---

Samba 3.0.25 Available for Download

[ Thanks to Gerald
Carter
for this information. ]

This is the first production release of the Samba 3.0.25 code
base and is the version that servers should be run for for all
current bug fixes. The 3.0.25 release is an upgrade release over
the 3.0.23/3.0.24 series which means that a substantial amount of
development has occurred and many new features have been added
since the last Samba production release. Major features included in
the 3.0.25 code base include:

  • Significant improvements in the winbind off-line logon
    support.
  • Support for secure DDNS updates as part of the ‘net ads join’
    process.
  • Rewritten IdMap interface which allows for TTL based caching
    and per domain backends.
  • New plug-in interface for the “winbind nss info”
    parameter.
  • New file change notify subsystem which is able to make use of
    inotify on Linux.
  • Support for passing Windows security descriptors to a VFS
    plug-in allowing for multiple Unix ACL implements to running side
    by side on the Same server.
  • Improved compatibility with Windows Vista clients including
    improved read performance with Linux servers.
  • Man pages for IdMap and VFS plug-ins.

Security Fixes included in the Samba 3.0.25 release are:

  • CVE-2007-2444 (Samba 3.0.23d – 3.0.25pre2): Local SID/Name
    translation bug can result in user privilege elevation.
  • CVE-2007-2446 (Samba 3.0.0 – 3.0.25rc3): Multiple heap
    overflows allow remote code execution.
  • CVE-2007-2447 (Samba 3.0.0 – 3.0.25rc3): Unescaped user input
    parameters are passed as arguments to /bin/sh allowing for remote
    command execution.

Complete details can be found at http://www.samba.org/.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis