Blog

In this sambaXP 2020 recording Martin Schwenke and Amitay Isaacs give their "CTDB Report 2020".  Martin Schwenke is an Open Source Developer at IBM (LinkedIn), Amitay Isaacs also works at IBM as Software Engineer (GitHub). Both are located in Australia and are members of the international Samba team

Abstract

The report focuses on 2 main areas: progress and plans. What is new upstream in CTDB? What do our plans look like compared to those presented in recent years? There is also the intersection of progress and plans: what useful things are sitting in development branches but are not merged?

Progress includes: Clustered Samba testing is now in Samba's test suite and autobuild, CTDB's inter-node TCP transport is now more resilient (with some pain along the way), database vacuuming has been simplified, the recovery lock has been enhanced, code is generally cleaner (largely due to csbuild showing issues) and there have been many improvements in testing.

Plans include: splitting CTDB into multiple daemons (as previously presented), a transport using datagram messaging and simple code for new developers to understand and embrace. Slides (PDF)

About the "sambaXP 2020 Retrospective"

In this series we will present recordings of the sambaXP 2020 in the coming weeks. These were selected by SerNet's "Team Samba". The 19th edition of the international conference on the open source software Samba took place from 26 - 28 May 2020 for the first time exclusively in digital form. Due to the changed event format and the use of an online conference platform, organizer SerNet is able to offer all talks as videos for viewing (link).


SAMBA+ 4.12.6 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the Samba 4.12.6 release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


In this recording of the sambaXP 2020 Tom Talpey gives the already traditional annual "SMB3 Protocol Update". Talpey (LinkedIn) is an architect at Microsoft, focusing on the SMB protocol.

Abstract

The SMB3 protocol has updated in the past year, with compression in 2019 and further updates in the Windows "20H1" Spring release. We'll review and recap the protocol since the last SambaXP, and also provide a look forward, including an update on recent developments in RDMA to enable "Push Mode" for ultra-low-latency remote access to persistent Storage Class Memory via SMB3 and SMB Direct. Slides (PDF)

About the "sambaXP 2020 Retrospective"

In this series we will present recordings of the SambaXP 2020 in the coming weeks. These were selected by SerNet's "Team Samba". The 19th edition of the international conference on the open source software Samba took place from 26 - 28 May 2020 for the first time exclusively in digital form. Due to the changed event format and the use of an online conference platform, organizer SerNet is able to offer all talks as videos for viewing (link).


SAMBA+ 4.12.5 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the Samba 4.12.5 release notes.

Additionally fixes for the following issues are included:

  • Bug 14426: log level for debug classes is ignored

  • Bug 14427: vfs_ChDir() may not set conn->cwd_fsp->fh->fd = AT_FDCWD

  • Bug 14428: PANIC: assert failed in get_lease_type()

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


SAMBA+ 4.12.4, 4.11.11 and 4.10.17 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

  • CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results.

    A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer de-reference and further combinations with the LDAP paged_results feature can give a use-after-free in Samba's AD DC LDAP server.

  • CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU.

    Compression of replies to NetBIOS over TCP/IP name resolution and DNS packets (which can be supplied as UDP requests) can be abused to consume excessive amounts of CPU on the Samba AD DC (only).

  • CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV.

    The use of the paged_results or VLV controls against the Global Catalog LDAP server on the AD DC will cause a use-after-free.

  • CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.

    The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives an empty (zero-length) UDP packet to port 137.

SAMBA+ 4.12.5 packages will be available soon.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.


Contact us
Contact
Deutsch English Français