-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is the latest stable release of Samba; the version
that production Samba servers should be running for all
current bug-fixes. There have been several important issues
fixes since the 3.0.7 release.
Common bugs fixed in 3.0.8 include:
~ o Compile fixes for HP-UX
~ o Fixes for the printer publishing code used when joined to
~ an AD domain.
~ o Incompatibilities with file system quotas.
~ o Several bugs in the spoolss printing code and print system
~ backends.
~ o Inconsistencies in the username map functionality when
~ configured on domain member servers.
~ o Various compile warnings and errors on various platforms.
~ o Fixes for kerberos interoperability with Windows 200x
~ domains when using DES keys.
~ o Fix for CAN-2004-0930 -- smbd remote DoS vulnerability.
New features included in the 3.0.8 release are:
~ o New migration functionality added the the net tool
~ for files/directories, printers, and shares.
~ o New experimental idmap backend for assigning uids/gids
~ directly based on the user/group RID when acting as a
~ member of single domain without any trusts.
~ o Additional printer migration support for XP/2003 platforms.
Change in Winbindd Behavior
- ---------------------------
All usernames returned by winbindd are now converted to lower
case for better consistency. This means any winbind installation
relying on the winbind username will need to rename existing
directories and/or files based on the username (%u and %U) to lower
case (e.g. mv $name `echo $name | tr '[A-Z]' '[a-z]'`). This
may
include mail spool files, home directories, valid user lines in
smb.conf, etc....
Change in Username Map
- ----------------------
Previous Samba releases would only support reading the fully
qualified username (e.g. DOMAIN\user) from the username map
when performing a kerberos login from a client. However, when
looking up a map entry for a user authenticated by NTLM[SSP],
only the login name would be used for matches. This resulted
in inconsistent behavior sometimes even on the same server.
Samba 3.0.8 obeys the following rules when applying the
username map functionality:
~ * When performing local authentication, the username map is
~ applied to the login name before attempting to authenticate
~ the connection.
~ * When relying upon a external domain controller for validating
~ authentication requests, smbd will apply the username map
~ to the fully qualified username (i.e. DOMAIN\user) only
~ after the user has been successfully authenticated.
smb.conf changes
- ----------------
Parameter Name Action
-------------- ------
sendfile disabled
force printername New
The uncompressed tarball and patch file have been signed using
GnuPG. The source code and the Samba public key (ID F17F9772)
can be downloaded from:
http://download.samba.org/samba/ftp/
Binary packages are available at
http://download.samba.org/samba/ftp/Binary_Packages/
The release notes are also available on-line at
http://www.samba.org/samba/whatsnew/samba-3.0.8.html
Our Code, Our Bugs, Our Responsibility.
(https://bugzilla.samba.org/)
--Enjoy
The Samba Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBj667IR7qMdg1EfYRAvGgAJ9Xooz4hLRgnhwLw82DmVefdHmI8gCfXx+W
gbM8oMxkBOEzHyVxAPE787o=K8GJ
-----END PGP SIGNATURE-----
