Blog

The Storage Developer Conference 2020 was – as many others this year – a virtual event. Volker Ledecke and Stefan Metzmacher from SerNet's Samba Team had recorded their presentations for the SMB Agenda Track in advance. These have now been made available to the public.

Volker Lendecke addressed "Samba locking architecture". Lendecke is SerNet co-founder, developer and long-time Samba Team member. His talk is available here: https://www.youtu.be/BJZAta87V28 (link leads directly to YouTube).

Stefan Metzmacher's topic was "Samba Multi-Channel/io_uring Status Update". He works as developer at SerNet and is a member of the Samba-Team as well. His talk is available here: https://youtu.be/IC2OSp3W6mQ (link leads directly to YouTube).


SAMBA+ Updates for 4.13.2, 4.12.10 and 4.11.16 packages have just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages include regression fixes for the recently fixed issue in the GlusterFS VFS module:

  •  Bug 14486: vfs_glusterfs: Avoid data corruption with the write-behind translator.

Additionally fixes for the following bug are included:

  • Bug 14572: NULL pointer dereference in token_contains_name()

Both fixes avoid possible smbd crashes in affected setups.

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.13.2, 4.12.10 and 4.11.16 packages have just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address a major issue which affects the GlusterFS VFS module:

  • Bug 14486: vfs_glusterfs: Avoid data corruption with the write-behind translator.

Further issues are listed in the Samba release history:

Samba Bug 14537 (ctdb-common: Avoid aliasing errors during code optimization) does not affect the SAMBA+ packages.

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


In his talk at this year's sambaXP 2020 Ralph Böhme (SerNet / Samba Team) presents a "Developers guide to smbd: SMB2 packet processing".

Abstract

From the network down to the filesystem and back. This talk will give an overview on Samba's SMB2 packet processing with the goal of giving novice smbd hackers a starting point to the most important source code subsystems involved when a client sends a "create a file" request to the server.

(Slides as PDF)

About the "sambaXP 2020 Retrospective"

In this series we will present recordings of the sambaXP 2020 in the coming month. The 19th edition of the international conference on the open source software Samba took place from 26 - 28 May 2020 for the first time exclusively in digital form. Due to the changed event format and the use of an online conference platform, organizer SerNet is able to offer all talks as videos for viewing (link).


SAMBA+ 4.13.1, 4.12.9 and 4.11.15 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

The packages address the following issues:

  • CVE-2020-14383 An authenticated user can crash the DCE/RPC DNS with easily crafted records.
  • CVE-2020-14323 Unprivileged user can crash winbind.
  • CVE-2020-14318 Missing handle permissions check in SMB1/2/3 ChangeNotify.

SAMBA+ 4.13.1 is the first stable release if the 4.13 release series. Please read the 4.13.0 release notes also carefully before upgrading.

Samba 4.13 raises the minimum requirement for Python to Python 3.6. Due to this requirement SAMBA+ 4.13 is not available for Debian stretch (9) and Ubuntu xenial (16.04) for now.

SAMBA+ 4.10 has reached the end of its life and will not receive any further updates. Please update to a more recent version of SAMBA+.

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Contact us
Contact
Deutsch English Français