· This is a security release in order to address CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906.
Fix for CVE-2009-1888:
· In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes".
· net conf: Save share name as given, not as lower case only.
· Prevent creation of registry keys containing the '/' character.
· BUG 6089: Fix samr_OpenDomain access checks.
· BUG 6254: Fix IPv6 PUT/GET errors to an SMB server (3.3) with "msdfs root" set to "yes".
· BUG 6279: Fix Winbind crash.
· Allow pdbedit to change a user rid/sid.
· When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid.
· Don't access a freed structure when logging off and re-using a vuid.
· BUG 5329: Add "net rpc service delete/create".
· BUG 6238: Make sure wbcLogoffUserParams are properly initialized before freed.
· BUG 6263: Fix domain logins for WinXP clients pre SP3.
· BUG 6286: Call init function for builtin idmap modules before probing for them as shared modules.
· Try to to fix password_expired flag handling.
· Make sure to grey out change fields in the netdomjoin-gui when not running as root.
· Don't look up local user for remote changes, even when root.
· BUG 6243: Fix usrmgr.exe creating a user.
· Use procid_str in debug messages for better cluster-debuggability.
· Use cluster-aware procid_is_me instead of comparing pids.
· Fix smbd crash for close_on_completion.
· Fix a memleak in an unlikely error path in change_notify_create().
· Do not use the file system GET_REAL_FILENAME for mangled names.
· Fix a crash bug if we timeout in net rpc trustdom list.
· Add '--request-timeout' option to net.
· In net_conf_import, start a transaction when importing a single share.
· Fix writing of roaming profiles with "profile acls" set to "yes".
