable release of the Samba 4.19 release series.
+
+
+Changes since 4.19.1
+--------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown
+ after failed IPC FSCTL_PIPE_TRANSCEIVE.
+ * BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown()
+ call.
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 15463: macOS mdfind returns only 50 results.
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
+ previous cache entry value.
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
+ impacts sendmail, zabbix, potentially more.
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15479: ctdbd: setproctitle not initialized messages flooding logs.
+
+o Joseph Sutton <josephsutton@catalyst.net.nz>
+ * BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the
+ Heimdal KDC in Samba 4.19
+ * BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
+ in use.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.1
+ October 10, 2023
+ ==============================
+
+
+This is a security release in order to address the following defects:
+
+
+o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
+ existing unix domain sockets on the file system.
+ https://www.samba.org/samba/security/CVE-2023-3961.html
+
+o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
+ OVERWRITE disposition when using the acl_xattr Samba VFS
+ module with the smb.conf setting
+ "acl_xattr:ignore system acls = yes"
+ https://www.samba.org/samba/security/CVE-2023-4091.html
+
+o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
+ attributes, including secrets and passwords. Additionally,
+ the access check fails open on error conditions.
+ https://www.samba.org/samba/security/CVE-2023-4154.html
+
+o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
+ server block for a user-defined amount of time, denying
+ service.
+ https://www.samba.org/samba/security/CVE-2023-42669.html
+
+o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
+ listeners, disrupting service on the AD DC.
+ https://www.samba.org/samba/security/CVE-2023-42670.html
+
+
+Changes since 4.19.0
+--------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 15422: CVE-2023-3961.
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 15424: CVE-2023-4154.
+ * BUG 15473: CVE-2023-42670.
+ * BUG 15474: CVE-2023-42669.
+
+o Ralph Boehme <slow@samba.org>
+ * BUG 15439: CVE-2023-4091.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+----------------------------------------------------------------------
+ ==============================
+ Release Notes for Samba 4.19.0
+ September 04, 2023
+ ==============================
+
+This is the first stable release of the Samba 4.19 release series.
+Please read the release notes carefully before upgrading.
NEW FEATURES/CHANGES
====================
group in the PAC, not a full-length SID worth of space each. This is
known as "Resource SID compression".
+Resource Based Constrained Delegation (RBCD) support in both MIT and Heimdal
+-----------------------------------------------------------------------------
+
+Samba AD DC built with MIT Kerberos (1.20 and later) has offered RBCD
+support since Samba 4.17. Samba 4.19 brings this feature to the
+default Heimdal KDC.
+
+Samba 4.17 added to samba-tool delegation the 'add-principal' and
+'del-principal' subcommands in order to manage RBCD, and the database
+changes made by these tools are now honoured by the Heimdal KDC once
+Samba is upgraded.
+
+Likewise, now both MIT (1.20 and later) and Heimdal KDCs add the
+Asserted Identity [1] SID into the PAC for constrained delegation.
+
+[1] https://docs.microsoft.com/en-us/windows-server/security/kerberos/kerberos-constrained-delegation-overview
+
New samba-tool support for silos, claims, sites and subnets.
------------------------------------------------------------
Samba's independently written python testsuite has been extended to
validate KDC behaviour for PKINIT.
+Require encrypted connection to modify unicodePwd on the AD DC
+--------------------------------------------------------------
+
+Setting the password on an AD account on should never be attempted
+over a plaintext or signed-only LDAP connection. If the unicodePwd
+(or userPassword) attribute is modified without encryption (as seen by
+Samba), the request will be rejected. This is to encourage the
+administrator to use an encrypted connection in the future.
+
+NOTE WELL: If Samba is accessed via a TLS frontend or load balancer,
+the LDAP request will be regarded as plaintext.
+
+Samba AD TLS Certificates can be reloaded
+-----------------------------------------
+
+The TLS certificates used for Samba's AD DC LDAP server were
+previously only read on startup, and this meant that when then expired
+it was required to restart Samba, disrupting service to other users.
+
+ smbcontrol ldap_server reload-certs
+
+This will now allow these certificates to be reloaded 'on the fly'
================
REMOVED FEATURES
directory name cache size Removed
+CHANGES SINCE 4.19.0rc4
+=======================
+
+o MikeLiu <mikeliu@qnap.com>
+ * BUG 15453: File doesn't show when user doesn't have permission if
+ aio_pthread is loaded.
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15451: ctdb_killtcp fails to work with --enable-pcap and libpcap ≥
+ 1.9.1.
+
+
+CHANGES SINCE 4.19.0rc3
+=======================
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15460: Logging to stdout/stderr with DEBUG_SYSLOG_FORMAT_ALWAYS can log
+ to syslog.
+
+o Joseph Sutton <josephsutton@catalyst.net.nz>
+ * BUG 15458: ‘samba-tool domain level raise’ fails unless given a URL.
+
+
+CHANGES SINCE 4.19.0rc2
+=======================
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 15420: reply_sesssetup_and_X() can dereference uninitialized tmp
+ pointer.
+ * BUG 15430: missing return in reply_exit_done().
+ * BUG 15432: TREE_CONNECT without SETUP causes smbd to use uninitialized
+ pointer.
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 15401: Avoid infinite loop in initial user sync with Azure AD Connect
+ when synchronising a large Samba AD domain.
+ * BUG 15407: Samba replication logs show (null) DN.
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 15346: 2-3min delays at reconnect with smb2_validate_sequence_number:
+ bad message_id 2.
+ * BUG 15446: DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed.
+
+o Martin Schwenke <mschwenke@ddn.com>
+ * BUG 15438: CID 1539212 causes real issue when output contains only
+ newlines.
+
+o Joseph Sutton <josephsutton@catalyst.net.nz>
+ * BUG 15452: KDC encodes INT64 claims incorrectly.
+
+o Jones Syue <jonessyue@qnap.com>
+ * BUG 15449: mdssvc: Do an early talloc_free() in _mdssvc_open().
+
+
+CHANGES SINCE 4.19.0rc1
+=======================
+
+o Andrew Bartlett <abartlet@samba.org>
+ * BUG 9959: Windows client join fails if a second container CN=System exists
+ somewhere.
+
+o Noel Power <noel.power@suse.com>
+ * BUG 15435: regression DFS not working with widelinks = true.
+
+o Arvid Requate <requate@univention.de>
+ * BUG 9959: Windows client join fails if a second container CN=System exists
+ somewhere.
+
+o Joseph Sutton <josephsutton@catalyst.net.nz>
+ * BUG 15443: Heimdal fails to build on 32-bit FreeBSD.
+
+o Jones Syue <jonessyue@qnap.com>
+ * BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
+
+
KNOWN ISSUES
============
git.samba.org / metze / samba-autobuild-v4-19-test / .git / blobdiff