Blog

SAMBA+ AIX 4.20.1 is the first SAMBA+ package to include Software Bills of Materials (SBOM files). With this, SAMBA+ AIX is all set for the upcoming Cyber Resilience Act (CRA). The formats CycloneDX, SPDX and SWID tags are supplied. The SBOM is also in progress for the standard SAMBA+ packages - the SerNet Samba team will follow suit with this shortly.

The CRA is a regulatory initiative of the European Union that aims to increase the cyber resilience of digital products. An SBOM, which lists all software components, libraries and dependencies, is a tool to fulfill the security and transparency requirements of the CRA. With this step, SerNet is already proactively preparing to comply with the CRA.

Would you like to talk to us about how SerNet is further developing the SAMBA+ packages and supporting the Samba project? Write us an e-mail or give us a call!


sambaXP welcome screen

Although once again online, sambaXP 2024 from April 16-18 was a great event to bring people from all over the world together: Samba developers, users and enthusiasts shared their insights and engaged in constructive discussions despite major time zone differences. A heartfelt thanks to our sponsors—Google, Microsoft, and SerNet—for their continued support, making this event possible.

A total of 20 presentations are now available in the sambaXP 2024 playlist on YouTube and offer material for many hours of exploring the world of Samba. From the Samba team at SerNet, the presentation by Stefan Metzmacher on the SMB Witness Protocol is particularly recommended. In addition, Volker Lendecke compared SMB and NFS, Ralph Böhme dealt with SoS - Scale Out Samba, the comeback of Ceph. Microsoft's special Interoperability Track also provided insights into the development of the SMB protocol.

In his Welcome Note, Jeremy Allison, Chairman of sambaXP, discussed the XZ Utils backdoor and the lessons to be learned from it, for open source projects in general and Samba in particular. Allison: "The data that Samba protects is some of the most valuable data in the world. I'm talking about Samba as an Active Directory domain controller, which essentially contains the crown jewels of an organization. It contains the authentication and passwords of all the users that are in that domain." In light of the XZ-incident, Allison suggested a renewed focus on security protocols within the Samba community. He advocated increased alertness in code review and called for close vetting of contributions, especially from new or lesser-known authors. The existing practice of requiring every code submission to be reviewed by two engineers was highlighted as a crucial safeguard, although he acknowledged the challenges posed by the sheer volume of submissions and the potential for oversight. And, as he noted, "procedures alone cannot protect us from social engineering".

The welcome also served as a call to action for the wider open source community to seek support, "If money helps solve the problem, then we should ask for it." He emphasized the need to look for funding opportunities for critical open source projects – which also applies to Samba.

The sambaXP 2025 is already on the drawing board. Stay up to date on future events and important developments at sambaxp.org.


SAMBA+ 4.20.1 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:

https://www.samba.org/samba/history/samba-4.20.1.html

SAMBA+ packages are offered by SerNet as software subscriptions. Subscriptions are available for purchase in our SAMBA+ shop, with detailed information and pricing listed in both USD and EUR:

Existing subscriptions include the SAMBA+ 4.20.1 packages.

Get in touch with us! If you would like more information or have any questions about SAMBA+ 4.20.1, simply contact us. Our team will be happy to assist you and make sure you get the most out of SAMBA+.


SerNet will be participating in the Common Europe Congress, set to take place from June 3 to June 6, 2024, in Milan, Italy. The conference is dedicated to IBM Power, IBM i, AIX, and Linux on Power solutions, attracting industry professionals and enthusiasts from around the globe.

At SerNet, we are excited to showcase SAMBA+ and especially SAMBA+ AIX, which offers cutting-edge solutions tailored for these platforms. 

Are you looking to deepen your understanding of Samba solutions or interested in exploring joint development opportunities? Our expert team will be on site throughout the congress. We invite you to pre-schedule a meeting with our sales team to discuss how our services can help optimize your business operations.

For appointments, please reach out to us at contact@remove-this.samba.plus. We look forward to engaging with fellow professionals, sharing insights, and exploring potential collaborations.


SerNet announces the launch of SAMBA+ 4.20.0. This is the latest stable release series of Samba for Enterprise Linux. Available immediately for a variety of platforms including SUSE, Red Hat, Debian GNU/Linux, Ubuntu, and for AIX. This release introduces multiple enhancements for up-to-date enterprise environments.

Standing out is the new Service Witness Protocol [MS-SWN], developed by Stefan Metzmacher from SerNet. This enhances the stability and monitoring capabilities within clustered environments. This protocol is essential for enterprises using high-availability solutions, allowing clients to monitor their SMB connections more effectively across cluster nodes. This development ensures that SAMBA+ remains at the forefront of networked system resilience, providing scalable solutions for large-scale deployments.

Additionally, the release of SAMBA+ 4.20 transitions previous series into different support phases: Samba 4.19 enters maintenance mode, Samba 4.18 shifts to security fixes only, and updates for Samba 4.17 will be discontinued. Users are encouraged to upgrade to the latest version to take advantage of the new features and improved security protocols.

For existing SAMBA+ subscribers, the new release is included in your current subscription. New customers can obtain SAMBA+ through a software subscription available at our online shops (USD Pricing: US SAMBA+ Shop, EUR Pricing: World SAMBA+ Shop). All details about subscription options and pricing are listed there.

As enterprises increasingly rely on robust, secure, and scalable solutions, SAMBA+ 4.20.0 represents a step forward. We invite all users to read the detailed release notes to ensure a smooth transition and to leverage the full capabilities of this release.

Please make sure to test thoroughly before upgrading. For further assistance, upgrade paths, and deployment strategies, please consult our SAMBA+ HowTo collection or contact our support team directly through our website.

Useful Links:


Contact us
Contact
Deutsch English Français