Linux Today: Linux News On Internet Time.

More on LinuxToday

Samba 3.0.25 Available for Download

May 14, 2007, 18:00 (1 Talkback[s])


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

[ Thanks to Gerald Carter for this information. ]

This is the first production release of the Samba 3.0.25 code base and is the version that servers should be run for for all current bug fixes. The 3.0.25 release is an upgrade release over the 3.0.23/3.0.24 series which means that a substantial amount of development has occurred and many new features have been added since the last Samba production release. Major features included in the 3.0.25 code base include:

  • Significant improvements in the winbind off-line logon support.
  • Support for secure DDNS updates as part of the 'net ads join' process.
  • Rewritten IdMap interface which allows for TTL based caching and per domain backends.
  • New plug-in interface for the "winbind nss info" parameter.
  • New file change notify subsystem which is able to make use of inotify on Linux.
  • Support for passing Windows security descriptors to a VFS plug-in allowing for multiple Unix ACL implements to running side by side on the Same server.
  • Improved compatibility with Windows Vista clients including improved read performance with Linux servers.
  • Man pages for IdMap and VFS plug-ins.

Security Fixes included in the Samba 3.0.25 release are:

  • CVE-2007-2444 (Samba 3.0.23d - 3.0.25pre2): Local SID/Name translation bug can result in user privilege elevation.
  • CVE-2007-2446 (Samba 3.0.0 - 3.0.25rc3): Multiple heap overflows allow remote code execution.
  • CVE-2007-2447 (Samba 3.0.0 - 3.0.25rc3): Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.
Complete details can be found at http://www.samba.org/.