Blog

SAMBA+ 4.13.2, 4.12.10 and 4.11.16 packages have just been released by SerNet. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address a major issue which affects the GlusterFS VFS module:

• Bug 14486: vfs_glusterfs: Avoid data corruption with the write-behind translator.

Further issues are listed in the Samba release history:

• https://www.samba.org/samba/history/samba-4.13.2.html
• https://www.samba.org/samba/history/samba-4.12.10.html
• https://www.samba.org/samba/history/samba-4.11.16.html

Samba Bug 14537 (ctdb-common: Avoid aliasing errors during code optimization) does not affect the SAMBA+ packages.

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.8 and 4.11.14 have just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the release notes for Samba 4.12.8 and Samba 4.11.14.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.7, 4.11.13 and 4.10.18 packages have just been released by SerNet. These are important security releases addressing "ZeroLogon". Please update affected systems as soon as possible. The packages are available for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX.

The packages address the following issue:

• CVE-2020-1472 Unauthenticated domain takeover via netlogon ("ZeroLogon")
  An unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw.
  https://www.samba.org/samba/security/CVE-2020-1472.html

The new SAMBA+ 4.12.7 packages do also address the following issue:

• Bug 14399 Server RAM filling up when writing to share from macOS
  https://bugzilla.samba.org/show_bug.cgi?id=14399

The sernet-samba rpm packages are signed with SerNet's gpg build key to guarantee authenticity. If you have installed the sernet-build-key-1.4-8 key package, the verification might fail due to an rpm issue. After installing the new version sernet-build-key-1.4-9, the issue needs to be fixed manually.

If you are affected, please first remove the SerNet Samba keys from the rpm keyring with the following command:
# rpm --allmatches -e gpg-pubkey-f4428b1a
# rpm --allmatches -e gpg-pubkey-1b6d0337

Afterwards use the following command to import the key into the rpm keyring:
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-SerNet-Samba-Team-F4428B1A \
    /etc/pki/rpm-gpg/RPM-GPG-KEY-SerNet-Samba-Team-1B6D0337

SAMBA+ packages are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.6 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the Samba 4.12.6 release notes.

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.

SAMBA+ 4.12.5 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the Samba 4.12.5 release notes.

Additionally fixes for the following issues are included:

• Bug 14426: log level for debug classes is ignored

• Bug 14427: vfs_ChDir() may not set conn->cwd_fsp->fh->fd = AT_FDCWD

• Bug 14428: PANIC: assert failed in get_lease_type()

SAMBA+ packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop, detailed information and prices are listed at https://shop.samba.plus. The subscriptions are managed at our platform OPOSSO (https://oposso.samba.plus). Users can activate their subscriptions here and manage access credentials. The new SAMBA+ packages are included in existing subscriptions.