| Description: | Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and other information.
The samba packages have been upgraded to upstream version 4.2.3, which provides a number of bug fixes and enhancements over the previous version. Most notably, the "wbinfo -u" and "wbinfo -g" commands now only enumerate the users in their own domain by default. To enumerate all users on all trusted domains, run the "wbinfo --domain='*' -u" or "wbinfo --domain='*' -g" command. (BZ#1196140)
This update also fixes the following bugs:
Accessing a printer published in Active Directory (AD) failed with error messages. Now, if Samba fails to find the printer in the Samba registry, it obtains the globally unique identifier (GUID) of the printer from AD and stores it in the registry. The printers work as expected. (BZ#1167325)
When running Samba without the winbindd service, authentication with user name and password sometimes failed. Now, it is possible to run Samba without winbindd, although it is not recommended. (BZ#1202347)
In long-running SMB sessions, re-authenticating sometimes caused the SMB server to terminate unexpectedly. Now, the server no longer crashes during the SMB session setup. Users can re-authenticate and then use the SMB file server as expected. (BZ#1223981)
The windbindd service terminated unexpectedly with a segmentation fault when the alternative domain name was not defined and Winbind was offline. This update defines the values for the alternative domain name as well as certain other settings that were previously not set. Windbind now works as expected in offline mode. (BZ#1225719)
Samba displayed the STATUS_ACCES_DENIED message when the client tried to reconnect after the session expired because of an invalid signing check. Samba now correctly verifies whether signing is required in this situation. Samba no longer displays the message, and the user is allowed to reconnect. (BZ#1228809)
The dfree utility sometimes reported an incorrect amount of free space on a Samba share. Now, the smbd service no longer ignores the block size of dfree, thus fixing the calculation of available space. The dfree utility correctly reports the available space on a Samba share. (BZ#1238194)
The "net ads keytab create" command sometimes terminated unexpectedly with a segmentation fault. Samba has been modified to initialize certain internal structures and free the cursor iterating the keytab. Now, "net ads keytab" no longer crashes. (BZ#1246166)
The users were sometimes unable to access a Samba share that specified identical values for the force user and force group when the "winbind use default domain = yes" setting was used. With this update, the users can access a Samba share in the described situation as expected. (BZ#1253193)
When the "map to guest = bad uid" setting was used, the user was sometimes denied permission to access a share as a guest user. Samba now handles "map to guest = bad uid" as expected, allowing users to access shares as guest users if they are not authenticated. (BZ#1255322)
The Samba files server terminated unexpectedly when the "mangling method = hash" setting was used in the smb.conf file. Samba now fully initializes the hash module, preventing the file server from accessing invalid data structures, and no longer crashes in this situation. (BZ#1255326)
When the user shared an XFS file system with disk quota, Samba displayed incorrect volume size on the client. With this update, Samba correctly displays the disk quota value as the volume size. (BZ#1258293)
Users of samba are advised to upgrade to these updated packages, which fix these bugs and add these enhancements. After installing this update, the smb service will be restarted automatically.
|