Software 42837 Published by

Samba 4.14.11 has been released.



Samba 4.14.11 Available for Download

This is the latest stable release of the Samba 4.14 release series.

Gnome_shell_screenshot_rd3930

Important Notes
===============

There have been a few regressions in the security release 4.14.10:
o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html
                  PLEASE [RE-]READ!
                  The instructions have been updated and some workarounds
                  initially adviced for 4.14.10 are no longer required and
                  should be reverted in most cases.
o BUG-14902: User with multiple spaces (eg FredNurk) become              un-deletable. While this release should fix this bug, it is
             adviced to have a look at the bug report for more detailed
             information, see
https://bugzilla.samba.org/show_bug.cgi?id=14902.

Changes since 4.14.10
---------------------

o  Jeremy Allison
   * BUG 14878: Recursive directory delete with veto files is broken.    * BUG 14879: A directory containing dangling symlinks cannot be deleted by
     SMB2 alone when they are the only entry in the directory.
o  Andrew Bartlett
   * BUG 14656: Spaces incorrectly collapsed in ldb attributes.    * BUG 14694: Ensure that the LDB request has not timed out during filter
     processing as the LDAP server MaxQueryDuration is otherwise not honoured.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.
   * BUG 14902: User with multiple spaces (eg FredNurk) become un-
     deletable.

o  Ralph Boehme
   * BUG 14127: Avoid storing NTTIME_THAW (-2) as value on disk    * BUG 14922: Kerberos authentication on standalone server in MIT realm     broken.
   * BUG 14923: Segmentation fault when joining the domain.
o  Alexander Bokovoy
   * BUG 14903: Support for ROLE_IPA_DC is incomplete.

o  Stefan Metzmacher
   * BUG 14788: Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before
     smbd_smb2_ioctl_send.
   * BUG 14899: winbindd doesn't start when "allow trusted domains" is off.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.

o  Joseph Sutton
   * BUG 14694: Ensure that the LDB request has not timed out during filter
     processing as the LDAP server MaxQueryDuration is otherwise not honoured.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.

#######################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored.  All bug reports should be filed under the Samba 4.1 and newer product in the project's Bugzilla database ( https://bugzilla.samba.org/).

======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================


================

Download Details
================

The uncompressed tarballs and patch files have been signed
using GnuPG (ID AA99442FB680B620).  The source code can be downloaded from:

        https://download.samba.org/pub/samba/stable/
The release notes are available online at:

        https://www.samba.org/samba/history/samba-4.14.11.html
Our Code, Our Bugs, Our Responsibility.
( https://bugzilla.samba.org/)

                        --Enjoy
                        The Samba Team