[SCM] Samba Shared Repository - branch v4-20-test updated
Stefan Metzmacher
metze at samba.org
Fri Aug 2 11:53:45 UTC 2024
The branch, v4-20-test has been updated
via f81fdcb2dfe VERSION: Bump version up to Samba 4.20.4...
via 803665cb481 VERSION: Disable GIT_SNAPSHOT for the 4.20.3 release.
via a13bed3b9ef WHATSNEW: Add release notes for Samba 4.20.3.
from f8e50d04e9f libcli:security: allow spaces after BAD:
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test
- Log -----------------------------------------------------------------
commit f81fdcb2dfe15519851e046d59dc6c2d66415148
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Aug 2 13:50:36 2024 +0200
VERSION: Bump version up to Samba 4.20.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 803665cb481c6a897e9bdaecaccfc7a353b3683a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Aug 2 13:49:07 2024 +0200
VERSION: Disable GIT_SNAPSHOT for the 4.20.3 release.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit a13bed3b9ef7586d5fb679ab93a2bce742a580ed
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Aug 2 13:43:39 2024 +0200
WHATSNEW: Add release notes for Samba 4.20.3.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 106 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 4cb90cc5643..28e5aa22c01 100644
--- a/VERSION
+++ b/VERSION
@@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the Samba Team 1992-2024"
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=20
-SAMBA_VERSION_RELEASE=3
+SAMBA_VERSION_RELEASE=4
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index fb964d7a6f4..93dd250d052 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,106 @@
+ ==============================
+ Release Notes for Samba 4.20.3
+ August 02, 2024
+ ==============================
+
+
+This is the latest stable release of the Samba 4.20 release series.
+
+LDAP TLS/SASL channel binding support
+-------------------------------------
+
+The ldap server supports SASL binds with
+kerberos or NTLMSSP over TLS connections
+now (either ldaps or starttls).
+
+Setups where 'ldap server require strong auth = allow_sasl_over_tls'
+was required before, can now most likely move to the
+default of 'ldap server require strong auth = yes'.
+
+If SASL binds without correct tls channel bindings are required
+'ldap server require strong auth = allow_sasl_without_tls_channel_bindings'
+should be used now, as 'allow_sasl_over_tls' will generate a
+warning in every start of 'samba', as well as '[samba-tool ]testparm'.
+
+This is similar to LdapEnforceChannelBinding under
+HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
+on Windows.
+
+All client tools using ldaps also include the correct
+channel bindings now.
+
+smb.conf changes
+================
+
+ Parameter Name Description Default
+ -------------- ----------- -------
+ ldap server require strong auth new values
+
+Changes since 4.20.2
+--------------------
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 15683: Running samba-bgqd a a standalone systemd service does not work.
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
+ Windows computer when user account need to change their own password.
+
+o Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+ * BUG 15671: Invalid client warning about command line passwords.
+ * BUG 15672: Version string is truncated in manpages.
+ * BUG 15673: --version-* options are still not ergonomic, and they reject
+ tilde characters.
+ * BUG 15674: cmdline_burn does not always burn secrets.
+ * BUG 15685: Samba does not parse SDDL found in defaultSecurityDescriptor in
+ AD_DS_Classes_Windows_Server_v1903.ldf.
+
+o Jo Sutton <josutton at catalyst.net.nz>
+ * BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
+ Windows computer when user account need to change their own password.
+
+o Pavel Filipenský <pfilipensky at samba.org>
+ * BUG 15660: The images don\'t build after the git security release and
+ CentOS 8 Stream is EOL.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 15676: Fix clock skew error message and memory cache clock skew
+ recovery.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 15603: Heimdal ignores _gsskrb5_decapsulate errors in
+ init_sec_context/repl_mutual.
+ * BUG 15621: s4:ldap_server: does not support tls channel bindings
+ for sasl binds.
+
+o Xavi Hernandez <xhernandez at redhat.com>
+ * BUG 15678: CTDB socket output queues may suffer unbounded delays under some
+ special conditions.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
==============================
Release Notes for Samba 4.20.2
June 19, 2024
@@ -79,8 +182,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.1
May 08, 2024
@@ -404,6 +506,7 @@ smb.conf changes
Parameter Name Description Default
-------------- ----------- -------
+ ldap server require strong auth new values (4.20.3)
acl claims evaluation new AD DC only
smb3 unix extensions Per share -
smb3 share cap:ASYMMETRIC new no
--
Samba Shared Repository
More information about the samba-cvs
mailing list