Blog

SAMBA+ 4.12.2, 4.11.8 and 4.10.15 packages have just been released by SerNet. These are important security releases, please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu.

The packages address the following issues:

• CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ

  A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server.

• CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC

  A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.1 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

This is the latest stable release of the Samba 4.12 release series. Please see the release notes for more details.

With the release of Samba 4.12 the Samba 4.9 release series has upstream been marked as discontinued. 

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.0 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

This is the first stable release of the Samba 4.12 release series. Please read the release notes carefully before upgrading.

SAMBA+ now provides native systemd support. The init scripts have been removed from most packages, except RHEL 6 and SLES 11. The desired Samba start mode can still be configured in the /etc/default/sernet-samba service configuration file. The SAMBA_RESTART_ON_UPDATE parameter is ignored by the systemd services. The services will be restarted after update.

Support for multicast DNS is now enabled. Samba can announce itself in combination with the Avahi daemon. This behavior can be controlled with the "multicast dns register" smb.conf option. Samba shares which use the fruit VFS module for enhanced OS X interoperability with enabled Time Machine support will also be registered.

Samba 4.12 raises the minimum requirement for Python to Python 3.5. Due to this requirement SAMBA+ 4.12.0 does not provide the AD DC functionality for SLES12 for now.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

In a news article published by SerNet we inform about our current status regarding the COVID19 pandemic. We update the article regularly if there are any new developments. We want to keep our customers and partners informed in a transparent manner.

Volker Lendecke will give a talk on "Implementing SMB Semantics in a Linux Cluster" at Vault '20, the Linux Storage and Filesystems Conference on February 24–25, 2020, in Santa Clara, CA/USA. Lendecke is SerNet co-founder and long-time Samba Team member.

The talk is scheduled onTuesday, 2:30 pm–3:00 pm. From the abstract:

"To implement the SMB protocol, Samba has to implement semantics that are not covered by the Linux kernel API. The protocol element to mention here are the concept of share modes and leases, similar to NFSv4 share reservations and delegations. To implement those, Samba has to maintain data structures in user space and keep those consistent across cluster nodes. One of those data structures is a central table containing SMB-level information about all file open instances.

This talk will describe the semantics to be implemented, the challenges for clustered implementations of the SMB protocol and approaches by the Samba Team to make this scale well across nodes."