Samba 4.3.9 Available for Download

Samba 4.3.9 (gzipped)

Patch (gzipped) against Samba 4.3.8

                   Release Notes for Samba 4.3.9
                            May 2, 2016

This is the latest stable release of Samba 4.3.

This release fixes some regressions introduced by the last security fixes.
Please see bug for a list of
bugs addressing these regressions and more information.

Changes since 4.3.8:

o  Jeremy Allison <>
   * BUG 11742: lib: tevent: Fix memory leak when old signal action restored.
   * BUG 11771: lib: tevent: Fix memory leak when old signal action restored.
   * BUG 11822: s3: libsmb: Fix error where short name length was read as 2
     bytes, should be 1.

o  Andrew Bartlett <>
   * BUG 11780: smbd: Only check dev/inode in open_directory, not the full
   * BUG 11789: pydsdb: Fix returning of ldb.MessageElement.

o  Berend De Schouwer <>
   * BUG 11643: docs: Add example for domain logins to smbspool man page.

o  Günther Deschner <>
   * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build.

o  Alberto Maria Fiaschi <>
   * BUG 8093: access based share enum: Handle permission set in configuration

o  Volker Lendecke <>
   * BUG 11816: nwrap: Fix the build on Solaris.
   * BUG 11827: vfs_catia: Fix memleak.
   * BUG 11878: smbd: Avoid large reads beyond EOF.

o  Stefan Metzmacher <>
   * BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before
     dereferencing an ioctl response.
   * BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np.
   * BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on
   * BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action
   * BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain
   * BUG 11789: s3:wscript: pylibsmb depends on pycredentials.
   * BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share.
   * BUG 11847: Only validate MIC if "map to guest" is not being used.
   * BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
     option for testing.
   * BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
   * BUG 11858: Allow anonymous smb connections.
   * BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
   * BUG 11872: Fix 'wbinfo -u' and 'net ads search'.

o  Noel Power <>
   * BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee.

o  Garming Sam <>
   * BUG 11789: build: Mark explicit dependencies on pytalloc-util.

o  Partha Sarathi <>
   * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA

o  Jorge Schrauwen <>
   * BUG 11816: configure: Don't check for inotify on illumos.

o  Uri Simchoni <>
   * BUG 11691: winbindd: Return trust parameters when listing trusts.
   * BUG 11753: smbd: Ignore SVHDX create context.
   * BUG 11763: passdb: Add linefeed to debug message.
   * BUG 11788: build: Fix disk-free quota support on Solaris 10.
   * BUG 11798: build: Fix build when '--without-quota' specified.
   * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls"
     is set.
   * BUG 11852: libads: Record session expiry for spnego sasl binds.

o  Hemanth Thummala <>
   * BUG 11740: Real memory leak(buildup) issue in loadparm.
   * BUG 11840: Mask general purpose signals for notifyd.