This is the first production release of the Samba 3.0.25 code base and is the version that servers should be run for for all current bug fixes. The 3.0.25 release is an upgrade release over the 3.0.23/3.0.24 series which means that a substantial amount of development has occurred and many new features have been added since the last Samba production release. Major features included in the 3.0.25 code base include:
Significant improvements in the winbind off-line logon support.
Support for secure DDNS updates as part of the 'net ads join' process.
Rewritten IdMap interface which allows for TTL based caching and per domain backends.
New plug-in interface for the "winbind nss info" parameter.
New file change notify subsystem which is able to make use of inotify on Linux.
Support for passing Windows security descriptors to a VFS plug-in allowing for multiple Unix ACL implements to running side by side on the Same server.
Improved compatibility with Windows Vista clients including improved read performance with Linux servers.
Man pages for IdMap and VFS plug-ins.
Security Fixes included in the Samba 3.0.25 release are:
CVE-2007-2444 (Samba 3.0.23d - 3.0.25pre2): Local SID/Name translation bug can result in user privilege elevation.
