Go to file
Günther Deschner d48cbd924d Update to Samba 4.3.3 (security release)
resolves: #1292069

CVE-2015-3223 Remote DoS in Samba (AD) LDAP server
CVE-2015-5252 Insufficient symlink verification in smbd
CVE-2015-5296 Samba client requesting encryption vulnerable to
              downgrade attack
CVE-2015-5299 Missing access control check in shadow copy code
CVE-2015-7540 DoS to AD-DC due to insufficient checking of asn1
              memory allocation

Guenther
2015-12-16 13:45:55 +01:00
.gitignore Update to Samba 4.3.3 (security release) 2015-12-16 13:45:55 +01:00
README.dc Update README.dc. 2012-11-19 14:34:27 +01:00
README.downgrade Update to 4.0.0rc1. 2012-09-26 14:23:24 +02:00
filter-requires-samba.sh Fix and mention bogus perl dependency removal. 2009-02-03 18:45:43 +00:00
pam_winbind.conf Update to 3.3.4 2009-04-29 14:26:55 +00:00
samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch Samba 4.2 broke FreeIPA trusts to AD 2015-05-11 20:29:59 +03:00
samba-4.3.3-async_connect_send_test.patch Update to Samba 4.3.2 2015-12-02 00:25:09 +01:00
samba.log * Wed Oct 8 2007 Simo Sorce <ssorce@redhat.com> 3.2.0-0.pre1.fc9 2007-10-08 21:13:15 +00:00
samba.pamd Update to Samba 4.0.0rc6. 2012-12-04 15:38:51 +01:00
samba.spec Update to Samba 4.3.3 (security release) 2015-12-16 13:45:55 +01:00
samba.xinetd auto-import samba-2.2.1a-3 from samba-2.2.1a-3.src.rpm 2004-09-09 12:03:04 +00:00
smb.conf.default Add commented out 'max protocol' to the default config. 2012-02-23 18:46:14 +01:00
sources Update to Samba 4.3.3 (security release) 2015-12-16 13:45:55 +01:00

README.downgrade

Downgrading Samba
=================

Short version: data-preserving downgrades between Samba versions are not supported

Long version:
With Samba development there are cases when on-disk database format evolves.
In general, Samba Team attempts to maintain forward compatibility and
automatically upgrade databases during runtime when requires.
However, when downgrade is required Samba will not perform downgrade to
existing databases. It may be impossible if new features that caused database
upgrade are in use. Thus, one needs to consider a downgrade procedure before
actually downgrading Samba setup.

Please always perform back up prior both upgrading and downgrading across major
version changes. Restoring database files is easiest and simplest way to get to
previously working setup.

Easiest way to downgrade is to remove all created databases and start from scratch.
This means losing all authentication and domain relationship data, as well as
user databases (in case of tdb storage), printers, registry settings, and winbindd
caches.

Remove databases in following locations:
/var/lib/samba/*.tdb
/var/lib/samba/private/*.tdb

In particular, registry settings are known to prevent running downgraded versions
(Samba 4 to Samba 3) as registry format has changed between Samba 3 and Samba 4.