[SCM] Samba Shared Repository - branch v4-20-test updated

Stefan Metzmacher metze at samba.org
Fri Aug 2 11:53:45 UTC 2024


The branch, v4-20-test has been updated
       via  f81fdcb2dfe VERSION: Bump version up to Samba 4.20.4...
       via  803665cb481 VERSION: Disable GIT_SNAPSHOT for the 4.20.3 release.
       via  a13bed3b9ef WHATSNEW: Add release notes for Samba 4.20.3.
      from  f8e50d04e9f libcli:security: allow spaces after BAD:

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test


- Log -----------------------------------------------------------------
commit f81fdcb2dfe15519851e046d59dc6c2d66415148
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Aug 2 13:50:36 2024 +0200

    VERSION: Bump version up to Samba 4.20.4...
    
    and re-enable GIT_SNAPSHOT.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit 803665cb481c6a897e9bdaecaccfc7a353b3683a
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Aug 2 13:49:07 2024 +0200

    VERSION: Disable GIT_SNAPSHOT for the 4.20.3 release.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

commit a13bed3b9ef7586d5fb679ab93a2bce742a580ed
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Aug 2 13:43:39 2024 +0200

    WHATSNEW: Add release notes for Samba 4.20.3.
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 VERSION      |   2 +-
 WHATSNEW.txt | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
 2 files changed, 106 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 4cb90cc5643..28e5aa22c01 100644
--- a/VERSION
+++ b/VERSION
@@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the Samba Team 1992-2024"
 ########################################################
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=20
-SAMBA_VERSION_RELEASE=3
+SAMBA_VERSION_RELEASE=4
 
 ########################################################
 # If a official release has a serious bug              #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index fb964d7a6f4..93dd250d052 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,106 @@
+                   ==============================
+                   Release Notes for Samba 4.20.3
+                           August 02, 2024
+                   ==============================
+
+
+This is the latest stable release of the Samba 4.20 release series.
+
+LDAP TLS/SASL channel binding support
+-------------------------------------
+
+The ldap server supports SASL binds with
+kerberos or NTLMSSP over TLS connections
+now (either ldaps or starttls).
+
+Setups where 'ldap server require strong auth = allow_sasl_over_tls'
+was required before, can now most likely move to the
+default of 'ldap server require strong auth = yes'.
+
+If SASL binds without correct tls channel bindings are required
+'ldap server require strong auth = allow_sasl_without_tls_channel_bindings'
+should be used now, as 'allow_sasl_over_tls' will generate a
+warning in every start of 'samba', as well as '[samba-tool ]testparm'.
+
+This is similar to LdapEnforceChannelBinding under
+HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
+on Windows.
+
+All client tools using ldaps also include the correct
+channel bindings now.
+
+smb.conf changes
+================
+
+  Parameter Name                          Description     Default
+  --------------                          -----------     -------
+  ldap server require strong auth         new values
+
+Changes since 4.20.2
+--------------------
+
+o  Andreas Schneider <asn at samba.org>
+   * BUG 15683: Running samba-bgqd a a standalone systemd service does not work.
+
+o  Andrew Bartlett <abartlet at samba.org>
+   * BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
+     Windows computer when user account need to change their own password.
+
+o  Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+   * BUG 15671: Invalid client warning about command line passwords.
+   * BUG 15672: Version string is truncated in manpages.
+   * BUG 15673: --version-* options are still not ergonomic, and they reject
+     tilde characters.
+   * BUG 15674: cmdline_burn does not always burn secrets.
+   * BUG 15685: Samba does not parse SDDL found in defaultSecurityDescriptor in
+     AD_DS_Classes_Windows_Server_v1903.ldf.
+
+o  Jo Sutton <josutton at catalyst.net.nz>
+   * BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
+     Windows computer when user account need to change their own password.
+
+o  Pavel Filipenský <pfilipensky at samba.org>
+   * BUG 15660: The images don\'t build after the git security release and
+     CentOS 8 Stream is EOL.
+
+o  Ralph Boehme <slow at samba.org>
+   * BUG 15676: Fix clock skew error message and memory cache clock skew
+     recovery.
+
+o  Stefan Metzmacher <metze at samba.org>
+   * BUG 15603: Heimdal ignores _gsskrb5_decapsulate errors in
+     init_sec_context/repl_mutual.
+   * BUG 15621: s4:ldap_server: does not support tls channel bindings
+     for sasl binds.
+
+o  Xavi Hernandez <xhernandez at redhat.com>
+   * BUG 15678: CTDB socket output queues may suffer unbounded delays under some
+     special conditions.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
                    ==============================
                    Release Notes for Samba 4.20.2
                            June 19, 2024
@@ -79,8 +182,7 @@ database (https://bugzilla.samba.org/).
 ======================================================================
 
 
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
                    ==============================
                    Release Notes for Samba 4.20.1
                             May 08, 2024
@@ -404,6 +506,7 @@ smb.conf changes
 
   Parameter Name                          Description     Default
   --------------                          -----------     -------
+  ldap server require strong auth         new values             (4.20.3)
   acl claims evaluation                   new             AD DC only
   smb3 unix extensions                    Per share       -
   smb3 share cap:ASYMMETRIC               new             no


-- 
Samba Shared Repository



More information about the samba-cvs mailing list