              WHATS NEW IN 1.9.17p2 - September 26th 1997
              ===========================================

Security fix release: Samba - version 1.9.17p2.
----------------------------------------------

This new stable release fixes a very important security hole in all
versions of Samba.

The security hole allows a remote user to obtain root access on the
Samba server. A program which exploits this bug has been posted to the
internet.

The security hole is only known to affect Samba servers running on
Intel based hardware, and has only been demonstrated for Intel
Linux. It is likley that exploits for other architectures would be
very difficult but the possibility cannot be excluded completely.

This patch fixes the security hole for all platforms.

This patch also adds a routine which will log a message when a user
attempts to take advantage of the security hole.

A number of other minor bugs have also been fixed in this release.

The Samba Team.


-------------Previous release notes-------------------------

New stable release of Samba - 1.9.17
------------------------------------

This is the new stable release of Samba, superceeding
the last stable release 1.9.16p11. All users are
encouraged to upgrade to this new release as there have
been many improvements to the code since that time.

Changes since 1.9.16p11.
------------------------

Improved browsing support. 
--------------------------

Samba now should support propagation of browse lists 
across subnets correctly. Look in the file docs/BROWSING.txt 
as it has been largely re-written to explain how to do this.

*IMPORTANT* All Samba servers acting as local/domain master
browsers must be running 1.9.17 (or later).

Thanks to Silicon Graphics for allowing us to test the new 
code on their corporate network.


Improved share mode handling
----------------------------

The handling of share modes has been completely rewritten.
Samba can now run agressive PC Benchmarks (Ziff-Davis
NetBench) correctly with many hundreds of concurrent PC's.
The confidence level on share mode handling in Samba
is now much higher than it was previously. PC database
packages should be safe when run against a Samba share. 
Thanks to Silicon Graphics for testing this code for us.

If at all possible compile Samba to use the new share
mode handling with shared memory (set the flags 
FAST_SHARE_MODES in the Makefile). This will be *much* faster
than old file-based share modes. FAST_SHARE_MODES have
been turned on by default on the following platforms in
the Makefile :

	Linux
	Solaris
	BSDI
	IRIX 5.x.x
	FreeBSD

Roving profile support.
-----------------------

Roving profiles are believed to work correctly
with Windows NT 4.x and Windows 95. Domain logons
are fully implemented *for Windows 95 machines only*.


Updated documentation
---------------------
All options are now documented in the smb.conf man page
we believe. Much work has been done by Samba Team members
to improve the quality and quantity of the Samba documentation.

Many bugfixes and improvements
------------------------------
From around the 'net around the world. Many
thanks to everyone who contributed.

Commercial thanks.
------------------

Thanks to Cisco for the new netbios alias code support.
Thanks to Silicon Graphics for the help with the cross
subnet browsing and NetBench code.
Thanks to Whistle for funding one of the Samba Team
members.

Reporting bugs
--------------

The Samba Team believes that this is a stable
production release, but all software has bugs.
If you have problems, or think you have found a
bug please email a report to :

samba-bugs@samba.anu.edu.au

Stating the version number of Samba that you
are running, and *full details* of the steps
we need to reproduce the problem.

As always, all bugs are our responsibility.

Regards,

	The Samba Team.
