Blog

SAMBA+ 4.17.11 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:
https://www.samba.org/samba/history/samba-4.17.11.html

The process on how to access the SAMBA+ Software Packages has changed. Please consult our SAMBA+ HowTo to learn more. 

SerNet Inc. will be participating as a Silver Sponsor at this year's Storage Developer Conference (SDC). The conference is hosted by the Storage Networking Industry Association (SNIA) in Fremont, CA on September 18-21.

Our Samba team will be presenting on September 20: 

Topic: Reparse Points Current Status
Speaker: Volker Lendecke, Developer at SerNet/Samba Team
8:30am - 9:20am (PST)

Topic: Samba io_uring Status Update
Speaker: Stefan Metzmacher, Developer at SerNet/Samba-Team
9:30am - 10:20am (PST)

Topic: net use //samba/cloud: Scaling Samba
Speaker: Ralph Böhme, Samba Team Lead at SerNet/Samba Team
10:35am - 11:25am (PST)

In addition to these sessions, we invite all attendees to meet our team, discuss our recent endeavors, and explore potential collaborations. To ensure in-depth discussions and address specific inquiries, we are offering scheduled appointments. Those interested can contact us in advance to secure a meeting slot. Please use the contact form or mail us at sales@remove-this.sernet.com – we look forward to a constructive dialogue and a successful conference.

The next webinar in the "Setting up Samba on AIX with SAMBA+" series will be held on September 14, 2023, from 10 to 11 a.m. (PDT). Registration for the event and more information can be found here. The platform used is GoTo Webinar.

In the webinar, participants will learn from our expert Björn Jacke how to set up Samba with SAMBA+ on AIX, IBM's Unix operating system, and integrate it into an Active Directory environment. Among other things, they will receive tips on how to overcome frequently occurring difficulties. Special attention will also be paid to parameter settings in AIX. There will also be an opportunity to clarify any questions.

This webinar will be held in English. Further dates will be announced shortly.

SAMBA+ 4.18.5, 4.17.10 and 4.16.11 have just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now. Please note: This are Security Updates, packages should be deployed as soon as possible.

These packages address several security related issues:

• CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it.
• CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request.
• CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. 
• CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server- side absolute path of shares and files and directories in search results.

An update for SAMBA+ 4.18.4, 4.16.10 and 4.17.9 has been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address the following issue:

• Bug 15418 - secure channel faulty since Windows 10/11 update 07/2023
  The recently released Windows Update KB5028185/KB5028166 (July 11, 2023) breaks the client authentication against Samba AD DCs.