Blog

SAMBA+ 4.20.2 and updates for 4.19.7 have just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux,
Ubuntu and AIX are available now.

The 4.20.2 packages address several issues, which are listed in the according release notes.

The updates for the 4.19.7 packages address:

• Bug 13019 - Dynamic DNS updates with the internal DNS are not working
• Bug 15664 - Panic in vfs_offload_token_db_fetch_fsp()

SAMBA+ packages are available as software subscriptions. Purchase them in the SAMBA+ US shop (currency: USD) or the SAMBA+ world shop (currency: EUR). Existing subscriptions include the new SAMBA+ packages.

For more detailed information and pricing, please visit the shops. For further inquiries please use the contact sheet.

Start planing your journey ahead: SerNet is excited to announce that sambaXP 2025 will take place on April 9th and 10th on-site in Göttingen, Germany once again. This annual event promises to bring together Samba enthusiasts and experts for an interesting and enjoyable two-day conference.

For those eager to contribute to the conference, now is a great time to start thinking about topics for talks. The call for papers will open shortly, and we invite innovative and engaging submissions. If you have ideas, questions, or any issues related to your participation, please do not hesitate to reach out to the Local Organizing Committee. We are ready to assist and make your Samba eXPerience as smooth as possible.

For updates on ticketing, and other event details, be sure to visit sambaxp.org. To get into the Samba spirit ahead of sambaXP 2025, check out the recordings from the 2024 conference available on YouTube. The sessions are a great way to gain insights and inspiration.

We look forward to welcoming you to an engaging and fruitful sambaXP 2025 in Göttingen!

The new SAMBA+ version 4.19.7 has been released. Packages are now available for various SUSE and Red Hat platforms, as well as for Debian GNU/Linux and Ubuntu. A version for AIX will be available soon.

This update addresses several issues, which are detailed in the release notes.

SAMBA+ packages can be obtained through software subscriptions available for purchase in the SAMBA+ US shop (currency: USD) or the SAMBA+ world shop (currency: EUR). Existing subscriptions include the new SAMBA+ packages.

For more detailed information and pricing, please visit the shops. For further inquiries please use the contact sheet.

Stay up to date and take advantage of the improvements in the latest SAMBA+ version.

SAMBA+ AIX 4.20.1 is the first SAMBA+ package to include Software Bills of Materials (SBOM files). With this, SAMBA+ AIX is all set for the upcoming Cyber Resilience Act (CRA). The formats CycloneDX, SPDX and SWID tags are supplied. The SBOM is also in progress for the standard SAMBA+ packages - the SerNet Samba team will follow suit with this shortly.

The CRA is a regulatory initiative of the European Union that aims to increase the cyber resilience of digital products. An SBOM, which lists all software components, libraries and dependencies, is a tool to fulfill the security and transparency requirements of the CRA. With this step, SerNet is already proactively preparing to comply with the CRA.

Would you like to talk to us about how SerNet is further developing the SAMBA+ packages and supporting the Samba project? Write us an e-mail or give us a call!

Although once again online, sambaXP 2024 from April 16-18 was a great event to bring people from all over the world together: Samba developers, users and enthusiasts shared their insights and engaged in constructive discussions despite major time zone differences. A heartfelt thanks to our sponsors—Google, Microsoft, and SerNet—for their continued support, making this event possible.

A total of 20 presentations are now available in the sambaXP 2024 playlist on YouTube and offer material for many hours of exploring the world of Samba. From the Samba team at SerNet, the presentation by Stefan Metzmacher on the SMB Witness Protocol is particularly recommended. In addition, Volker Lendecke compared SMB and NFS, Ralph Böhme dealt with SoS - Scale Out Samba, the comeback of Ceph. Microsoft's special Interoperability Track also provided insights into the development of the SMB protocol.

In his Welcome Note, Jeremy Allison, Chairman of sambaXP, discussed the XZ Utils backdoor and the lessons to be learned from it, for open source projects in general and Samba in particular. Allison: "The data that Samba protects is some of the most valuable data in the world. I'm talking about Samba as an Active Directory domain controller, which essentially contains the crown jewels of an organization. It contains the authentication and passwords of all the users that are in that domain." In light of the XZ-incident, Allison suggested a renewed focus on security protocols within the Samba community. He advocated increased alertness in code review and called for close vetting of contributions, especially from new or lesser-known authors. The existing practice of requiring every code submission to be reviewed by two engineers was highlighted as a crucial safeguard, although he acknowledged the challenges posed by the sheer volume of submissions and the potential for oversight. And, as he noted, "procedures alone cannot protect us from social engineering".

The welcome also served as a call to action for the wider open source community to seek support, "If money helps solve the problem, then we should ask for it." He emphasized the need to look for funding opportunities for critical open source projects – which also applies to Samba.

The sambaXP 2025 is already on the drawing board. Stay up to date on future events and important developments at sambaxp.org.