-
Notifications
You must be signed in to change notification settings - Fork 8
/
WHATSNEW.txt
720 lines (526 loc) · 26.7 KB
/
WHATSNEW.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
==============================
Release Notes for Samba 4.20.5
September 17, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
Changes since 4.20.4
--------------------
o Ralph Boehme <[email protected]>
* BUG 15695: "inherit permissions = yes" triggers assert() in vfs_default
when creating a stream.
o David Disseldorp <[email protected]>
* BUG 15699: Incorrect FSCTL_QUERY_ALLOCATED_RANGES response when truncated.
o Pavel Filipenský <[email protected]>
* BUG 15698: samba-tool can not load the default configuration file.
o Stefan Metzmacher <[email protected]>
* BUG 15696: Compound SMB2 requests don't return
NT_STATUS_NETWORK_SESSION_EXPIRED for all requests, confuses
MacOSX clients.
o Anoop C S <[email protected]>
* BUG 15686: Add new vfs_ceph module (based on low level API).
o Shachar Sharon <[email protected]>
* BUG 15686: Add new vfs_ceph module (based on low level API).
* BUG 15700: Crash when readlinkat fails.
o Jones Syue <[email protected]>
* BUG 15677: ntlm_auth make logs more consistent with length check.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
Release notes for older releases follow:
----------------------------------------
==============================
Release Notes for Samba 4.20.4
August 06, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
Changes since 4.20.3
--------------------
This only fixes a regression in library version strings in Samba
4.20.3, see: https://bugzilla.samba.org/show_bug.cgi?id=15673
If you compiled Samba from the sources and don't have other
applications relying on Samba's public libraries, there's
no reason to upgrade from 4.20.3 to 4.20.4.
o Andreas Schneider <[email protected]>
* BUG 15673: --version-* options are still not ergonomic, and they reject
tilde characters.
o Stefan Metzmacher <[email protected]>
* BUG 15673: --version-* options are still not ergonomic, and they reject
tilde characters.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.3
August 02, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
LDAP TLS/SASL channel binding support
-------------------------------------
The ldap server supports SASL binds with
kerberos or NTLMSSP over TLS connections
now (either ldaps or starttls).
Setups where 'ldap server require strong auth = allow_sasl_over_tls'
was required before, can now most likely move to the
default of 'ldap server require strong auth = yes'.
If SASL binds without correct tls channel bindings are required
'ldap server require strong auth = allow_sasl_without_tls_channel_bindings'
should be used now, as 'allow_sasl_over_tls' will generate a
warning in every start of 'samba', as well as '[samba-tool ]testparm'.
This is similar to LdapEnforceChannelBinding under
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
on Windows.
All client tools using ldaps also include the correct
channel bindings now.
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
ldap server require strong auth new values
Changes since 4.20.2
--------------------
o Andreas Schneider <[email protected]>
* BUG 15683: Running samba-bgqd a a standalone systemd service does not work.
o Andrew Bartlett <[email protected]>
* BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
Windows computer when user account need to change their own password.
o Douglas Bagnall <[email protected]>
* BUG 15671: Invalid client warning about command line passwords.
* BUG 15672: Version string is truncated in manpages.
* BUG 15673: --version-* options are still not ergonomic, and they reject
tilde characters.
* BUG 15674: cmdline_burn does not always burn secrets.
* BUG 15685: Samba does not parse SDDL found in defaultSecurityDescriptor in
AD_DS_Classes_Windows_Server_v1903.ldf.
o Jo Sutton <[email protected]>
* BUG 15655: When claims enabled with heimdal kerberos, unable to log on to a
Windows computer when user account need to change their own password.
o Pavel Filipenský <[email protected]>
* BUG 15660: The images don\'t build after the git security release and
CentOS 8 Stream is EOL.
o Ralph Boehme <[email protected]>
* BUG 15676: Fix clock skew error message and memory cache clock skew
recovery.
o Stefan Metzmacher <[email protected]>
* BUG 15603: Heimdal ignores _gsskrb5_decapsulate errors in
init_sec_context/repl_mutual.
* BUG 15621: s4:ldap_server: does not support tls channel bindings
for sasl binds.
o Xavi Hernandez <[email protected]>
* BUG 15678: CTDB socket output queues may suffer unbounded delays under some
special conditions.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.2
June 19, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
Changes since 4.20.1
--------------------
o Jeremy Allison <[email protected]>
* BUG 15662: vfs_widelinks with DFS shares breaks case insensitivity.
o Douglas Bagnall <[email protected]>
* BUG 13213: Samba build is not reproducible.
* BUG 15569: ldb qsort might r/w out of bounds with an intransitive compare
function.
* BUG 15625: Many qsort() comparison functions are non-transitive, which can
lead to out-of-bounds access in some circumstances.
o Andrew Bartlett <[email protected]>
* BUG 15638: Need to change gitlab-ci.yml tags in all branches to avoid CI
bill.
* BUG 15654: We have added new options --vendor-name and --vendor-patch-
revision arguments to ./configure to allow distributions and packagers to
put their name in the Samba version string so that when debugging Samba the
source of the binary is obvious.
o Günther Deschner <[email protected]>
* BUG 15665: CTDB RADOS mutex helper misses namespace support.
o Stefan Metzmacher <[email protected]>
* BUG 13019: Dynamic DNS updates with the internal DNS are not working.
* BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
SysvolReady=0.
* BUG 15412: Anonymous smb3 signing/encryption should be allowed (similar to
Windows Server 2022).
* BUG 15573: Panic in dreplsrv_op_pull_source_apply_changes_trigger.
* BUG 15620: s4:nbt_server: does not provide unexpected handling, so winbindd
can't use nmb requests instead cldap.
* BUG 15642: winbindd, net ads join and other things don't work on an ipv6
only host.
* BUG 15659: Segmentation fault when deleting files in vfs_recycle.
* BUG 15664: Panic in vfs_offload_token_db_fetch_fsp().
* BUG 15666: "client use kerberos" and --use-kerberos is ignored for the
machine account.
o Noel Power <[email protected]>
* BUG 15435: Regression DFS not working with widelinks = true.
o Andreas Schneider <[email protected]>
* BUG 15633: samba-gpupdate - Invalid NtVer in netlogon_samlogon_response.
* BUG 15653: idmap_ad creates an incorrect local krb5.conf in case of trusted
domain lookups.
* BUG 15660: The images don't build after the git security release and CentOS
8 Stream is EOL.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.1
May 08, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
Changes since 4.20.0
--------------------
o Douglas Bagnall <[email protected]>
* BUG 15630: dns update debug message is too noisy.
o Alexander Bokovoy <[email protected]>
* BUG 15635: Do not fail PAC validation for RFC8009 checksums types.
o Pavel Filipenský <[email protected]>
* BUG 15605: Improve performance of lookup_groupmem() in idmap_ad.
o Anna Popova <[email protected]>
* BUG 15636: Smbcacls incorrectly propagates inheritance with Inherit-Only
flag.
o Noel Power <[email protected]>
* BUG 15611: http library doesn't support 'chunked transfer encoding'.
o Andreas Schneider <[email protected]>
* BUG 15600: Provide a systemd service file for the background queue daemon.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.0
March 27, 2024
==============================
This is the first stable release of the Samba 4.20 release series.
Please read the release notes carefully before upgrading.
NEW FEATURES/CHANGES
====================
New Minimum MIT Krb5 version for Samba AD Domain Controller
-----------------------------------------------------------
Samba now requires MIT 1.21 when built against a system MIT Krb5 and
acting as an Active Directory DC. This addresses the issues that were
fixed in CVE-2022-37967 (KrbtgtFullPacSignature) and ensures that
Samba builds against the MIT version that allows us to avoid that
attack.
Removed dependency on Perl JSON module
--------------------------------------
Distributions are advised that the Perl JSON package is no longer
required by Samba builds that use the imported Heimdal. The build
instead uses Perl's JSON::PP built into recent perl5 versions.
Current lists of packages required by Samba for major distributions
are found in the bootstrap/generated-dists/ directory of a Samba
source tree. While there will be some differences - due to features
chosen by packagers - comparing these lists with the build dependencies
in a package may locate other dependencies we no longer require.
samba-tool user getpassword / syncpasswords ;rounds= change
-----------------------------------------------------------
The password access tool "samba-tool user getpassword" and the
password sync tool "samba-tool user syncpasswords" allow attributes to
be chosen for output, and accept parameters like
pwdLastSet;format=GeneralizedTime
These attributes then appear, in the same format, as the attributes in
the LDIF output. This was not the case for the ;rounds= parameter of
virtualCryptSHA256 and virtualCryptSHA512, for example as
--attributes="virtualCryptSHA256;rounds=50000"
This release makes the behaviour consistent between these two
features. Installations using GPG-encrypted passwords (or plaintext
storage) and the rounds= option, will find the output has changed
from:
virtualCryptSHA256: {CRYPT}$5$rounds=2561$hXem.M9onhM9Vuix$dFdSBwF
to:
virtualCryptSHA256;rounds=2561: {CRYPT}$5$rounds=2561$hXem.M9onhM9Vuix$dFdSBwF
Group Managed service account client-side features
--------------------------------------------------
samba-tool has been extended to provide client-side support for Group
Managed Service accounts. These accounts have passwords that change
automatically, giving the advantages of service isolation without risk
of poor, unchanging passwords.
Where possible, Samba's existing samba-tool password handling
commands, which in the past have only operated against the local
sam.ldb have been extended to permit operation against a remote server
with authenticated access to "-H ldap://$DCNAME"
Supported operations include:
- reading the current and previous gMSA password via
"samba-tool user getpassword"
- writing a Kerberos Ticket Granting Ticket (TGT) to a local
credentials cache with a new command
"samba-tool user get-kerberos-ticket"
New Windows Search Protocol Client
----------------------------------
Samba now by default builds new experimental Windows Search Protocol (WSP)
command line client "wspsearch"
The "wspsearch" cmd-line utility allows a WSP search request to be sent
to a server (such as a windows server) that has the (WSP)
Windows Search Protocol service configured and enabled.
For more details see the wspsearch man page.
Allow 'smbcacls' to save/restore DACLs to file
--------------------------------------------
'smbcacls' has been extended to allow DACLs to be saved and restored
to/from a file. This feature mimics the functionality that windows cmd
line tool 'icacls.exe' provides. Additionally files created either
by 'smbcalcs' or 'icacls.exe' are interchangeable and can be used by
either tool as the same file format is used.
New options added are:
- '--save savefile' Saves DACLs in sddl format to file
- '--recurse' Performs the '--save' operation above on directory
and all files/directories below.
- '--restore savefile' Restores the stored DACLS to files in directory
Samba-tool extensions for AD Claims, Authentication Policies and Silos
----------------------------------------------------------------------
samba-tool now allows users to be associated with claims. In the
Samba AD DC, claims derive from Active Directory attributes mapped
into specific names. These claims can be used in rules, which are
conditional ACEs in a security descriptor, that decide if a user is
restricted by an authentication policy.
samba-tool also allows the creation and management of authentication
policies, which are rules about where a user may authenticate from,
if NTLM is permitted, and what services a user may authenticate to.
Finally, support is added for the creation and management of
authentication silos, which are helpful in defining network boundaries
by grouping users and the services they connect to.
Please note: The command line syntax for these tools is not final, and
may change before the next release, as we gain user feedback. The
syntax will be locked in once Samba offers 2016 AD Functional Level as
a default.
AD DC support for Authentication Silos and Authentication Policies
------------------------------------------------------------------
The Samba AD DC now also honours any existing claims, authentication
policy and authentication silo configuration previously created (eg
from an import of a Microsoft AD), as well as new configurations
created with samba-tool. The use of Microsoft's Powershell based
client tools is not expected to work.
To use this feature, the functional level must be set to 2012_R2 or
later with:
ad dc functional level = 2016
in the smb.conf.
The smb.conf file on each DC must have 'ad dc functional level = 2016'
set to have the partially complete feature available. This will also,
at first startup, update the server's own AD entry with the configured
functional level.
For new domains, add these parameters to 'samba-tool provision'
--option="ad dc functional level = 2016" --function-level=2016
The second option, setting the overall domain functional level
indicates that all DCs should be at this functional level.
To raise the domain functional level of an existing domain, after
updating the smb.conf and restarting Samba run
samba-tool domain schemaupgrade --schema=2019
samba-tool domain functionalprep --function-level=2016
samba-tool domain level raise --domain-level=2016 --forest-level=2016
This support is still new, so is not enabled by default in this
release. The above instructions are set at 2016, which while not
complete, matches what our testing environment validates.
Conditional ACEs and Resource Attribute ACEs
--------------------------------------------
Ordinary Access Control Entries (ACEs) unconditionally allow or deny
access to a given user or group. Conditional ACEs have an additional
section that describes conditions under which the ACE applies. If the
conditional expression is true, the ACE works like an ordinary ACE,
otherwise it is ignored. The condition terms can refer to claims,
group memberships, and attributes on the object itself. These
attributes are described in Resource Attribute ACEs that occur in the
object's System Access Control List (SACL). Conditional ACEs are
described in Microsoft documentation.
Conditional ACE evaluation is controlled by the "acl claims
evaluation" smb.conf option. The default value is "AD DC only" which
enables them in AD DC settings. The other option is "never", which
disables them altogether. There is currently no option to enable them
on the file server (this is likely to change in future releases).
The Security Descriptor Definition Language has extensions for
conditional ACEs and resource attribute ACEs; these are now supported
by Samba.
Service Witness Protocol [MS-SWN]
---------------------------------
In a ctdb cluster it is now possible to provide
the SMB witness service that allows clients to
monitor their current smb connection to cluster
node A by asking cluster node B to notify the
client if the ip address from node A or the
whole node A becomes unavailable.
For disk shares in a ctdb cluster
SMB2_SHARE_CAP_SCALEOUT is now always returned
for SMB3 tree connect responses.
If the witness service is active
SMB2_SHARE_CAP_CLUSTER is now also returned.
In order to activate the witness service
"rpc start on demand helpers = no" needs to
be configured in the global section.
At the same time the 'samba-dcerpcd' service
needs to be started explicitly, typically
with the '--libexec-rpcds' option in order
to make all available services usable.
One important aspect is that tcp ports
135 (for the endpoint mapper) and various
ports in the 'rpc server dynamic port range'
will be used to provide the witness service
(rpcd_witness).
ctdb provides a '47.samba-dcerpcd.script' in order
to manage the samba-dcerpcd.service.
Typically as systemd service, but that's up
to the packager and/or admin.
Please note that current windows client
requires SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY
in addition to SMB2_SHARE_CAP_CLUSTER in order
to make use of the witness service.
But SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY implies
the windows clients always ask for persistent handle
(which are not implemented in samba yet), so
that every open generates a warning in the
windows smb client event log.
That's why SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY
is not returned by default.
An explicit 'smb3 share cap:CONTINUOUS AVAILABILITY = yes'
is needed.
There are also new 'net witness' commands in order
to let the admin list active client registrations
or ask specific clients to move their smb connection
to another cluster node. These are available:
net witness list
net witness client-move
net witness share-move
net witness force-unregister
net witness force-response
Consult 'man net' or 'net witness help' for further details.
REMOVED FEATURES
================
Get locally logged on users from utmp
-------------------------------------
The Workstation Service Remote Protocol [MS-WKST] calls NetWkstaGetInfo
level 102 and NetWkstaEnumUsers level 0 and 1 return the list of locally
logged on users. Samba was getting the list from utmp, which is not
Y2038 safe. This feature has been completely removed and Samba will
always return an empty list.
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
ldap server require strong auth new values (4.20.3)
acl claims evaluation new AD DC only
smb3 unix extensions Per share -
smb3 share cap:ASYMMETRIC new no
smb3 share cap:CLUSTER new see 'man smb.conf'
smb3 share cap:CONTINUOUS AVAILABILITY new no
smb3 share cap:SCALE OUT new see 'man smb.conf'
Changes since 4.20.0rc4
=======================
o Douglas Bagnall <[email protected]>
* BUG 15606: Avoid null-dereference with bad claims.
* BUG 15613: ndr_pull_security_ace can leave resource attribute ACE coda
claim struct undefined.
o Ralph Boehme <[email protected]>
* BUG 15527: fd_handle_destructor() panics within an smbd_smb2_close() if
vfs_stat_fsp() fails in fd_close().
o Björn Jacke <[email protected]>
* BUG 15583: set_nt_acl sometimes fails with NT_STATUS_INVALID_PARAMETER -
openat() EACCES.
o Noel Power <[email protected]>
* BUG 15527: fd_handle_destructor() panics within an smbd_smb2_close() if
vfs_stat_fsp() fails in fd_close().
o Andreas Schneider <[email protected]>
* BUG 15599: libgpo: Segfault in python bindings.
o Jo Sutton <[email protected]>
* BUG 15607: Samba AD is missing some authentication policy tests.
CHANGES SINCE 4.20.0rc3
=======================
o Andreas Schneider <[email protected]>
* BUG 15588: samba-gpupdate: Correctly implement site support.
CHANGES SINCE 4.20.0rc2
=======================
o Rob van der Linde <[email protected]>
* BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6.
o Stefan Metzmacher <[email protected]>
* BUG 15577: Additional witness backports for 4.20.0.
o Noel Power <[email protected]>
* BUG 15579: Error output with wspsearch.
o Martin Schwenke <[email protected]>
* BUG 15580: Packet marshalling push support missing for
CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
CTDB_CONTROL_TCP_CLIENT_PASSED.
o Jo Sutton <[email protected]>
* BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6.
CHANGES SINCE 4.20.0rc1
=======================
o Douglas Bagnall <[email protected]>
* BUG 15574: Performance regression for NDR parsing of security descriptors.
o Anoop C S <[email protected]>
* BUG 15565: Build and install man page for wspsearch client utility.
o Andreas Schneider <[email protected]>
* BUG 15558: samba-gpupdate logging doesn't work.
KNOWN ISSUES
============
https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.20#Release_blocking_bugs
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================