samba logo

Release Announcements

Samba 3.5.10, 3.4.14 and 3.3.16 are security releases in order to address CVE-2011-2522 
(Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a
cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a
cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default,
SWAT is *not* enabled on a Samba install. Changes ------- * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT. ================ Download Details ================ The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA).
The source code can be downloaded from: The release notes are available online at: Binary packages will be made available on a volunteer basis from Samba 3.6.0rc3 Available for Download Release Announcements --------------------- This is the third release candidate of Samba 3.6.0. This is *not* intended for production environments and
is designed for testing purposes only. Please report any defects via the Samba bug reporting system at Major enhancements in Samba 3.6.0 include: Changed security defaults ------------------------- Samba 3.6 has adopted a number of improved security defaults that will impact on existing users of Samba. client ntlmv2 auth = yes client use spnego principal = no send spnego principal = no .

 SMB2 support ------------ Internal Winbind passdb changes ------------------------------- Winbind has been changed to use the internal samr and lsa rpc pipe to get local user and group information instead of calling passdb functions. The reason is to use more of our infrastructure and test this infrastructure by using it. With this approach more code in Winbind is shared. New Spoolss code ----------------

ID Mapping Changes ------------------ Endpoint Mapper --------------- Internal restructuring ---------------------- SMB Traffic Analyzer -------------------- NFS quota backend on Linux -------------------------- ####### Changes ####### smb.conf changes ---------------- Parameter Name Description Default -------------- ----------- ------- async smb echo handler New No client ntlmv2 auth Changed Default Yes client use spnego principal New No ctdb locktime warn threshold New 0 idmap alloc backend Removed log writeable files on exit New No multicast dns register New Yes ncalrpc dir New send spnego principal New No smb2 max credits New 128 smb2 max read New 1048576 smb2 max trans New 1048576 smb2 max write New 1048576 username map cache time New 0 winbind max clients New 200 The variable substitutions for %i and %I no longer use IPv4 addresses mapped to IPv6, e.g.
'::ffff:', if the host has IPv6 enabled. Now %i and %I contain just ''. * Fix a valgrind error.

좀더 자세한 내용은 링크를 참고하세요.

+ Recent posts