Gisteren is in de vorm van versie 3.0.25 een update van Samba uitgebracht. Dit programma draait op Unix-, BSD- en Linux-gebaseerde servers en is in staat om file- en/of printer-services aan Windows-clients te bieden via het zogenaamde Common Internet File System-protocol, oftewel CIFS. Uitgebreide documentatie, inclusief praktische zogenaamde HowTo's kunnen op deze pagina worden gevonden. Er is een hoop werk in versie 3.0.25 gestoken en hij bevat dan ook meer dan de gebruikelijke bugfixes. De volledige release notes zijn hier te vinden, dit zijn de meest belangrijke veranderingen:
Major features included in the 3.0.25 code base include:Security Fixes included in the Samba 3.0.25 release are:
- Significant improvements in the winbind off-line logon support.
- Support for secure DDNS updates as part of the 'net ads join' process.
- Rewritten IdMap interface which allows for TTL based caching and per domain backends.
- New plug-in interface for the "winbind nss info" parameter.
- New file change notify subsystem which is able to make use of inotify on Linux.
- Support for passing Windows security descriptors to a VFS plug-in allowing for multiple Unix ACL implements to running side by side on the Same server.
- Improved compatibility with Windows Vista clients including improved read performance with Linux servers.
- Man pages for IdMap and VFS plug-ins.
[break]
- CVE-2007-2444 (Samba 3.0.23d - 3.0.25pre2): Local SID/Name translation bug can result in user privilege elevation.
- CVE-2007-2446 (Samba 3.0.0 - 3.0.25rc3): Multiple heap overflows allow remote code execution.
- CVE-2007-2447 (Samba 3.0.0 - 3.0.25rc3): Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.
:strip_exif()/i/1214996389.gif?f=thumbmedium)
/u/24332/garfield-icon-by-negotiator.png?f=community){kind=icon}
:strip_icc():strip_exif()/u/52878/crop5ba0cf47e6a2d_cropped.jpeg?f=community){kind=small}
