Samba 4.7.5

Samba is a software suite that provides seamless file and print services to SMB/CIFS clients. It is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.

Tags communications file-sharing cifs windows
License GNU GPLv3
State stable

Recent Releases

4.7.508 Feb 2018 05:45 minor feature: This is a major in Samba apos;s ActiveDirectory domain Controller code. It might happen that AD objects have missing or broken Linked attributes. This could lead to broken group memberships e.g. All Samba AD domain controllers set up with Samba 4.6 or lower and then. Upgraded to 4.7 are affected. The corrupt database can be with apos;samba-tool dbcheck --cross-ncs -- apos. smbd tries to release not leased oplock during oplock II. Downgrade. copying file with empty FinderInfo from Windows client to Samba share with fruit. build: Deal with recent glibc sunrpc header removal. Make Samba work with tirpc and libnsl2. vfs_ceph: Add fs_capabilities hook to avoid local statvfs. Kerberos: PKINIT: Can apos;t decode algorithm parameters in. ClientPublicValue. ctdb-recovery-helper: Deregister message handler in error Paths. samba: Only use async signal-safe functions in signal handler. Kerberos: PKINIT: Can apos;t decode algorithm parameters in ClientPublicValue. repl_meta_data: linked attribute corruption on databases With unsorted links on expunge. dbcheck: Add functionality to the Corrupt database. smbd panic when chdir returns error during exit. Make Samba work with tirpc and libnsl2. POSIX ACL support on HPUX and possibly other big-endian OSs.
4.7.423 Dec 2017 05:05 minor feature: s3: smbclient: Implement apos;volume apos; command over SMB2. s3: libsmb: valgrind read-after-free error in Cli_smb2__fnum_recv(). s3: libsmb: reversing of oldname/newname paths when creating a reparse point symlink on Windows from smbclient. Build man page for vfs_zfsacl.8 with Samba. repl_meta_data: Allow delete of an object with dangling. Backlinks. s4:samba: default to be running samba as a deamon. Performance regression in DNS server with introduction of DNS wildcard, ldb: Release 1.2.3, vfs_zfsacl: compilation error. quot;smb encrypt quot; setting changes are not fully applied until full. Smbd restart. winbindd: idmap_rid dependency on trusted domain list. vfs_fruit: Proper VFS-stackable conversion of FinderInfo. winbindd: Dependency on trusted-domain list in winbindd in Critical auth codepath. repl_meta_data: removing of backlink on deleted objects. ctdb: sock_daemon leaks memory. TCP tickles not getting synchronised on CTDB restart. winbindd: winbind parent and child share a ctdb connection. pthreadpool: deadlock. pthreadpool: starvation after fork. messaging: Always register the unique id. broken linked attribute handling. The KDC on an RWDC doesn apos;t send error replies in some Situations. libnet_join: apos;net rpc oldjoin apos. g_lock conflict detection broken when processing stale entries. s3:smb2_server: allow logoff,, unlock, cancel and echo on expired sessions. s3:libads: net ads keytab list fails with quot;Key table name. Malformed quot. crash in pthreadpool thread after failure from pthread_create. s4:samba: Allow samba daemon to run in foreground. third_party: Link the aesni-intel library with quot;-z noexecstack quot. vfs_glusterfs: include glusterfs/api/glfs.h without relying on quot;-I quot; options.
4.7.322 Nov 2017 20:25 minor feature: CVE-2017-14746: s3: smbd: SMB1 use-after-free crash. CVE-2017-15275: s3: smbd: Chain code can return uninitialized Memory when talloc buffer is grown.
4.7.216 Nov 2017 19:45 minor feature: Non-smbd processes using kernel oplocks can hang smbd. python: use communicate to Popen deadlock. smbd on disk file corruption under heavy threaded load. tevent: version 0.9.34. s3: smbd: delete-on-after smb2_find.
4.7.103 Nov 2017 22:45 minor feature: Vfs_glusterfs: exporting subdirs with shadow_copy2. s3: smbd: Currently if getwd() fails after a chdir(), we panic. s3: VFS: Ensure default SMB_VFS_GETWD() call can apos;t return a Partially completed struct smb_filename. sys_getwd() can leak memory or possibly return the wrong errno on older systems. apos;smbclient apos; doesn apos;t correctly canonicalize all local names. Before use. broken linked attribute handling. Missing LDAP query escapes in DNS rpc server. replace: Link to -lbsd when building replace.c by hand. Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem. Map SYNCHRONIZE acl permission statically in zfs_acl vfs module. Samba fails to honor SEC_STD_WRITE_OWNER bit with the Acl_xattr module. s3/mdssvc: Missing assignment in sl_pack_float. Wrong Samba access checks when changing DOS attributes. samba_runcmd_send() leaves zombie processes on timeout net: groupmap cleanup should not delete BUILTIN mappings. Enabling vfs_fruit results in loss of Finder tags and other. Xattrs. man pages: Properly ident lists. smb.conf.5: Sort parameters alphabetically. s3: spoolss: GUID string format on GetPrinter info. Remote serverid check doesn apos;t check for the unique id. CTDB starts consuming memory if there are dead nodes in the Cluster. ctdb-common: Ignore event scripts with multiple apos;. apos;s. libgpo doesn apos;t sort the GPOs in the correct order. Remote serverid check doesn apos;t check for the unique id. vfs_catia: a potential memleak. file change notification for renames. Samba DNS server does not honour wildcards. Can apos;t change password in samba from a Windows client if Samba Runs on IPv6 only interface. vfs_fruit: Replace ir() by SMB_VFS_IR. Apple client can apos;t cope with SMB2 async replies when creating Symlinks. s4:rpc_server:backupkey: Move variable into scope. s4:scripting: ntstatus_gen.h generation on 32bit. s3:vfs_glusterfs: a double free in vfs_gluster_getwd(). resouce leaks and pointer. vfs_solarisacl: build for samba 4.7 an
4.7.025 Sep 2017 17:45 minor feature: s3: vfs: catia: compression get/set must act only on base file, and Must cope with fsp==NULL. lib: crypto: Make smbd use the Intel AES instruction set for signing And encryption. s4-drsuapi: Avoid segfault when replicating as a non-admin with GUID_DRS_GET_CHANGES. Allow re-index of newer databases with binary GUID TDB keys. this officially removes support for re-index of the original pack format 0. Rather than simply segfaulting). Add ldb_ldif_message_redacted_string() to allow deof redacted Log messages, avoiding showing secret values. ldb: version 1.2.2. schema: Rework dsdb_schema_set_indices_and_attributes() db Operations. Install dcerpc/ for all Python environments. s3/smbd: Sticky write time offset miscalculation causes broken Timestamps lib/util: Only the event_fd in tfork if the caller didn apos;t. Call tfork_event_fd(). messaging: Avoid a socket leak after fork. charset: str n casecmp_m() by comparing lower case values. util_runcmd: Free the fde in event handler. ctdb-daemon: implementation of process_exists control. GET_DB_SEQNUM control can cause ctdb to deadlock when databases Are frozen. ctdb-daemon: Free up record data if a call request is deferred. ctdb-client: Initialize ctdb_ltdb_header completely for empty Record. vfs_streams_xattr: segfault when running with log level 10. smb.conf: Explain that quot;ntlm auth quot; is a per-passdb setting. s4/lib/tls: Use SHA256 to sign the TLS certificates. Get rid of talloc_autofree_context(). After restarting CTDB, it attaches replicated databases with Wrong flags. s3:smbclient: Don apos;t try any workgroup listing with quot;client min protocol = SMB2 quot. s3:libsmb: Don apos;t call cli_NetServerEnum() on SMB2/3 connections in SMBC_opendir_ctx(). s3:libsmb: Let do_connect() dethe negotiation result. Similar to quot;session request ok quot. s4:http/gensec: add missing tevent_req_done() to Gensec_http_ntlm_update_done(). apos;smbclient tarmode apos; with SMB2/3. apos;smbd apos;: Don apos;t use a lo
4.6.821 Sep 2017 11:45 minor feature: s3: smbd: a read after free if a chained SMB1 call goes Async. CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from Writing server memory to file. s3/smbd: Let non_widelink_open() chdir() to directories Directly. CVE-2017-12151: Keep required encryption across SMB3 dfs Redirects. CVE-2017-12150: Some code path don apos;t enforce smb signing When they should.
4.6.711 Aug 2017 01:05 minor feature: s3: smbd: a read after free if a chained SMB1 call goes async. s4-cldap/netlogon: Match Windows 2012R2 and return NETLOGON_NT_VERSION_5 when version unspecified. s3/smbd: Let non_widelink_open() chdir() to directories directly. s3/notifyd: Ensure notifyd doesn apos;t return from. Smbd_notifyd_init. vfs_fruit: Add fruit:model = lt;modelname gt; parametric option. vfs_ceph: cephwrap_chdir(). idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN. s3: libsmb: use-after-free when accessing pointer, smbd: a connection run-down race condition. winbindd changes the local password and gets NT_STATUS_WRONG_PASSWORD for the remote change. s3:smbd: consistently use talloc_tos() memory for. Rpc_pipe_open_interface(). smbcacls: Don apos;t fail against a directory on Windows using SMB2. s4-dsdb/netlogon: Allow missing ntver in cldap ping. dnsserver: Stop dns_name_equal doing OOB read. s3:client: The smbspool krb5 wrapper needs negotiate for Authentication. ctdb-common: Set -on-exec when creating PID file.
4.6.507 Jun 2017 15:45 minor feature: s3: VFS: Catia: Ensure path name is also converted. s3:smbcacls add prompt for password. vfs_acl_xattr tdb: Ensure create mask is at least 0666 if Ignore_system_acls is set. Wrong sid- gt;uid mapping for SIDs residing in sIDHistory. vfs_fruit: lp_case_sensitive() does not return a bool. s3/smbd: Update exclusive oplock optimisation to the lease area. s3/smbd: exclusive lease optimisation. Allow passing trusted domain password as plain-text to PASSDB Layer. systemd: detection of libsystemd. ctdb-readonly: Avoid a tight loop waiting for revoke to Complete. ctdb-logging: Initialize DELEVEL before changing the value. notify: ordering of events in notifyd. idmap_rfc2307: Lookup of more than two SIDs fails. samba-tool: Let apos;samba-tool user syncpasswords apos; report deletions Immediately. s3: smbd: inotify_map_mask_to_filter incorrectly indexes an Array. vfs_expand_msdfs tries to open the remote address as a file Path. apos;ctdb nodestatus apos; incorrectly displays status for all nodes with Wrong exit code. ctdb-common: crash in logging initialisation.
4.6.326 Apr 2017 07:05 minor feature: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots From shares with GlusterFS backend. for Solaris C compiler. s3: locking: Update oplock optimization for the leases era. Make the Solaris C compiler happy. s3: libgpo: Allow skipping GPO objects that don apos;t have the Expected LDAP attributes. buffer overflow caused by wrong use of getgroups. lib: de: Avoid negative array access. cleanupdb: a memory read error. streams_xattr and kernel oplocks results in NT_STATUS_NETWORK_BUSY. winbindd: idmap_autorid allocates ids for unknown SIDs from other. Backends. vfs_fruit: Resource fork open request with Flags=O_CREAT O_RDONLY. manpages/vfs_fruit: Document global options. lib/pthreadpool: a memory leak. Lookup-domain for well-known SIDs on a DC. winbindd: error handling in rpc_lookup_sids(). winbindd: Trigger possible passdb_dsdb initialisation. credentials_krb5: use gss_acquire_cred for client-side GSSAPI Use case. lib/crypto: Implement samba.crypto Python module for RC4. ctdb-readonly: Avoid a tight loop waiting for revoke to Complete. ctdb_event monitor command crashes if event is not specified. ctdb-docs: documentation of quot;-n quot; option to apos;ctdb tool apos. smbd: smb1 findfirst with DFS. smbd: Do an early exit on negprot failure. winbindd: substitution for apos;template homedir apos. s4:kdc: Disable principal based autodetected referral detection. idmap_autorid: Allocate new domain range if the callers knows The sid is valid. LINKFLAGS_PYEMBED should not contain -L/some/path. PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for Trusted domain. rpcclient: Allow -U apos;OTHERDOMAIN user apos; again. winbindd: password policy for pam authentication. s3:gse: Correctly handle external trusts with MIT. auth/credentials: Always set the realm if we set the principal From the ccache. replace: Include sysmacros.h. s3:vfs_expand_msdfs: Do not open the remote address as a file. s3:libsmb: Only print error message if kerberos use is forced. winbind
4.6.124 Mar 2017 07:05 minor feature: CVE-2017-2619: Symlink race permits opening files outside share Directory. CVE-2017-2619: Symlink race permits opening files outside share Directory.
4.6.008 Mar 2017 23:25 minor feature: Several found by covscan. s3: smbd: Restart reading the incoming SMB2 fd when the send Queue is drained. vfs_fruit doesn apos;t work with fruit:metadata=stream. vfs_fruit: Only veto AppleDouble files if quot;fruit:resource quot; is Set to quot;file quot. vfs_fruit: Enabling AAPL extensions must be a global switch. Re-enable token groups fallback. Samba4 ldap error codes. gensec:spnego: Add demessage for the failed principal. s3:winbindd: endless forest trust scan. winbindd: Find the domain based on the sid within Wb_lookupusergroups_send(). s3:librpc: Handle gss_min in gse_get_client_auth_token() Correctly. idmap_hash: Add a deprecation message, improve the idmap_hash Manpage. several found by covscan. ctdb-logging: CID 1396883 Dereference null return value NULL_RETURNS). s3: rpc_server/mdssvc: Add attribute quot;kMDItemContentType quot. s3: smbd: Don apos;t loop infinitely on bad-symlink resolution. vfs_fruit: Correct Netatalk metadata xattr on FreeBSD. s3/smbd: Check for invalid access_mask. Smbd_calculate_access_mask(). vfs_streams_xattr: use fsp, not base_fsp. ctdb-common: use-after-free error in comm_fd_handler(). build: generation of CTDB manpages while creating tarball. Modify smbspool_krb5_wrapper to just fall through to smbspool if AUTH_INFO_REQUIRED is not set or is not quot;negotiate quot. s3:winbindd: Try a NETLOGON connection with noauth over NCACN_NP. Against trusted domains. apos;net ads testjoin apos; and smb access fails after winbindd changed the Trust password. librpc/rpc: regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping. netlogon_creds_cli_LogonSamLogon doesn apos;t work without. Netr_LogonSamLogonEx. winbindd child segfaults on connect to an NT4 domain. s3:winbindd: Make sure cm_prepare_connection() only returns OK With a valid tree connect. winbindd (as member) requires kerberos against trusted ad domain, While it shouldn apos;t. Backport pytalloc_GenericObject_reference() related changes to 4.6. dbchecker: Stop ignoring l
4.5.501 Feb 2017 06:05 minor feature: Ctdb-locking: Explicitly unlock record/db in lock helper. vfs_default: Unlock the right file in copy chunk. ctdb-scripts: remaining uses of quot;ctdb gratiousarp quot. /etc/iproute2/rt_tables gets populated with multiple apos;default apos; entries.
4.5.420 Jan 2017 06:05 minor feature: Rename_internals_fsp missing ACL permission-check on destination Folder. lib: security: se_access_check() incorrectly processes owner Rights (S-1-3-4) DENY ace entries. s3: ntlm_auth: Don apos;t corrupt the output stream with de messages. s3: libsmb: Add cli_smb2_ftruncate(), plumb into Cli_ftruncate(). s3/smbd: Remove a misleading error message. vfs_fruit: quot;fruit:resource quot; option spelling, but not Behaviour. ctdbd_conn: a resource leak. smbd/ioctl: match WS2016 ReFS set compression behaviour. pam: Map more NT password errors to PAM errors. winbindd: Use idmap cache in xids2sids. messaging: dead but not cleaned-up-yet destination sockets. kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: An Internal error occurred (with MIT krb5). printing: building with CUPS version older than 1.7. s3:libads: Include system /etc/krb5.conf if we use MIT Kerberos. ctdb ip.
4.5.320 Dec 2016 13:25 minor feature: CVE-2016-2123: DNS vuln ZDI-CAN-3995. CVE-2016-2125: Don apos;t send delegated credentials to all servers. CVE-2016-2126: auth/kerberos: Only allow known checksum types in Check_pac_checksum().
4.5.208 Dec 2016 17:05 minor feature: Vfs:glusterfs: Preallocate result for glfs_realpath. s3: vfs: Remove files/directories after the streams are deleted. s3: vfs_streams_depot: Use conn- gt;connectpath not conn- gt;cwd. s3/smbd: the last resort check that sets the file type Attribute. dsdb: Create RID Set as SYSTEM. dbcheck: Correct message for orphaned backlinks. build: build with perl on debian sid. errors in extended operations (like allocating a RID Set). spoolss: Use correct values for secdesc and devmode pointers. objectclass_attrs: Only abort on a missing attribute when an Attribute is both MUST and replicated. provision,dlz-bind: Add support for BIND 9.11.x. ctdb-locking: Reset real-time priority in lock helper. ctdb-scripts: calculation of CTDB_BASE. ctdb-recovery: Avoid NULL dereference in failure case. s3:smbd: Only pass UCF_PREP_CREATEFILE to filename_convert() if we may create a new file. ctdb-scripts: Debian init in samba eventscript. samba_tool/fsmo: Allocate RID Set when seizing RID manager. s4-auth: Don apos;t check for NULL saltPrincipal if it doesn apos;t need it. upgradeprovision: Remove objectCategory from constructed attrs. collect_tombstones: Allow links to recycled objects to be. Deleted. s3-printing: Correctly encode CUPS printer URIs. s3-printing: Allow printer names longer than 16 chars. nss_wins: errno values for HOST_NOT_FOUND. s3-winbind: Do not return NO_MEMORY if we have an empty user List. s3:spoolss: Add support for COPY_FROM_DIRECTORY in AddPrinterDriverEx. ctdb-packaging: Move CTDB tests to /usr/local/share/ctdb/tests/. smbd: In ntlm auth, do not map empty domain in case of. user@realm. ctdb-conn: Add missing variable initialization.
4.5.104 Nov 2016 19:05 minor feature: Smbd contacts a domain controller for each session. messaging subsystem crash. REGRESSION: smbd segfaults on startup, tevent context being Freed. s3: cldap: cldap_multi_netlogon_send() fails with one bad IPv6 Address. s3: libsmb: cut and paste error using the wrong structure Type. Setting specific logger levels in smb.conf makes apos;samba-tool drs Showrepl apos; crash. Tombstone expunge does not remove old links. s3-printing: migrate printer code. s3/smbd: In call_trans2qfilepathinfo call lstat when dealing With posix pathnames. s3/smbd: Set FILE_ATTRIBUTE_DIRECTORY as necessary. quot;DriverVersion quot; registry backend parsing incorrect in spoolss. smbd/ioctl: Match WS2016 ReFS get compression behaviour. ctdb-protocol: marshalling for GET_DB_SEQNUM control Request. ctdb-recovery-helper: Add missing initialisation of ban_credits. CTDB PID file handling is too weak. gencache: Bail out of stabilize if we can not get the allrecord Lock. smbd: Reset O_NONBLOCK on open files. glusterfs: Avoid tevent_internal.h. source3/lib/msghdr.c, line 208: syntax error before or at: spoolss: caching of printername- gt;sharename. REGRESSION: smbd segfaults on startup, tevent context being Freed. Let winbindd discard expired kerberos when built against internal) heimdal. s3/winbindd: using default domain with Format. winbind: passing idmap failure from wb_sids2xids back to Callers. nss_wins has incorrect function definitions for gethostbyname, s3-lib: G substitution in AD member environment. s3-utils: loading smb.conf in smbcquotas. kcc: Don apos;t check schedule if None. Tombstone expunge does not remove old links. vfs_glusterfs: a memory leak in connect path. CTDB IP takeover does not complete if there are no public Addresses configured. ctdb-packaging: systemd network dependency. CTDB PID file handling is too weak. smbcquotas: error message listing quotas. s3-sysquotas: Correctly restore path when finding mount point. cliquota: param count when setting fs quota.
4.5.009 Sep 2016 02:52 major feature: This is the first stable release of the Samba 4.5 release series. NEW FEATURES/CHANGES: Support for LDAP_SERVER_NOTIFICATION_OID; KCC improvements for sparse network replication; VLV - Virtual List View; DRS Replication for the AD DC; samba-tool drs replicate with new options; replPropertyMetaData Changes; linked attributes on deleted objects; improved AD DC performance; other dbcheck improvements; Tombstone Reanimation; multiple DNS Forwarders on the AD DC; password quality plugin support in the AD DC; pwdLastSet is now correctly honoured; net ads dns unregister; samba-tool improvements; SMB 2.1 Leases enabled by default; Open File Description (OFD) Locks; Password sync as Active Directory domain controller; Python crypto requirements; SmartCard/PKINIT improvements; CTDB changes; new shadow_copy2 options (shadow:snapprefix and shadow:delimiter). REMOVED FEATURES: "only user" and "username" parameters. UPGRADING: NTLMv1 authentication disabled by default. KNOWN ISSUES: Bug 12204 - Samba fails to replicate schema 69.
4.4.508 Jul 2016 19:45 minor feature: CVE-2016-2119: client side SMB2 signing downgrade. Total dcerpc response payload more than 0x400000.
4.4.411 Jun 2016 10:25 minor feature: SMB3 multichannel: Add implementation of missing channel sequence Number verification. smbd:: Only remove kernel share modes if they had been Taken at open. notifyd: Prevent NULL deref segfault in notifyd_peer_destructor. s3: auth: Move the declaration of struct dom_sid tmp_sid to Function level scope. s3:rpcclient: Make apos;--pw-nt-hash apos; option work. s3:libsmb/clifile: Use correct value for MaxParameterCount for Setting EAs. case sensitivity over SMB2 or above. s3:libnet:libnet_join: Add netbios aliases as SPNs. vfs_fruit: Add an option that allows disabling POSIX rename Behaviour. s3-smbd: Support systemd 230. source3: Honor the core soft limit of the OS. SMB3 multichannel: Add implementation of missing channel sequence Number verification. s3:client:smbspool_krb5_wrapper: the non clearenv build. s3-kerberos: Avoid entering a password change dialogue also when Using MIT. ldb-samba/ldb_matching_rules: CID 1349424 - Uninitialized Pointer read. dbwrap_ctdb: ENOENT- gt;NT_STATUS_NOT_FOUND. Correctly set cli- gt;raw_status for libsmbclient in SMB2 code. s3:smbd: anonymous authentication if signing is mandatory. libcli/auth: Let msrpc_parse() return talloc apos;ed empty strings. NTLM Authentication with squid. s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT. pdb: segfault in pdb_ldap for missing gecos. Allow apos;samba-tool fsmo apos; to cope with empty or missing fsmo Roles. packaging: Set default limit for core file size in service Files. s3-net: Convert the key_name to UTF8 during migration. s3-smbspool: Log to stderr. heimdal: Encode/decode kvno as signed integer. s3-quotas: sysquotas_4B quota fetching for BSD. smbd: dfree: Ignore quota if not enforced. init: Set core file size to unlimited by default. memory leak in share mode locking.
4.4.306 May 2016 04:25 minor feature: Idmap_hash: Only allow the hash module for default idmap config. s3: libsmb: error where short name length was read as 2 Bytes, should be 1. returning of ldb.MessageElement. cleanupd: Restart as needed. s3:winbindd:idmap: check loadparm in domain_has_idmap_config() Helper as well. libsmb/pysmb: Add pytalloc-util dependency to the build. winbind: CID 1357100: Unchecked return value. nwrap: the build on Solaris. vfs_catia: memleak. smbd: Avoid large reads beyond EOF. s3:wscript: pylibsmb depends on pycredentials. NT_STATUS_ACCESS_DENIED when accessing Windows public share. Only validate MIC if quot;map to guest quot; is not being used. auth/ntlmssp: Add ntlmssp_ client,server :force_old_spnego Option for testing. NetAPP SMB servers don apos;t negotiate NTLMSSP_SIGN. Allow anonymous smb connections. ads_sasl_spnego_gensec_bind(KRB5). apos;wbinfo -u apos; and apos;net ads search apos. nss_wins: the hostent setup. build: Mark explicit dependencies on pytalloc-util. the smb2_setinfo to handle FS info types and FSQUOTA Infolevel. configure: Don apos;t check for inotify on illumos. vfs_acl_common: Avoid setting POSIX ACLs if quot;ignore system acls quot; is set. smbcquotas: print quot;NO LIMIT quot; only if returned quota value is 0. libads: Record session expiry for spnego sasl binds. Mask general purpose signals for notifyd.
4.4.024 Mar 2016 09:45 minor feature: Smbd: Enable multi-channel if apos;server multi channel support = Yes apos; in the config. lib/socket/interfaces: some uninitialied bytes. build: build when apos;--without-quota apos; specified. mkdir can return ACCESS_DENIED incorrectly on create race. Mismatch between local and remote attribute ids lets Replication fail with custom schema. Talloc: Version 2.1.6. vfs_glusterfs: use after free in AIO callback. net join. Reset TCP Connections during IP failover. s3:smbd: Add negprot remote arch detection for OSX. ldb: Version 1.1.26. quot;trustdom_list_done: Got invalid trustdom response quot; message Should be avoided. libnet: Make Kerberos domain join site-aware. Quota is not supported on Solaris 10. CVE-2015-7560: Getting and setting Windows ACLs on symlinks can Change permissions on link target. s3:utils/smbget: option parsing. Access based share enum: handle permission set in configuration Files. s3:clispnego: confusing warning in spnego_gen_krb5_wrap(). tevent: version 0.9.28: memory leak when old signal action Restored. s3:libads: setup the msDS-SupportedEncryptionTypes attribute on Ldap_add. winbindd: Return trust parameters when listing trusts. smbd: Ignore SVHDX create context. passdb: Add linefeed to demessage. lib:socket: CID 1350010: Integer OVERFLOW_BEFORE_WIDEN. lib:socket: CID 1350009: illegal memory accesses BUFFER_SIZE_WARNING). s3: smbd: posix_acls: check for setting u:g:o entry on a. Filesystem with no ACL support. s3:utils/smbget: Set default blocksize. lib/socket: improper use of default interface speed. lib/tsocket: Work around sockets not supporting FIONREAD. smbd: CID 1351215 Improper use of negative value. smbd: CID 1351216 Dereference null return value. param: str_list_v3 to accept ; again. libcli: demessage, print sid string for new_ace trustee. s3:smbd:open: Skip redundant call to file_set_dosmode when Creating a new file. docs: Add manpage for cifsdd. installation path of Samba helper binaries. docs: Add example for domain logins to s
4.3.524 Feb 2016 03:16 minor feature: s3: smbd: posix_acls: check for setting u:g:o entry on a Filesystem with no ACL support. s3: smbd: timestamp rounding inside SMB2 create. s3:utils/smbget: recursive download. s3:smbd/oplock: Obey kernel oplock setting when releasing Oplocks. s3-parm: Clean up defaults when removing global parameters. s3:smbd: Ignore initial allocation size for directory creation. lib/tsocket: Work around sockets not supporting FIONREAD. ctdb: Remove error messages after kernel security update CVE-2015-8543). param: str_list_v3 to accept quot;; quot; again. Use M2Crypto.RC4.RC4 on platforms without Crypto.Cipher.ARC4. s3:smbd:open: Skip redundant call to file_set_dosmode when. Creating a new file. winbindd: Handle expired sessions correctly. s3-client: Add a KRB5 wrapper for smbspool. vfs_shadow_copy2: case where snapshots are outside the Share. smbclient: Query disk usage relative to current directory. smbd: Show correct disk size for different quota and dfree block Sizes. smbcacls: uninitialized variable. ctdb-scripts: Drop use of quot;smbcontrol winbindd ip-dropped... quot. loadparm: memory leak.
4.3.413 Jan 2016 03:15 minor feature: Doc: a typo in the smb.conf manpage, explanation of idmap Config. s3:smbd: a corner case of the symlink verification. s3: libsmb: Correctly initialize the list head when keeping a List of primary followed by DFS connections. Reduce the memory footprint of empty string options. Update lastLogon and lastLogonTimestamp. vfs_fruit: Enable POSIX directory rename semantics. Copying files with vfs_fruit fails when using vfs_streams_xattr Without stream preand type suf. smbd: Make quot;hide dot files quot; option work with quot;store dos Attributes = yes quot. lib/async_req: Do not install async_connect_send_test. Crash: Bad talloc magic value - access after free. samba-tool: uncaught exception if no fSMORoleOwner Attribute is given. docs: some typos in the idmap backend section. docs: typos in man vfs_gpfs. smbd: Do not disable quot;store dos attributes quot; on-the-fly.
4.3.317 Dec 2015 03:15 minor feature: CVE-2015-8467: samdb: Match MS15-096 behaviour for UserAccountControl. CVE-2015-3223: LDAP 00 search expression attack DoS. CVE-2015-5252: insufficient symlink verification (file Access outside the share). CVE-2015-5299: s3-shadow-copy2: missing access check on Snapdir. CVE-2015-5330: remote read memory exploit in LDB. CVE-2015-5296: Add man in the middle protection when forcing Smb encryption on the client side.
4.3.127 Oct 2015 22:45 minor feature: s3: smbd: our access-based enumeration on quot;hide unreadable quot; to match Windows. smbd: file name buflen and padding in notify repsonse. s3: smbd: mkdir race condition. s3: smbd: opening/creating :stream files on the root share. Directory. s3: smbd: NULL pointer introduced by previous apos;raw apos; s3: lsa: lookup_name() logic for unqualified (no DOMAIN Component) names is incorrect. s3: smbd: a crash in unix_convert(). vfs_fruit: Return value of ad_pack in vfs_fruit.c. s3:locking: Initialize lease pointer in Share_mode_traverse_fn(). s3:smbstatus: Add stream name to share_entry_forall(). s3:lib: Validate domain name in lookup_wellknown_name(). kerberos: Make sure we only use prompter type when available. winbind: loop. source3/lib/msghdr.c: compiling error on Solaris. s3:ctdbd_conn: make sure we destroy tevent_fd before closing The socket. s4:lib/messaging: Use apos;msg.lock apos; and apos;msg.sock apos; for messaging Related subdirs. lib/param: hiding of FLAG_SYNONYM values. nss_winbind: hang on Solaris on big groups. build: Use as-needed linker flag also on OpenBSD. s3: dfs: a crash when the dfs targets are disabled. pam_winbind: a segfault if initialization fails. net: a crash with apos;net ads keytab create apos. vfs_commit: set the fd on open before calling SMB_VFS_FSTAT.
4.2.409 Sep 2015 12:05 minor feature: Smbd: SMB3 functionality of "smb encrypt". lib: replace: Add strsep function (missing on Solaris). stream names with colon with "fruit:encoding = native". vfs:fruit: Implement copyfile style copy_chunk. s3-net: Use talloc array in share allowedusers. vfs_fruit: Handling of empty resource fork. auth/credentials: If credentials have principal set, they are Not anonymous anymore. s3-smbd: Reset protocol in smbXsrv_connection_init_tables Failure paths. ctdb-daemon: Return correct sequence number for CONTROL_GET_DB_SEQNUM. ctdb-daemon: Improve error handling for running event scripts. lib: rundown of open_socket_out(). Avoid quoting problems in user's DNs. s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. s3-util: Compare the maximum allowed length of a NetBIOS name. s3:lib: some corner cases of open_socket_out_cleanup(). Backport dcesrv_netr_DsRGetDCNameEx2. s3:libsmb: a in conversion of ea list to ea array. s4:rpc_server/netlogon: for NetApp. s3-auth: "map to guest = Bad uid". s3-smbd: Leave sys_disk_free() if dfree command is used. s3-auth: a possible null pointer dereference. ctdb-scripts: Support monitoring of interestingly named VLANs on bonds. ctdb-daemon: Check if updates are in flight when releasing all IPs. ctdb-build: building of PCP PMDA module. s3: winbindd: TALLOC_FREE of uninitialized groups variable.
4.2.315 Jul 2015 03:15 minor feature: docs: Overhaul the description of "smb encrypt" to include SMB3 encryption. s3: lib: util: Ensure we read a hex number as x, not u. Excessive cli_resolve_path() usage can slow down transmission. winbindd: winbindd_raw_kerberos_login - ensure logon_info exists in PAC. s3: smbd: Use separate flag to track become_root()/unbecome_root() state. s3: smbd: Codenomicon crash in do_smb_load_module(). s3:param/loadparm: Fix 'testparm --show-all-parameters'. winbindd: Sync secrets.ldb into secrets.tdb on startup. s3:smb2: Add padding to last command in compound requests. vfs_fruit: Add option "veto_appledouble". smbd/trans2: Add a useful diagnostic for files with bad encoding. vfs_fruit: Check offset and length for AFP_AfpInfo read requests. ncacn_http: Fix GNUism. s3-rpc_server: Fix rpc_create_tcpip_sockets() processing of interfaces. tdb: version 1.3.5: ABI change: tdb_chainlock_read_nonblock() has been added. s4:lib/tls: Fix build with gnutls 3.4. Add IPv6 support to ADS client side LDAP connects. Add IPv6 support for determining FQDN during ADS join. s3: IPv6 enabled DNS connections for ADS client. s4.2/ Fixed fsmo transfer exception. Fix invalid write in ctdb_lock_context_destructor. smbd: Fix a use-after-free. tstream: Make socketpair nonblocking. tevent: Fix CID 1035381 Unchecked return value. tdb: Fix CID 1034842 and 1034841 Resource leaks. Logon via MS Remote Desktop hangs. tevent: Add a note to tevent_add_fd(). Fix invalid write in ctdb_lock_context_destructor. tevent_fd needs to be destroyed before closing the fd. Build fails on Solaris 11 with " PTHREAD_MUTEX_ROBUST undeclared". Robust mutex support broken in 1.3.5. s3:smb2_setinfo: Fix memory leak in the defer_rename case. Backport tevent-0.9.25. Backport tdb-1.3.6. s3:auth_domain: Fix talloc problem in connect_to_domain_password_server(). Group creation: Add msSFU30Name only when --nis-domain was given. pidl: Make the compilation of PIDL producing the same results if the content hasn't change. Kerberos
4.2.117 Apr 2015 01:25 minor bugfix: s3:winbind:grent: Don't stop group enumeration when a group has no gid. build:wafadmin: Fix use of spaces instead of tabs. s3-winbind: Fix cached user group lookup of trusted domains. s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields. s3: client: "client use spnego principal = yes" code checks wrong name. s3: lib: libsmbclient: If reusing a server struct, check every cli- gt;timout miliseconds if it's still valid before use. s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case. Fix lots of winbindd zombie processes on Solaris platform. s3: libsmbclient: Add missing talloc stackframe. backupkey: Explicitly link to gnutls and gcrypt. backupkey: Use ndr_pull_struct_blob_all(). vfs_fruit: Enhance handling of malformed AppleDouble files. Initialize dwFlags field of DNS_RPC_NODE structure. docs/idmap_rid: Remove deprecated base_rid from example. waf: Fix the build on openbsd. talloc: Version 2.1.2. s4:auth/gensec_gssapi: Let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors. Update libwbclient version to 0.12. spoolss: Retrieve published printer GUID if not in registry. replace: Remove superfluous check for gcrypt header. s4-process_model: Do not close random fds while forking. s3-passdb: Fix 'force user' with winbind default domain. brlock: Use 0 instead of empty initializer list. lib: texpect: Fix the build on Solaris. libcli/auth: Match Declaration of netlogon_creds_cli_context_tmp with implementation. Backport subunit changes.
4.2.005 Mar 2015 07:05 major feature: doc:man:vfs_glusterfs: improve the configuration section. tevent: Ignore unexpected signal events in the same way the epoll backend does. debug: Set close-on-exec for the main log file FD. Fix Win8.1 Credentials Manager issue after KB2992611 on Samba domain. smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT. vfs: Add a brief vfs_ceph manpage. tevent: version 0.9.24. ctdb-io: Do not use sys_write to write to client sockets. snprintf: Try to support j. Fix Win8.1 Credentials Manager issue after KB2992611 on Samba domain. doc-xml: Add 'sharesec' reference to 'access based share enum'. Enable mutexes in gencache_notrans.tdb. cli_connect_nb_send: Don't segfault on host == NULL. s3: lib, s3: modules: Fix compilation on Solaris. Fix authentication using Kerberos (not AD). CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer. s3: smbclient: Allinfo leaves the file handle open. s3: smbd: leases - losen paranoia check. Stat opens can grant leases. s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting. vfs_glusterfs: Add comments to the pipe(2) code. s3-vfs: Fix developer build of vfs_ceph module. printing/cups: Pack requested-attributes with IPP_TAG_KEYWORD. vfs_snapper: Correctly handles multi-byte DBus strings. libsmb: Provide authinfo domain for encrypted session referrals. vfs_glusterfs: Implement AIO support. Enable mutexes in gencache_notrans.tdb. nsswitch: Fix soname of linux nss_, s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535". Make validate_ldb of String(Generalized-Time) accept millisecond format ".000Z". Use -R linker flag on Solaris, not -rpath. samba-tool: Create NIS enabled users and unixHomeDirectory attribute. Make Sharepoint search show user documents. Enable mutexes in gencache_notrans.tdb. utils: Fix 'net time' segfault. s3-pam_smbpass: Fix memory leak in pam_sm_authenticate(). CVE-2015-0240: s3-netlogon: Make sure we do not deference a NULL pointer. v
4.1.1724 Feb 2015 03:45 security: CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon server could lead to security vulnerability. CVE-2015-0240: s3-netlogon: Make sure we do not deference a NULL pointer.
4.1.1617 Jan 2015 20:45 minor feature: CVE-2014-8143: dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl.
4.1.1513 Jan 2015 19:45 minor feature: libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does. Fix profiles tool. idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo. pam_winbind: Fix warn_pwd_expire implementation. s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses. nsswitch: Fix soname of linux nss_, s4:dsdb/rootdse: Expand extended dn values with the AS_SYSTEM control. s3:smb2_server: Allow reauthentication without signing. Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack' attribute 'supported_extensions'. Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack' attribute 'supported_extensions'. winbind: Retry LogonControl RPC in ping-dc after session expiration. s3-lib: Do not require a password with --use-ccache. s3-smbclient: Return success if we listed the shares. s3-smbstatus: Fix exit code of profile output.
4.1.1402 Dec 2014 09:45 minor feature: Revert buildtools/wafadmin/Tools/ back to upstream state. nmbd fails to accept "--piddir" option. s3-nmbd: Fix netbios name truncation. s3: libsmbclient-smb2. MacOSX 10 SMB2 server doesn't set STATUS_NO_MORE_FILES when handed a non-wildcard path. s3: nmbd: Ensure NetBIOS names are only 15 characters stored. Cleanup add_string_to_array and usage. spoolss: Fix handling of bad EnumJobs levels. spoolss: Fix jobid in level 3 EnumJobs response. s4-dns: Add support for BIND 9.10. nss_winbind: Add getgroupmembership for FreeBSD. pdb_tdb: Fix a TALLOC/SAFE_FREE mixup. pidl/wscript: Remove --with-perl-, s3:smbd: Fix file corruption using "write cache size != 0". vfs_glusterfs: Remove "integer fd" code and store the glfs pointers. s3-keytab: Fix keytab array NULL termination. S3: source3/smbd/process.c::srv_send_smb() returns true on the error path.
4.1.1321 Oct 2014 03:18 minor feature: s3:smbd:open_file: Use a more natural check. s3: winbindd: Old NT Domain code sets struct winbind_domain- gt;alt_name to be NULL. Ensure this is safe with modern AD-DCs. pthreadpool: Slightly serialize jobs. s3: smbd: Open logic fix. s3: nmbd: Ensure the main nmbd process doesn't create zombies. s3: lib: Signal handling - ensure smbrun and change password code save and restore existing SIGCHLD handlers. s3: smb2cli: Query info return length check was reversed. s3-libnet: Make sure we do not overwrite precreated SPNs. docs: Mention incompatibility between kernel oplocks and streams_xattr. Fix unstrcpy. s3: smbd: streams - Ensure share mode validation ignores internal opens (op_mid == 0). vfs_media_harmony: Fix a crash bug. registry: Don't leave dangling transactions. s3-winbindd: Use correct realm for trusted domains in idmap child. idmap_rfc2307: Fix a crash after connection problem to DC. s3-winbindd: Do not use domain SID from LookupSids for Sids2UnixIDs call. s3-libnet: Add libnet_join_get_machine_spns(). s3-libads: Add all machine account principals to the keytab. nmbd: Send waiting status to systemd. libcli: Fix a segfault calling smbXcli_req_set_pending() on NULL. nsswitch: Skip groups we were not able to map.
4.1.1103 Aug 2014 13:01 security: CVE-2014-3560: Fix unstrcpy macro length. Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
4.0.2103 Aug 2014 13:00 security: CVE-2014-3560: Fix unstrcpy macro length. Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
4.0.2003 Aug 2014 12:58 major bugfix: s3: smb2: Fix 'xcopy /d' with samba shares. Samba won't start on a machine configured with only IPv4. s3: SMB2: Fix leak of blocking lock records in the database. SMB1 blocking locks can fail notification on unlock, causing client timeout. s3: smbd: Locking, fix off-by one calculation in brl_pending_overlap(). wbcCredentialCache fails if challenge_blob is not first. rid_array used before status checked - segmentation fault due to null pointer dereference. printing: Fix purge of all print jobs. net/doc: Make clear that net vampire is for NT4 domains only. autobuild: Delete NSS_MODULES in "make clean". msg_channel: Fix a 100 CPU loop. smbstatus: Fix an uninitialized variable. 'RW2' smbtorture test fails when -N is set to 2 due to the invalid status check in the second client. smbd: Avoid double-free in get_print_db_byname. ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory(). wbcCredentialCache fails if challenge_blob is not first. Backport autobuild/selftest fixes from master. s3:smb2_read: let smb2_sendfile_send_data() behave like send_file_readX().
4.1.1003 Aug 2014 12:56 major bugfix: Backport ldb-1.1.17 + changes from master. s3: libsmbclient: Work around bugs in SLES cifsd and Apple smbx SMB1 servers. Samba won't start on a machine configured with only IPv4. s3: smbd: Prevent file truncation on an open that fails with share mode violation. s3: SMB2: Fix leak of blocking lock records in the database. SMB1 blocking locks can fail notification on unlock, causing client timeout. s3: smbd: Locking, fix off-by one calculation in brl_pending_overlap(). wbcCredentialCache fails if challenge_blob is not first. lib/ldb: Fix compiler warnings. dbcheck: Add check and test for various invalid userParameters values. Simple use case results in "no talloc stackframe around, leaking memory" error. dsdb: Always store and return the userParameters as a array of LE 16-bit values. dsdb: Rename private_data to rootdse_private_data in rootdse. rid_array used before status checked - segmentation fault due to null pointer dereference. ldb: make the successful ldb_transaction_start() message clearer. dsdb: Return NO_SUCH_OBJECT if a basedn is a deleted object. Backport access check related fixes from master. samba-tool: Add --site parameter to provision command. Fix SEGV from improperly formed SUBSTRING/PRESENCE filter. ldb: Do not build libldb-cmdline when using system ldb. s4-openldap: Remove use of talloc_reference in ldb_map_outbound.c net/doc: Make clear that net vampire is for NT4 domains only. s3: Fix missing braces in nfs4_acls.c. Fix "PANIC: assert failed at ../source3/smbd/open.c(1582): ret". msg_channel: Fix a 100 CPU loop. s3: smbd: Prevent file truncation on an open that fails with share mode violation. smbstatus: Fix an uninitialized variable. 'RW2' smbtorture test fails when -N is set to 2 due to the invalid status check in the second client. ldb: Fix 1138330 Dereference null return value, fix CIDs 241329, 240798, 1034791, 1034792 1034910, 1034910). smbd: Avoid double-free in get_print_db_byname. s4:dsdb/samldb: Don't allow 'userParameters' to
4.1.911 Jul 2014 17:25 security: Security release in order to address CVE-2014-0244 (Denial of service - CPU loop) and CVE-2014-3493 (Denial of service - Server crash/memory corruption)