FreeNAS 220.127.116.11 Now Available, Fixes Samba Exploit
Bohs Hansen / 3 years ago
At the start of July, the developers of FreeNAS had said that 18.104.22.168 would be the last release prior to 9.3, but sometimes a serious bug needs to be addressed as soon as possible. This was also the case this time with the possible remote Samba exploit CVE-2014-3560 and the planes were changed.
While they were at it, the also added a couple small performance improvements and brought over a couple small features from 9.3, namely the ability to do replication on a direct link without encryption. This could potentially speed up replication anywhere from three to four times the previous speed, especially over 10 Gb/s Ethernet. This is generally most useful when doing initial replication to a backup box, while they are co-located together, after which normal encryption can be used in sending the deltas.
FreeNAS encourages all existing 9.2.1.x users to upgrade as soon as possible.
- Samba updated to 4.1.11. This addresses http://www.samba.org/samba/security/CVE-2014-3560
- Increase performance of Directory Copy from CIFS
- Add support for the None Cipher in SSH. This can be used to improve replication performance at the expense of sending your data over the wire in cleartext. (Think private 10Gbe interlink)
- Resolve issue with vlan interface locking that could cause a kernel panic when creating a number of VLAN interfaces.
- Add support for compressing replication jobs with lz4
Thank you FreeNAS for providing us with this information.
Image courtesy of FreeNAS.