Samba

News

2014-08-20

Updates for SerNet SAMBA 4.1.11

A new set of SerNet SAMBA 4.1.11 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available as of now. 

These packages address a few issues:

  • Fix bug #10369 - configure flag --without-dmapi is not honored. Due to this fix, the SerNet binary RPMs do not have a dependency on any DMAPI library any more. When rebuilding from the source RPM, by default no DMAPI library is linked, unless "--with dmapi" is passed to rpmbuild.
  • Fix bug #10737 - idmap: irritating level 1 debug message from idmap_init_domain().
  • Fix bug #10741 - VFS gpfs offline bit is flapping. This fixes a long standing problem with Samba serving files from GPFS in combination with "store dos attributes = yes" and "gpfs:winattr = yes". 
  • Partial fix for bug #10749 - Support for DNS_TYPE_TOMBSTONE records. DNS_TYPE_TOMBSTONE records are created, but not periodically cleaned up. The cleanup task will be added in future releases. As DNS tombstone records will now be recycled automatically, this fix will prevent /var/lib/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,*.ld from growing significantly over time.

Please note: If you upgrade an active directory domain controller from a version prior to 4.1.10 to Samba 4.1.10 or newer, consider that it can take SAMBA several minutes  (or even hours in very large installations) to complete startup due to a re-indexing of the AD database.

In a multi-DC setup, be sure to update the DCs one after another, waiting for one DC to be fully up and running again before updating the next one.

To access the packages  visit the EnterpriseSAMBA Portal. You need to login with your username and accesskey (not password).

2014-08-01

SerNet SAMBA 4.0.21 and 4.1.11 Packages available for download

Please note that these are security releases in order to address:

  • CVE-2014-3560: SAMBA 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services

To access the aforementioned packages you need to register at the EnterpriseSAMBA Portal.

2014-07-29

SerNet SAMBA 4.1.10 Packages available for download

The SerNet SAMBA 4.1.10 Packages have just been released. They are available for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu.

The issues addressed are listed here.

Please note that a registration at the EnterpriseSAMBA Portal is necessary in order to access the packages.

2014-07-02

SerNet Samba 3.6.24 Packages Available for Download

Please note that this is a security release in order to address:

2014-06-26

SerNet Samba 4.0.19 and 4.1.9 Packages Available for Download

Please note that these are security releases in order to address:

2014-06-04

SerNet Samba 4.0.18 and 4.1.8 Packages Available for Download

Please note that those bug fix releases also address two minor security issues without being a dedicated security release:

  • CVE-2014-0239: dns: Don't reply to replies (bug #10609).
  • CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response (bug #10549).
2014-04-22

SerNet Samba 4.0.17 and 4.1.7 Packages Available for Download

These packages address a lot of issues, which are listed at:

2014-03-11

Samba 4.1.6, 4.0.16 and 3.6.23 Security Releases Available for Download

These are security releases in order to address CVE-2013-4496 (Password lockout not enforced for SAMR password changes) and CVE-2013-6442 (smbcacls will remove the ACL on a file or directory when changing owner or group owner.).

 

Please update affected systems as soon as possible.

2014-02-21

SerNet Samba 4.1.5 Packages Available for Download

Samba 4.1.5 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.1/.

These packages fix the following issue amongst others:

  • Fix 100% CPU utilization in winbindd when trying to free memory in winbindd_reinit_after_fork (bug #10358).
  • smbd: Fix memory overwrites (bug #10415).
2014-02-19

SerNet Samba 4.0.15 Packages Available for Download

Samba 4.0.15 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

These packages address a lot of issues.

Additionally these packages include the fix for:

  • dfs: always call create_conn_struct with root privileges (bug #10378).
2014-01-10

SerNet Samba 4.1.4 and new set of 4.0.14 Packages Available for Download

Samba 4.1.4 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.1/.

These packages fix the following issue amongst others:

  • Fix segfault in smbd (bug #10284).
  • Fix SMB2 server panic when a smb2 brlock times out (bug #10311).

Additionally all new 4.0.14 and 4.1.4 packages for Debian based systems provide now packages to satisfy the dependencies of different other packages.

2014-01-07

SerNet Samba 4.0.14 Packages Available for Download

Samba 4.0.14 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

These packages fix the following issue amongst others:

  • Fix segfault in smbd (bug #10284).
  • Fix SMB2 server panic when a smb2 brlock times out (bug #10311).
2013-12-09

SerNet Enterprise Samba 4.1.3, 4.0.13 and 3.6.22 packages Available for Download.

These are security releases in order to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked) and CVE-2012-6150 (pam_winbind login without require_membership_of restrictions).

Please update affected systems as soon as possible.

Download Samba 3.6.22 packages.
Download Samba 4.0.13 packages.
Download Samba 4.1.3 packages.

2013-11-29

SerNet Samba 3.6.21 Packages Available for Download

This release addresses several issues.

Please refer to the release notes for a full list of bug fixes.

Download Samba 3.6.21 packages.

2013-11-22

SerNet Enterprise Samba 4.1.2 Packages Available for Download.

Samba 4.1.2 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

2013-11-19

SerNet Samba 4.0.12 Packages Available for Download

Samba 4.0.12 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

These packages fix the following issue amongst others:

  • RW Deny for a specific user is not overriding RW Allow for a group (bug #10196).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-11-13

SerNet Enterprise Samba 4.1.1 Packages Available for Download.

Starting with Samba 4.1.1, SerNet does now provide Samba 4.1 packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu!

Download Samba 4.1.1 packages.

2013-11-11

SerNet Enterprise Samba 4.0.11 and 3.6.20 packages Available for Download.

These are security releases in order to address CVE-2013-4475 (ACLs are not checked on opening an alternate data stream on a file or directory). For more information, please refer to the security advisory.

Please update affected systems as soon as possible.

Download Samba 3.6.20 packages.
Download Samba 4.0.11 packages.

2013-10-30

A new set of SerNet Samba 4.0.10 Packages Available for Download

New Samba 4.0.10 packages have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

These packages fix the following issue:

  • Internal Error: Signal 11 PANIC on one of two DCs (bug #10052).

Additionally, the packages "sernet-samba-libwbclient0" and "sernet-samba-libpam-smbpass" have been removed. The content of theses packages has been merged into the "sernet-samba-libs" package. These changes were needed to fix a dependency loop between "sernet-samba-libwbclient0" and "sernet-samba-libs".

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-10-08

SerNet Samba 4.0.10 Packages Available for Download

Samba 4.0.10 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.10 fixes the following issues amongst others:

  • NetBIOS related samba process consumes 100% CPU (bug #10158).
  • smbd: Clean up share modes after hard crash (bug #10138).
  • Fix POSIX ACL mapping when setting DENY ACE's from Windows (bug #10162).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-08-30

SerNet Samba 4.0.9-5 RPMs and 4.0.9-6 deb Packages Available for Download

Samba 4.0.9-5 RPMs and 4.0.9-6 deb have just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.9 fixes the following issues:

  • Move gencache.tdb from /var/lock/samba (tmpfs) to /var/cache/samba to avoid removal during reboot (bug #9802).
  • Move tdb files with non-persistent data from /var/lock/samba to /var/cache/samba to avoid crashes caused by small tmpfs partitions.

The gencache.tdb file includes the server affinity cache and should not be deleted when rebooting. After updating to this version, please stop all Samba services, move /var/lock/samba/gencache.tdb to /var/cache/samba/ and restart the services afterwards. Thank you!

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-08-20

SerNet Samba 4.0.9 Packages Available for Download

Samba 4.0.9 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.9 fixes the following issues amongst others:

  • Fix crash of Winbind after 'ls -l /usr/local/samba/var/locks/sysvol' (bug #9820).
  • Fix segmentation fault while reading incomplete session info (bug #10003).
  • smbd: Fix a 100% loop at shutdown time (bug #10013).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-08-14

SerNet Samba 3.6.18 Packages Available for Download

This release addresses the following issues amongst others:

  • Windows 8 Roaming profiles fail (bug #9678).
  • Linux kernel oplock breaks can miss signals (bug #10064).

Download Samba 3.6.18 packages.

2013-08-05

SerNet Samba 4.0.8, 3.6.17 and 3.5.22 Packages Available for Download

These are security releases in order to address CVE-2013-4124 (Denial of service attack on authenticated or guest connections).

Please update affected systems (Samba 3.0.x - 4.0.7) as soon as possible.

Download Samba 3.5.22 packages.

Download Samba 3.6.17 packages.

Download Samba 4.0.8 packages.

2013-07-02

SerNet Samba 4.0.7 Packages Available for Download

Samba 4.0.7 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.7 fixes the following issues amongst others:

  • Fix a core dump with invalid lock order while opening/editing or copying MS files (bug #9794).
  • Fix crash bug from search of mail= (bug #9967).
  • winbind4: talloc use after free (bug #9832).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-06-20

SerNet Samba 3.6.16 Packages Available for Download

This release addresses the following issues:

  • Fix crash bug during Win8 sync (bug #9822).
  • Properly handle Oplock breaks in compound requests (bug #9722).

Download Samba 3.6.16 packages.

2013-06-11

SerNet Samba 4.0.6-3 (deb) packages and 4.0.6-2 (RPMs) have just been released.

These are available at https://download.sernet.de/packages/samba/4.0/.

These packages fix several issues amongst others:

  • ldaps was not working (affects openSUSE packages only).
  • Fix possible leak on domain controllers (bug #9929).
  • is_printer_published GUID retrieval (bug #9900).
  • Only initial signed DNS update for a host works (bug #9559).
  • winbind4: talloc use after free (bug #9832).

Furthermore, dlz_bind9.so has been added to the sernet-samba-ad package.

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-05-29

Samba4 Training

Heinlein Support does now provide a Samba4 training based on a collaboration with SerNet.

2013-05-29

SerNet Samba 4.0.6-2 Packages for Debian/Ubuntu Available for Download

SerNet Samba 4.0.6-2 packages for Debian/Ubuntu have just been released. These are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.6-2 fixes an issue with broken shebang lines in some python scripts (e.g. samba_spnupdate, samba_dnsupdate, samba_kcc).

  • Broken python shebang e.g. in samba_dnsupdate (bug #9909).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-05-22

SerNet Samba 4.0.6-1 Packages Available for Download

Samba 4.0.6-1 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux are available at https://download.sernet.de/packages/samba/4.0/.

Samba 4.0.6 fixes the following issues amongst others:

  • Fix crash during Win8 sync (bug #9822).
  • Fix segfault when loging in with wrong password from w2k8r2 (bug #9834).

Please note that you need to register on https://portal.enterprisesamba.com/ to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password) shown on https://portal.enterprisesamba.com/.

2013-05-14

SerNet Samba 4.0.5 Packages Available for Download

SerNet does now provide Samba 4 packages for free. You need to register to be able to download them.

More information on how to install the packages etc. will be available on the web site after logging in.

2013-05-08

SerNet Samba 3.6.15 Packages Available for Download

This release addresses the following issues:

  • Fix crash bug in Winbind (bug #9854).
  • Fix "guest ok", "force user" and "force group" for guest users (bug #9746).
  • Fix panic in nt_printer_publish_ads (bug #9830).
  • Fix 'map untrusted to domain' with NTLMv2 (bug #9817).

With Samba 3.6.14, a regression in Winbind has been introduced. Please see bug #9854 for details.

Updating from 3.6.14 is highly recommended in setups running Winbind.

2013-04-29

SerNet Samba 3.6.14 Packages Available for Download

This release addresses the following issues amongst others:

  • Certain xattrs cause Windows error 0x800700FF (bug #9130).

Download new Enterprise Samba Packages.

2013-03-18

SerNet Samba 3.6.13 Packages Available for Download

This release addresses the following issues amongst others:

  • Fix two resource leaks in winbindd (bug #9684).
  • Unlink after open causes smbd to panic (bug #9571).

Download new Enterprise Samba Packages.

2013-01-30

Samba 3.6.12 and 3.5.21 Security Releases Available for Download

These are security releases in order to address CVE-2013-0213 (Clickjacking issue in SWAT) and CVE-2013-0214 (Potential XSRF in SWAT).

Download new Enterprise Samba Packages

2013-01-21

SerNet Samba 3.6.11 Packages Available for Download

This release addresses the following issues amongst others:

  • defer_open is triggered multiple times on the same reques (bug #9196).
  • Fix SEGV wh_n using second vfs module (bug #9471).

Download new Enterprise Samba Packages.

2012-12-17

SerNet Samba4 Appliance v0.6 has just been released

  • The Samba-Package is based on the stable Samba 4.0.
  • New Zarafa AD schema-extension from zcp-7.1.1-37812 imported.
  • Adapted dcpromo script to work with Samba 4.0.
  • Adapted status script to work with Samba 4.0.
  • Further minor improvements and fixes.

Read more

2012-12-17

SerNet Samba 3.5.20 Packages Available for Download

This release addresses the following issues amongst others:

  • Fix segfaults in log level = 10 on Solaris (bug #9390).
  • Apply ACL masks correctly when setting ACLs (bug #9236).

Download new Enterprise Samba Packages

2012-12-10

Samba 3.6.10 Available for Download

This release addresses the following issues amongst others:

  • Respond correctly to FILE_STREAM_INFO requests (bug #9460).
  • Fix segfault when "default devmode" is disabled> (bug #9433).
  • Fix segfaults in "log level = 10" on Solaris (bug #9390).

Download new Enterprise Samba Packages

2012-11-05

SerNet Samba 3.5.19 Packages Available for Download

This release addresses the following issues amongst others:

  • Connection to outbound trusted domain goes offline (bug #9016).
  • ACL masks incorrectly applied when setting ACLs (bug #9236).
  • Samba panics if a user specifies an invalid port number (bug #9218).

Download new Enterprise Samba Packages

2012-10-30

SerNet Samba 3.6.9 Packages Available for Download

This release addresses the following issues amongst others:

  • When setting a non-default ACL, don't forget to apply masks to SMB_ACL_USER and SMB_ACL_GROUP entries (bug #9236).
  • Winbind can't fetch user or group info from AD via LDAP (bug #9147).
  • Fix segfault in smbd if user specified ports out of range (bug #9218).

Download new Enterprise Samba Packages

2012-09-24

Samba 3.5.18 Available for Download

This release addresses the following issues amongst others:

  • Fix a smbd crash in reply_lockingX_error (bug #9084).
  • Fix Winbind crashes caused by mis-identified idle clients (bug #9104).
  • Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in _pam_winbind_change_pwd() when password is expiring bug #9013).

Download new Enterprise Samba Packages

2012-09-21

SerNet Samba4 Appliance v0.5 has just been released

  • The Samba-Package is based on the new version Samba 4.0 rc1.
  • Adapted dcpromo script to work with Samba4 rc1.
  • Small server status script with link on appliance users desktop.
  • New password complexity check.
  • Samba4 Appliance splash screen for installer.
  • Fixed typos.
  • Further minor improvements and fixes.

Read more

2012-09-17

Samba 3.6.8 Available for Download

This release addresses the following issues amongst others:

  • Crash bug in smbd caused by a blocking lock followed by close (bug #9084).
  • Winbind panic if we couldn't find the domain (bug #9135).

Download new Enterprise Samba Packages

2012-08-13

Samba 3.5.17 Available for Download

This release addresses the following issues amongst others:

  • Typo in set_re_uid() call when USE_SETRESUID selected in configure (bug #9034).
  • Build without ads support (bug #8996).
  • Build on HP-UX (bug #9011).
  • Make vfs_gpfs less verbose in get/set_xattr functions (bug #9022).

Download new Enterprise Samba Packages

2012-08-06

Samba 3.6.7 Available for Download

This release addresses the following issues amongst others:

  • Resolving our own "Domain Local" groups (bug #9052).
  • Migrating printers while upgrading from 3.5.x (bug #9026).

Download new Enterprise Samba Packages

2012-07-02

Samba 3.5.16 Available for Download

This release addresses the following issues amongst others:

  • Possible memory leaks in the Samba master process (bug #8970)
  • Uninitialized memory read in talloc_free()
  • Fix smbd crash with unknown user (bug #8314).

Download new Enterprise Samba Packages

2012-06-25

Samba 3.6.6 Available for Download

This release addresses the following issues amongst others:

  • Possible memory leaks in the Samba master process (bug #8970)
  • Uninitialized memory read in talloc_free()
  • Joining of XP Pro workstations to 3.6 DCs (bug #8373)

Download new Enterprise Samba Packages

2012-06-13

SerNet Samba4 Appliance v0.4 has just been released

  • The Samba-Package is based on the new version Samba 4.0 beta1. Binaries are not stripped with the purpose of being debuggable.
  • The 's3fs' file server is now used instead of 'ntvfs'. That means essentially, that the smbd file server from the Samba 3.x release stream is being used.
  • New Linux kernel 3.2.15 from Debian backports with Microsoft Hyper-V support.
  • A signed NTP (MS-SNTP) service provides the Appliances system time.
  • The "dcpromo" script sets the hostname of the Linux system.
  • Provide opportunity to rerun dcpromo by using desktop icon.
  • Place auto generated krb5.conf in /etc/krb5.conf with the purpose to provide opportunity to do signed dns updates in future.
  • Additional preinstalled packages: rsync, ntp
  • Option to do schema updates is enables per default.
  • Further minor improvements and fixes.

Read more

2012-05-02

SerNet Samba4 Appliance v0.3 has just been released

  • The Samba package is based on the new snapshot of Samba 4.0 alpha19.
  • The dcpromo script now offers an option to install the AD schema extensions for the Zarafa Groupware.
  • The dcpromo script will save and remember some settings once they have been set.
  • A bug with setting the host name via dcpromo script has been fixed.
  • nsupdate is used for unsigned ns updates by default.
  • Samba4 paths are now set also for sudo users.

Read more

2012-04-30

Samba 3.6.5, 3.5.15 and 3.4.17 Security Releases Available for Download

These are security releases in order to address CVE-2012-2111 ( Incorrect permission checks when granting/removing privileges can compromise file server security.).

Download new Enterprise Samba Packages

2012-04-12

SerNet Samba4 Appliance v0.2 has just been released

  • The Samba4-Package is based on the new Samba 4.0 alpha19 release with many bug fixes and new features.
  • The "dcpromo" script now offers an option to configure a forwarder DNS server.

Read more

2012-04-10

Samba 3.6.4, 3.5.14 and 3.4.16 Security Releases Available for Download

These are security releases in order to address CVE-2012-1182 ("root" credential remote code execution).

Download new Enterprise Samba Packages

2012-03-23

SerNet Samba4 Appliance v0.1 available for download

SerNet has created a Samba4 software appliance with the purpose to make it very easy to test Samba's new Active Directory functionality already now before it is made officially available with the Samba 4.0 release.

Click here for more information.

2012-03-12

Samba 3.5.13 Available for Download

This release addresses the following issues amongst others:

  • Fix a crash bug in cldap_socket_recv_dgram() (bug #8593).
  • Fully observe password change settings (bug #8561).
  • Fix NT ACL issue (bug #8673).
  • Fix segfault in Winbind if we can't map the last user (bug #8678).
2012-01-30

Samba 3.6.3 Security Release Available

This release is a Security Release in order to address the following issue:

  • CVE-2012-0817: Memory leak/Denial of service (bug #8724).

Latest News

2014-08-20

Updates for SerNet SAMBA 4.1.11

A new set of SerNet SAMBA 4.1.11 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available as of now. 

These packages address a few issues - please see the list in our news for detailed information.

To access the packages  visit the EnterpriseSAMBA Portal. You need to login with your username and accesskey (not password).

2014-08-01

SerNet SAMBA 4.0.21 and 4.1.11 Packages available for download

Please note that these are security releases in order to address:

  • CVE-2014-3560: SAMBA 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services

To access the aforementioned packages you need to register at the EnterpriseSAMBA Portal.