From: Gerald (Jerry) Carter Date: Thu, 15 Nov 2007 16:51:23 +0000 (-0600) Subject: Pull in release notes from 3.0.27 to the v3-0 development branch X-Git-Tag: samba-3.0.27a~14 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=63918ac0f0a3767237210182f0f35840db87242c;p=thirdparty%2Fsamba.git Pull in release notes from 3.0.27 to the v3-0 development branch --- diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 58680368788..d208c072302 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,268 @@ + ============================== + Release Notes for Samba 3.0.27 + Nov 15, 2007 + ============================== + +Samba 3.0.27 is a security release in order to address the following +defects: + + o CVS-2007-4572 + Stack buffer overflow in nmbd's logon request processing. + + o CVE-2007-5398 + Remote code execution in Samba's WINS server daemon (nmbd) + when processing name registration followed name query requests. + +The original security announcement for this and past advisories can +be found http://www.samba.org/samba/security/ + +###################################################################### +Changes +####### + +Changes since 3.0.26a +--------------------- + +o Jeremy Allison + * Fix for CVS-2007-4572. + * Fix for CVE-2007-5398. + + +o Simo Sorce + * Additional fixes for CVS-2007-4572. + + +Release notes for older releases follow: + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.26a + Sep 11, 2007 + =============================== + +Major bug fixes included in Samba 3.0.26a are: + + o Memory leaks in Winbind's IDMap manager. + + +###################################################################### +Changes +####### + +Changes since 3.0.26 +-------------------- + +o Michael Adam + * Fix read_sock() semantics in wb_common.c to address "invalid + request size" errors in winbindd logs. + * Fix use of pwrite() in tdb IO code paths. + + +o Jeremy Allison + * Fix logic error in timeout of blocking lock processing. + + +o Guenther Deschner + * Fix error code in the msrpc EnumerateDomainGroups() Winbind + method when a memory allocation fails. + * Fix Winbind initialization storms when contacting an older Samba DC. + + +o Volker Lendecke + * Fix compile failure in NFSv4 VFS module. + * Fix compile failures on True64. + * Fix compile failure in unmaintained python bindings. + * BUG 4917: Fix memory leaks in Winbind's idmap_ldap and + idmap_cache backends. + * Coverity fixes in the group mapping code. + + +o Derrell Lipman + * Remove NetBIOS keepalives from libsmbclient and consolidate on + the use of getpeername() when checking connection health. + * Use formal syntax for invoking function pointers in + libsmbclient. + + +o Lars Mueller + * Fixes for Winbind's AD site support when the host is not + configured in any site or nor DC's are present within the host's + configured site. + + +o Simo Sorce + * Debian packaging updates for 3.0.25c. + * Add sanity checks for "smb ports" values. + * Fix compile issues related to the VFS "open" method and newer + glibc implementations. + * Fix a segv in smbldap_set_creds() when using an anonymous + connection. + * BUG 4772: Fix us of ldap_base_dn for the idmap_ldap plugin. + + +Release notes for older releases follow: + + -------------------------------------------------- + ============================== + Release Notes for Samba 3.0.26 + Sep 11, 2007 + ============================== + +This is a security release of Samba 3.0 to address + + o CVE-2007-4138 + Versions: All Samba 3.0.25 releases + Incorrect primary group assignment for + domain users using the rfc2307 or sfu + winbind nss info plugin. + +The original security announcement for this and past advisories +can be found http://www.samba.org/samba/security/ + +###################################################################### +Changes +####### + +Changes since 3.0.25c +--------------------- + +o Gerald (Jerry) Carter + * Fix CVE-2007-4138 in the "winbind nss info = {sfu | rfc2307}" + plugin (idmap_ad.c) + + + -------------------------------------------------- + =============================== + Release Notes for Samba 3.0.25c + Aug 20, 2007 + =============================== + +Major bug fixes included in Samba 3.0.25c are: + + o File sharing with Widows 9x clients. + o Winbind running out of file descriptors due to stalled + child processes. + o MS-DFS inter-operability issues. + + +###################################################################### +Changes +####### + +Changes since 3.0.25b +--------------------- + +o Michael Adam + * Fix incorrect log messages in tdbbackup. + * Fix a bug in pwrite error detection in tdb_expand_file(). + + +o Jeremy Allison + * BUG 4711: Make cli_connect() return NT_STATUS codes. + * Ensure we obey Unicode consortium restrictions. Based on + patch from MORIYAMA Masayuki. + * BUG 3204: Cope with stalled winbindd child processes and + prevent the parent winbindd process from running out of file + descriptors. + * Fix realloc leak on failure case from Jim Meyering. + * BUG 4759: Fix crash in ber_printf() caused invalid tag. + * BUG 4763: Limit notify responses to client max buf size. + * BUG 4777: Doing a DFS traverse through a deep link could fail + (not using explorer). + * BUG 4779: Setting the allocation size updates the modified + time as a write does. + * BUG 4308: Fix interaction with MS Excel and POSIX ACLs. + * Fix POSIX unlink bug found by the Linux CIFS fs client. + * Stop counting locks if we get a POSIX lock request. + * Fix interaction between Linux CIFS fs client and Windows + clients when the former tries to remove a file opened by the + latter. + * Fix incorrect mapping of invalid resume names in FindNext + commands. + * Cope with dead entries in the locking database tied to + non-existent processes (merge from 3.2-ctdb). + * Fix MS-DFS related renaming bug in smbclient. + * Fix for write cache corruption bug. + * Fix invalid vuid from being returned by a failed call to + cli_session_setup_spnego.(). + * Fixes for error mappings from NT_STATUS to the appropriate DOS + error codes in reply_opeNXXX() calls. + + +o Ofir Azoulay + * Only look at errno set by SMB_VFS_CLOSE() if the call actually + failed. + + +o Alexander Bokovoy + * Fix vfs_readahead: transparent modules should always pass + through. + + +o David S. Collier-Brown + * BUG 4897: Fix Solaris xattr misdeclarations. + + +o Guenther Deschner + * Remove redundant pointer checks when freeing memory in winbindd. + * BUG 4408: Remove last traces of Heimdal KCM support. + * Fix bug in user Krb5 ticket refresh feature in winbindd. + * Fix Heimdal path in the krb5 renew routine. + * Unused code cleanup in winbindd. + + +o SATOH Fumiyasu + * BUG 4750: smbc_telldir_ctx() was not returning a value useful + to smbc_lseekdir_ctx(). + + +o Bjoern Jacke + * Add support for Extended Attributes on Solaris. + + +o Matthijs Kooijman + * BUG 4836: Fix incorrect log message in the nss_info + plugin init call. + * BUG 4849: Fix "net ads dns register" usage text. + + +o Volker Lendecke + * Port cli_connect() NT_STATUS fixes to smbmount. + * Add notes about smbfs/cifs to usage() in smb[u]mount. + * BUG 4792: Fix pidfile name bug. + * Fix missing END_PROFILE() call in the SMBunlink reply. + * Coverity fixes. + * Correct logic error in change notify code that would result in + an endless loop. + * Fix uninitialized reads in the spoolss GetPrinterData() replies. + * Fix file overwrites from Windows 9x clients. + + +o Herb Lewis + * Unused code cleanup. + * Avoid a crash in "net rpc info" when no username has + been specified. + * Remove biconv detection on *BSD. + + +o Derrell Lipman + * Get/Set ACL fixes in libsmbclient. + + +o Jan Martin + * BUG 4860: Patches for fixing MS-DFS links with trailing + back slashes. + + +o Jim McDonough + * BUG 4719: "Must change password" is not set from usrmgr.exe. + + +o Atsushi Nakabayashi + * Ensure proper exit when nmbd is unable to reopen the wins.tdb. + * Fix error path memleaks in the messaging subsystem. + + -------------------------------------------------- =============================== Release Notes for Samba 3.0.25b June 20, 2007