similar to: [Announce] Samba 4.8.8 Available for Download

======================================================== "We don't see things as they are, we see them as we are." Anais Nin ======================================================== Release Announcements --------------------- This is the latest stable release of the Samba 4.9 release series. Changes since 4.9.1: -------------------- o Andrew Bartlett

======================================================== "We don't see things as they are, we see them as we are." Anais Nin ======================================================== Release Announcements --------------------- This is the latest stable release of the Samba 4.9 release series. Changes since 4.9.1: -------------------- o Andrew Bartlett

======================================================== "The whole point of getting things done is knowing what to leave undone." Oswald Chambers ======================================================== Release Announcements --------------------- Major bug fixes include: ------------------------ o dns: Fix CNAME loop prevention using counter regression (bug

======================================================== "The whole point of getting things done is knowing what to leave undone." Oswald Chambers ======================================================== Release Announcements --------------------- Major bug fixes include: ------------------------ o dns: Fix CNAME loop prevention using counter regression (bug

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD Internal DNS server) o CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT) o CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server) o CVE-2018-16852 (NULL pointer

Release Announcements --------------------- These are security releases in order to address the following defects: o CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD Internal DNS server) o CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT) o CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server) o CVE-2018-16852 (NULL pointer

Hello, My team is in search of a way to mount SMB3/CIFS shares from a Linux client with encryption enabled (and with reasonable performance). After some research, it appears that the kernel CIFS client (mount.cifs) lacks encryption support, while the Samba client library (libsmbclient) doesn't offer mount functionality. Looking at the recent commit "examples: Add smb2mount"

Hi to all, First of all, let this message serve as an introduction. Nice to be here. A while back, we updated a server that still had Samba 4.13.17 on Ubuntu 20.04 LTS. We use this server for Winbind authentication in an Active Directory domain, to retrieve the list of groups from Active Directory, and then based on those groups, authorize or deny user access via SFTP with OpenSSH. After

Release Announcements --------------------- These are a security releases in order to address the following defect: o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) ======= Details ======= o CVE-2018-16860: The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the

Release Announcements --------------------- These are a security releases in order to address the following defect: o CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum) ======= Details ======= o CVE-2018-16860: The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the

Hi, I hit the issue described in this thread https://groups.google.com/forum/#!topic/linux.samba/VfjW9Af92Wg while testing out s4u2self and s4u2proxy in a windows service, so I wanted to share my setup. So I wrote a small windows service that's running as a local system account to impersonate an user via s4u2self (using LsaLogonUser in win32 api than calling ImpersonateLoggedOnUser) and then

On 20/06/2023 19:48, Ingo Asche via samba wrote: > There was a Travis Wenks here, who has/had the same problems. > > I'm still hoping, he's reading the Samba mail list and tell me if he has > still the same problems and we maybe can ally for this. Multiple users having the same problem always help. > > Maybe the maintainers who has answered to the bug report can give

Hi Matthias, On 6/30/23 15:40, Matthias Leopold via samba wrote: > Can someone explain what is happening or where I need to tune? this is by design. :) The only reliable way (lacking S4U2SELF support) to get group membership for an AD user, is using the group list the DC passes along to us as part of the authentication process. We're trying extra hard to store this data *persistently*

After reviewing logs I found that my previous assumption was wrong. Situation: - i'm trying to start live migration from hyper-v host A (BMSRV4-HYPERV) to hyper-v host B (BM-SRV-5) from host B (logged in as user from DOMAIN ADMINS group). Kerberos constrained delegation is set in accordnance to microsoft instructions with proper SPN's set (well, proper as in with the workaround I

Rowland Penny via samba schrieb am 20.06.2023 um 21:01: > Try adding to the bug report. Would that be ok even it's happening on a Synology? Just don't want to mess around. > I don't think that it is their fault, but we will never know, I don't > think we will ever see what modifications they have made to the Samba > code. However, you do not seem to get the problem

Am 21.12.18 um 16:47 schrieb Peter Eriksson via samba: >> What is "Unable to initialize messaging context"? >> >> I see a patch back in July, related to "Fix bug 13465", >> https://lists.samba.org/archive/samba-technical/2018-July/129186.html but it >> is unclear why the message is still being issued? > > Because that patch for bug 13465

On 20/06/2023 20:16, Ingo Asche via samba wrote: > Rowland Penny via samba schrieb am 20.06.2023 um 21:01: > >> Try adding to the bug report. > Would that be ok even it's happening on a Synology? Just don't want to > mess around. I personally can see no reason not to, at worst your information will be ignored, at best you may provide the information to get the bug

Release Announcements --------------------- These are a security release in order to address the following defects: o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server (dnsserver). o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition on Samba AD DC. ======= Details ======= o CVE-2019-14861: An authenticated user

Release Announcements --------------------- These are a security release in order to address the following defects: o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS management server (dnsserver). o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition on Samba AD DC. ======= Details ======= o CVE-2019-14861: An authenticated user

Release Announcements --------------------- This is the latest stable release of the Samba 4.19 release series. Changes since 4.19.1 -------------------- o? Jeremy Allison <jra at samba.org> ?? * BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown ???? after failed IPC FSCTL_PIPE_TRANSCEIVE. ?? * BUG 15426: clidfs.c do_connect() missing a "return" after a