|
EN

SerNet News

SAMBA+ and EnterpriseSAMBA Security Releases: 4.3.8 and 4.2.11 packages available

SAMBA+ Logo

SAMBA+ 4.3.8 and EnterpriseSAMBA 4.2.11 have just been released. These are security releases. Please update your systems as soon as possible. Please visit samba.plus for all further details.

We decided to shift the release of the SAMBA+ 4.4 release series since we do not want to mix up a new feature set with this security release. However SAMBA+ 4.4.2 packages will be released in a matter of days.

The SAMBA+ 4.3.8 and EnterpriseSAMBA 4.2.11 packages are available for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu.

Please note that Samba 4.1.X and older versions are also affected by the issues fixed with this release but are not supported anymore. We strongly recommend to upgrade to a recent version at your earliest convenience.

Starting with Samba 4.3 SerNet's Samba packages are available as software subscription under the label SAMBA+. They can be purchased at the SAMBA+ Shop. Detailed information and prices are listed there. The subscriptions bought at the SAMBA+ shop are managed at our platform OPOSSO. Users can activate their subscriptions here and manage access credentials. SAMBA+ 4.4.1 and 4.3.7 will be included in existing subscriptions.

SerNet's Samba 4.2 packages - including the Samba 4.2.11 security release – will be maintained as EnterpriseSAMBA and distributed via https://portal.enterprisesamba.com for free. Please note that users don't have to register anymore to be able to access the packages, but instead can use a public user.


04/12/2016
SerNet, SAMBA, 2016


Severe bug announcement: Badlock is coming

Badlock Logo

On April 12th, 2016 SerNet, the Samba Team and Microsoft will disclose a severe bug that affects almost all versions of Microsoft Windows and Samba. The bug is called "Badlock". Due to the fundamental functions that are affected by the bug there will be no detailed information prior to the release of fixes by Microsoft and the Samba Team. More information will be available at http://badlock.org – the page will receive updates regularly. SysAdmins should mark the release date already.

Badlock has been discovered, analyzed and fixed by Stefan Metzmacher, a renowned member of the international Samba core developer team. He notified Microsoft about his findings and a consecutive strong collaboration lead to fixes for both platforms. Patches are currently reviewed and prepared for release, including SerNet's special SAMBA+ offering (see http://samba.plus). Please check http://badlock.org during the next weeks for information on which versions will get patches.

SerNet, the Samba Team and Microsoft agreed on the joint release date April 12th, 2016. The Badlock bug will entail exploits soon after being exposed. The coordinated efforts are meant to ensure a reasonable time to get the maximum number of systems repaired in short time.


03/22/2016
SerNet, SAMBA, 2016


Security Releases: SAMBA+ 4.3.6, EnterpriseSAMBA 4.2.9 and 4.1.23 published

SAMBA+ Logo

The Samba-Team at SerNet just published SAMBA+ 4.3.6 as well as EnterpriseSAMBA 4.2.9 and 4.1.23. The updates are security releases, please update affected systems as soon as possible. The packages are available for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu. 

For more information about the security issues and other changes visit https://samba.plus or look up the Release Notes for Samba 4.3.6Samba 4.2.9 and Samba 4.1.23

SAMBA+ 4.3 packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ shop where detailed information and prices are listed. The subscriptions bought at the SAMBA+ shop are managed at our platform OPOSSO. Users can activate their subscriptions here and manage access credentials. The new SAMBA+ 4.3.3 packages are included in existing subscriptions. 

SerNet's 4.2 packages and older versions will still be maintained as EnterpriseSAMBA and distributed via https://portal.enterprisesamba.com for free. Please note that users don't have to register anymore to be able to access the packages, but instead can use a public user.


03/08/2016
SerNet, SAMBA, 2016


New SAMBA+ version: SerNet releases 4.3.5 packages

SerNet's SAMBA+ 4.3.5 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available now.

These packages address a lot of issues, which are listed in the release history for Samba 4.3.5.

SAMBA+ 4.3 packages and all later versions are available as software subscription. They can be purchased at the SAMBA+ Shop, detailed information and prices are listed there.

The subscriptions bought at the SAMBA+ shop are managed at our platform OPOSSO. Users can activate their subscriptions here and manage access credentials. The new SAMBA+ 4.3.5 packages are included in existing subscriptions.


02/25/2016
SerNet, SAMBA, 2016


verinice 1.12: More Vulnerability Management, more Transparency

verinice Welcome Screen

verinice 1.12 is out. The new version of the open source tool for the management of information security (ISMS) is an efficient companion for companies, government agencies, consultants and auditors.  A perspective for working with vulnerability scanners is just one of many new features. verinice is published by SerNet.

verinice 1.12 introduces the Greenbone GSM perspective. This allows an easy start into managing vulnerabilities by intertwining verinice with the vulnerability scanner Greenbone GSM (OpenVAS). Two new tutorials explain step-by-step, how the results of vulnerability scans are imported and processed. When working with an IS-management system according to ISO 27001 the scanned systems and weaknesses can be used in a risk analysis.

verinice.PRO offers additional advantages: The workflow helps in assigning responsibilities and fixing vulnerabilities while in operation mode. An intelligent adjustment ensures that even after repeated scans duplicates are avoided and only fixed vulnerabilities are removed from the risk database.

Another big change: the whole development process moved to Github. The verinice source code remains open source – and GitHub helps to make the development more transparent. 

verinice @ GitHub

 

There are also numerous improvements and bug fixes. More detailed information about features and improvements are listed in the release notes for verinice 1.12. verinice 1.12 is available at verinice.org.


02/18/2016
SerNet, verinice, 2016


Displaying 16 to 20 of 70