The branch, master has been updated
via 60bc596 Add Samba 4.13.0.
via 2bf27f2 NEWS[4.13.0]: Samba 4.13.0 Available for Download
from a537429 Add release notes for Samba 4.10.18 and 4.11.13.
https://git.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 60bc5961f91083f5520db66fe25c0796552de9ea
Author: Karolin Seeger <ksee...@samba.org>
Date: Tue Sep 22 15:52:35 2020 +0200
Add Samba 4.13.0.
Signed-off-by: Karolin Seeger <ksee...@samba.org>
commit 2bf27f2649f2361d94b939c4fc7f21935f95a46d
Author: Karolin Seeger <ksee...@samba.org>
Date: Tue Sep 22 15:44:44 2020 +0200
NEWS[4.13.0]: Samba 4.13.0 Available for Download
Signed-off-by: Karolin Seeger <ksee...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
history/header_history.html | 1 +
history/samba-4.13.0.html | 224 +++++++++++++++++++++++
posted_news/20200922-135123.4.13.0.body.html | 12 ++
posted_news/20200922-135123.4.13.0.headline.html | 3 +
4 files changed, 240 insertions(+)
create mode 100644 history/samba-4.13.0.html
create mode 100644 posted_news/20200922-135123.4.13.0.body.html
create mode 100644 posted_news/20200922-135123.4.13.0.headline.html
Changeset truncated at 500 lines:
diff --git a/history/header_history.html b/history/header_history.html
index ace0b76..8a2ebaa 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -9,6 +9,7 @@
<li><a href="/samba/history/">Release Notes</a>
<li class="navSub">
<ul>
+ <li><a href="samba-4.13.0.html">samba-4.13.0</a></li>
<li><a href="samba-4.12.7.html">samba-4.12.7</a></li>
<li><a href="samba-4.12.6.html">samba-4.12.6</a></li>
<li><a href="samba-4.12.5.html">samba-4.12.5</a></li>
diff --git a/history/samba-4.13.0.html b/history/samba-4.13.0.html
new file mode 100644
index 0000000..69bc78c
--- /dev/null
+++ b/history/samba-4.13.0.html
@@ -0,0 +1,224 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<head>
+<title>Samba 4.13.0 - Release Notes</title>
+</head>
+<body>
+<H2>Samba 4.13.0 Available for Download</H2>
+<p>
+<a
href="https://download.samba.org/pub/samba/stable/samba-4.13.0.tar.gz";>Samba
4.13.0 (gzipped)</a><br>
+<a
href="https://download.samba.org/pub/samba/stable/samba-4.13.0.tar.asc";>Signature</a>
+</p>
+<p>
+<pre>
+ ==============================
+ Release Notes for Samba 4.13.0
+ September 22, 2020
+ ==============================
+
+
+This is the first stable release of the Samba 4.13 release series.
+Please read the release notes carefully before upgrading.
+
+
+ZeroLogon
+=========
+
+Please avoid to set "server schannel = no" and "server
schannel= auto" on all
+Samba domain controllers due to the wellknown ZeroLogon issue.
+
+For details please see
+https://www.samba.org/samba/security/CVE-2020-1472.html.
+
+
+NEW FEATURES/CHANGES
+====================
+
+Python 3.6 or later required
+----------------------------
+
+Samba's minimum runtime requirement for python was raised to Python
+3.5 with samba 4.12. Samba 4.13 raises this minimum version to Python
+3.6 both to access new features and because this is the oldest version
+we test with in our CI infrastructure.
+
+This is also the last release where it will be possible to build Samba
+(just the file server) with Python versions 2.6 and 2.7.
+
+As Python 2.7 has been End Of Life upstream since April 2020, Samba
+is dropping ALL Python 2.x support in the NEXT release.
+
+Samba 4.14 to be released in March 2021 will require Python 3.6 or
+later to build.
+
+wide links functionality
+------------------------
+
+For this release, the code implementing the insecure "wide links =
yes"
+functionality has been moved out of the core smbd code and into a separate
+VFS module, vfs_widelinks. Currently this vfs module is implicitly loaded
+by smbd as the last but one module before vfs_default if "wide links =
yes"
+is enabled on the share (note, the existing restrictions on enabling wide
+links around the SMB1 "unix extensions" and the "allow insecure
wide links"
+parameters are still in force). The implicit loading was done to allow
+existing users of "wide links = yes" to keep this functionality
without
+having to make a change to existing working smb.conf files.
+
+Please note that the Samba developers recommend changing any Samba
+installations that currently use "wide links = yes" to use bind
mounts
+as soon as possible, as "wide links = yes" is an inherently insecure
+configuration which we would like to remove from Samba. Moving the
+feature into a VFS module allows this to be done in a cleaner way
+in future.
+
+A future release to be determined will remove this implicit linkage,
+causing administrators who need this functionality to have to explicitly
+add the vfs_widelinks module into the "vfs objects =" parameter
lists.
+The release notes will be updated to note this change when it occurs.
+
+NT4-like 'classic' Samba domain controllers
+-------------------------------------------
+
+Samba 4.13 deprecates Samba's original domain controller mode.
+
+Sites using Samba as a Domain Controller should upgrade from the
+NT4-like 'classic' Domain Controller to a Samba Active Directory DC
+to ensure full operation with modern windows clients.
+
+SMBv1 only protocol options deprecated
+--------------------------------------
+
+A number of smb.conf parameters for less-secure authentication methods
+which are only possible over SMBv1 are deprecated in this release.
+
+
+REMOVED FEATURES
+================
+
+The deprecated "ldap ssl ads" smb.conf option has been removed.
+
+The deprecated "server schannel" smb.conf option will very likely
+removed in the final 4.13.0 release.
+
+
+smb.conf changes
+================
+
+ Parameter Name Description Default
+ -------------- ----------- -------
+ ldap ssl ads Removed
+ smb2 disable lock sequence checking Added No
+ smb2 disable oplock break retry Added No
+ domain logons Deprecated no
+ raw NTLMv2 auth Deprecated no
+ client plaintext auth Deprecated no
+ client NTLMv2 auth Deprecated yes
+ client lanman auth Deprecated no
+ client use spnego Deprecated yes
+ server schannel To be removed in 4.13.0
+ server require schannel:COMPUTER Added
+
+
+CHANGES SINCE 4.13.0rc5
+=======================
+
+o Jeremy Allison <j...@samba.org>
+ * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Protect
+ netr_ServerPasswordSet2 against unencrypted passwords.
+
+o Günther Deschner <g...@samba.org>
+ * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Support
+ "server require schannel:WORKSTATION$ = no" about unsecure
configurations.
+
+o Gary Lockyer <g...@catalyst.net.nz>
+ * BUG 14497: CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in
+ client challenge.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14497: CVE-2020-1472(ZeroLogon): libcli/auth: Reject weak client
+ challenges in netlogon_creds_server_init()
+ "server require schannel:WORKSTATION$ = no".
+
+
+CHANGES SINCE 4.13.0rc4
+=======================
+
+o Andreas Schneider <a...@samba.org>
+ * BUG 14399: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS >
+ 3.6.14.
+ * BUG 14467: s3:smbd: Fix %U substitutions if it contains a domain name.
+ * BUG 14479: The created krb5.conf for 'net ads join'
doesn't have a domain
+ entry.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14482: Fix build problem if libbsd-dev is not installed.
+
+
+CHANGES SINCE 4.13.0rc3
+=======================
+
+o David Disseldorp <dd...@samba.org>
+ * BUG 14437: build: Toggle vfs_snapper using
"--with-shared-modules".
+
+o Volker Lendecke <v...@samba.org>
+ * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
+ response.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14428: PANIC: Assert failed in get_lease_type().
+ * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
+ response.
+
+
+CHANGES SINCE 4.13.0rc2
+=======================
+
+o Andrew Bartlett <abart...@samba.org>
+ * BUG 14460: Deprecate domain logons, SMBv1 things.
+
+o Günther Deschner <g...@samba.org>
+ * BUG 14318: docs: Add missing winexe manpage.
+
+o Christof Schmitt <c...@samba.org>
+ * BUG 14166: util: Allow symlinks in directory_create_or_exist.
+
+o Martin Schwenke <mar...@meltin.net>
+ * BUG 14466: ctdb disable/enable can fail due to race condition.
+
+
+CHANGES SINCE 4.13.0rc1
+=======================
+
+o Andrew Bartlett <abart...@samba.org>
+ * BUG 14450: dbcheck: Allow a dangling forward link outside our known NCs.
+
+o Isaac Boukris <ibouk...@gmail.com>
+ * BUG 14462: Remove deprecated "ldap ssl ads" smb.conf option.
+
+o Volker Lendecke <v...@samba.org>
+ * BUG 14435: winbind: Fix lookuprids cache problem.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14354: kdc:db-glue: Ignore KRB5_PROG_ETYPE_NOSUPP also for
+ Primary:Kerberos.
+
+o Andreas Schneider <a...@samba.org>
+ * BUG 14358: docs: Fix documentation for require_membership_of of
+ pam_winbind.conf.
+
+o Martin Schwenke <mar...@meltin.net>
+ * BUG 14444: ctdb-scripts: Use nfsconf as a last resort get nfsd thread
+ count.
+
+
+KNOWN ISSUES
+============
+
+https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.13#Release_blocking_bugs
+
+
+</pre>
+</p>
+</body>
+</html>
diff --git a/posted_news/20200922-135123.4.13.0.body.html
b/posted_news/20200922-135123.4.13.0.body.html
new file mode 100644
index 0000000..fff1ed1
--- /dev/null
+++ b/posted_news/20200922-135123.4.13.0.body.html
@@ -0,0 +1,12 @@
+<!-- BEGIN: posted_news/20200922-135123.4.13.0.body.html -->
+<h5><a name="4.13.0">22 September 2020</a></h5>
+<p class=headline>Samba 4.13.0 Available for Download</p>
+<p>
+This is the latest stable release of the Samba 4.13 release series.
+</p>
+<p>
+The uncompressed tarball has been signed using GnuPG (ID 6F33915B6568B7EA).
+The source code can be <a
href="https://download.samba.org/pub/samba/stable/samba-4.13.0.tar.gz";>downloaded
now</a>.
+See <a href="https://www.samba.org/samba/history/samba-4.13.0.html";>the
release notes for more info</a>.
+</p>
+<!-- END: posted_news/20200922-135123.4.13.0.body.html -->
diff --git a/posted_news/20200922-135123.4.13.0.headline.html
b/posted_news/20200922-135123.4.13.0.headline.html
new file mode 100644
index 0000000..417e416
--- /dev/null
+++ b/posted_news/20200922-135123.4.13.0.headline.html
@@ -0,0 +1,3 @@
+<!-- BEGIN: posted_news/20200922-135123.4.13.0.headline.html -->
+<li> 22 September 2020 <a href="#4.13.0">Samba 4.13.0 Available for
Download</a></li>
+<!-- END: posted_news/20200922-135123.4.13.0.headline.html -->
--
Samba Website Repository
