ldapsmb-1.34b-298.17.1>t  DH`pMlʸ/=„a".tlME@O^9ft=#tgSR`(9–fprX(tHbɣJ]rۓxL:_09f9%nY l\ۥ"c< O֭:n!S@Iн%$`n>8L3wC 2[-Qb"'bW~y],g]$ }Wt';ub797a5a1ed3f874f95fa07e37a0faaf488bc0e91_?Mlʸ/=„ao"NN.h:! 5!~g8g[hD#XO9KH4G˝2h3ZC 5AJ61jGƹA}t.AЩ/=Ɏd]A0uE.B&)' O"g%c_we?G=iѴӊLF|-2L&M# Q)ϧc]l R/pf A|yNn㌣$X_cnW &; 9yi`-H>5u?ed   A(,48FOV o       (DLdx(89:FGHIXY\0]8^Mbmcd7e<fAlCzUCldapsmb1.34b298.17.1Tool to administer Samba's LDAP backendThis tool aims to simplify the administration of a Samba Domain Controller that uses the ldapsam passdb backend. Authors: -------- Guenther Deschner Source Timestamp: 2505 Branch : 3.5.7Mlbuild03+openSUSE 11.4openSUSEGPLv2+http://bugs.opensuse.orgProductivity/Networking/Sambahttp://www.samba.org/linuxx86_64MlMla26e7f6a24ef8f254df49e782932dc32761c2701368fc848eb38e615f567d60arootrootrootrootsamba-3.5.7-1.17.1.src.rpmldapsmbldapsmb(x86-64)  @ perl-ldaprpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)/usr/bin/perlrpmlib(PayloadIsLzma)4.0-13.0.4-14.4.6-14.8.0Mk@MdMc@M] MS@MRM5M0:M# Mt@MM PM@ML!L~LL@L@L@L@LOLOL@L@LfL,@LLeLB@LLA@LLLLzL{@LvW@LrbLnn@LmLmLmLi(@LgLc@LPL1@L!@LT@L%@L0L @K@KK@K@KtK.K.KKKsK"@KKK@K[K[K[K[KKK@KKK@K@KK~}@KqN@KqN@KqN@KqN@KoKoKn@Kn@Kl@KjK^@KUKLd@KG@KEKEKD{@K=K;@K/c@K*@K'z@K@K@K@K?K?KK@KmK3@JJJ@JJJJ`@J@JH@JJ JjJ0@J@JJJ@JJ JzJzJt.@JmJ_@J\s@JT@JT@JMJL@JI@JCfJB@JB@J@J;}J:,@J8J7@J7@J2C@J2C@J,@J'@J'@J'@J+@JMJp@IIIo@Io@IԨIW@IW@III@IV@Ilmuelle@suse.delmuelle@suse.delmuelle@suse.deddiss@suse.delmuelle@suse.delmuelle@suse.deddiss@suse.delmuelle@suse.delmuelle@suse.deddiss@suse.deddiss@suse.deddiss@suse.dero@suse.delmuelle@suse.delmuelle@suse.delars@samba.orglmuelle@suse.deddiss@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.deddiss@suse.dejmcdonough@suse.decoolo@novell.comlmuelle@suse.dejmcdonough@suse.degber@opensuse.orgjmcdonough@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.dejmcdonough@suse.delmuelle@suse.dejmcdonough@suse.desjayaraman@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dehhetter@suse.dejmcdonough@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.delars@samba.orglars@samba.orgjmcdonough@suse.dejsmeix@suse.delmuelle@suse.dehhetter@suse.delmuelle@suse.dejmcdonough@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.derhafer@novell.comhhetter@novell.comlmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.deboyang@suse.dejmcdonough@suse.delmuelle@suse.deboyang@suse.deboyang@suse.delmuelle@suse.derhafer@novell.comlmuelle@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delars@samba.orgjmcdonough@suse.desjayaraman@suse.dejengelh@medozas.delmuelle@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.delmuelle@suse.dejmcdonough@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.dejmcdonough@suse.delmuelle@suse.dejmcdonough@suse.dejmcdonough@suse.dejmcdonough@suse.deboyang@suse.dechris@computersalat.delmuelle@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.deboyang@suse.deboyang@suse.dehhetter@suse.delmuelle@suse.delmuelle@suse.deboyang@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.desbrabec@suse.czlmuelle@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.deboyang@suse.deboyang@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.desjayaraman@suse.desjayaraman@suse.desjayaraman@suse.dejmcdonough@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dejmcdonough@suse.delmuelle@suse.dejmcdonough@suse.dejmcdonough@suse.dejmcdonough@suse.delmuelle@suse.delmuelle@suse.delmuelle@suse.dero@suse.de- Update to 3.5.7 + Protect against possible denial of service caused by memory corruption; CVE-2011-0719; (bso#7949); (bnc#670431).- Disable separate build of samba-doc for post-11.1 systems.- Protect against possible denial of service caused by memory corruption; CVE-2011-0719; (bso#7949); (bnc#670431).- Increase the log level for missing PIDs on SIGCHLD, printcap child processes are not added to the children PID list; (bnc#666460).- Do not require a particular library version if the major version is part of the package name.- Use the actual version numbers of the ldb, talloc, tdb, and tevent libraries on post-11.3 systems.- Remove pcap_cache_loaded asserts from (re)load_printers. pcap_cache_loaded() returns false if the pcap cache contains no printer entries. correct call ordering is already enforced. (bso#7836); (bnc#625936).- No longer force activation of the cifs service on post-11.3 systems. - Add X-UnitedLinux-Default-Enabled to the cifs init script on pre-11.4 systems. - Move the cifs init script nfs dependencies from Required to Should.- Recommend to install samba-krb-printing from samba-winbind on post-10.3 systems; (bnc#661845).- Fix error paths in cups_async_callback(), an empty cups printer list should not be treated as an error; (bnc#661842).- Abide by printcap cache time, reload parent smbd pcap cache on expiry; (bso#7836); (bnc#625936).- Fix race in cups async printer services reload; (bso#7836); (bnc#625936).- Don't tweak with baselibs.conf during %post if not present; (bnc#652620).- Don't make use of baselibs.conf on SUSE Linux Enterprise 10; (bnc#652620).- Don't use --tmpdir as this option isn't known by mktemp of SUSE Linux Enterprise 10; (bnc#652620).- vfs_fill_sparse() doesn't use posix_fallocate when strict allocate is on; (bso#7835).- Replace Requires samba-client by samba-gplv3-client in the gplv3 packages; (bnc#652620).- Fix Dolphin SMB share IO with SMB signing enabled; (bso#7791); (bnc#656112).- Add Conflicts to the samba-gplv3 main, client, doc, krb-printing, winbind, client-gplv2, and doc-gplv2 packages; (bnc#652620).- Add Provides samba-client-gplv2 and samba-doc-gplv2 to pre-3.2 versions; (bnc#652620).- Obsolete samba-client-gplv2 and samba-doc-gplv2; (bnc#652620).- Remove Provides samba-client:/usr/sbin/winbindd from the samba-gplv3-winbind package to avoide an accidental install trigger; (bnc#652620).- Add Provides samba-client to the samba-gplv3-client package; (bnc#652620).- Remove all Obsoletes from the samba-gplv3 packages and only keep the Provides samba; (bnc#652620).- Add fitting Conflicts to all samba-gplv3 packages; (bnc#652620).- Reduce unnecessary ldap round trips and eliminate invalid DN messages; (bnc#654719).- Exclude cifs-mount and ldapsmb from the samba-gplv3 build of SUSE Linux Enterprise 10 SP 3 and 4.- Add the _build_arch at the end of the vendor version suffix.- Provide and Obsolete samba-gplv3 to replace potentially installed packages.- Change package base name to samba-gplv3 for SUSE Linux Enterprise 10 SP 4. - Do not package libsmbclient and libsmbsharemodes.- Update to 3.5.6 + Fix auto printers with registry config; (bso#7280); (bnc#617153). + Fix SPNEGO auth when contacting Win7 system using Microsoft Live Sign-in Assistant; (bso#7577). + Fix 'net idmap restore' setting HWM to avoid duplicates; (bso#7578). + Fix "admin users" when using vfs_acl_xattr; (bso#7581). + Fix using cached credentials in ntlm_auth; (bso#7589). + Fix Winbind offline login; (bso#7590). + Fix Winbind internal error; (bso#7636). + Fix mknod/mkfifo failing with "No such file or directory"; (bso#7651). + Fix smbd changing mode of files on rename; (bso#7693). + Fix crash bug with invalid SPNEGO token; (bso#7694). + Fix smbd panic on invalid NetBIOS session request; (bso#7698). + Fix smbd crash caused by "%D" in "printer admin"; (bso#7541). + Fix 'smbclient -M'; (bso#7635). + Fix scalability problem with hundreds of printers; (bso#7656). + Fix crash bug in rpcclient; (bso#7688). + Fix file corruption when setting Samba "write wache wize"; (bso#7715).- Fix smbd crash with CUPS printers and no [printers] share defined; (bso#7297); (bnc#637755).- Fix printing from 64-bit windows clients; (bso#6888); (bnc#640870).- Fix baselibs.conf for libtalloc.- Fix buffer overflow in sid_parse() to correctly check the input lengths when reading a binary representation of a Windows Security ID (SID); CVE-2010-3069; (bso#7669); (bnc#637218).- Use cached ntlm password in libsmbclient. Prevent lockouts when kerberos tickets are lost; (bnc#602418); (bnc#606304).- Add a dependency on nfs to the smbfs/ cifs init scripts as they require the en_US locale and /usr might be on NFS.- Complete fix for trusts with Windows 2008R2 DCs.- Fix authentication dialogs when connecting to older systems; (bnc#632055).- Adjust position of conditional ldapsmb %package and %files definition.- Create the /var/run/samba directory on the fly and package it as %ghost.- Fix preexec scripts; (bso#7104); (bnc#632852).- Fix printers not auto loading with registry config; (bso#7280); (bnc#617153).- Intilize workgroup of nmblookup as empty string.- Fix net ads join when using parent domain users; (bso#6364); (bnc#630812).- cifs: do not restart during dhcp lease renewal when IPaddress remains the same; (bnc#573246).- Fix "Too many open files" when trying to access large number of files; (bso#6837); (bnc#619787).- Update to 3.5.4. + Fix smbd crash when sambaLMPassword and sambaNTPassword entries missing from ldap (bug #7448). + Fix init_sam_from_ldap storing group in sid2uid cache (bug #7507). + Allow previous password to be stored and use it to check tickets; (bso#7099). + Make ea data checks identical for trans2open and trans2mkdir; (bso#7188). + Fix editing users' groups via UsrMgr; (bso#7262). + Fix Winbind over IPv6; (bso#7341). + Samba sends "raw" inode number as uniqueid with unix extensions; (bso#7410). + Fix printing large formats; (bso#7423). + Fix spnego returning incorrect mechListMIC string; (bso#7449). + Fix some crash bugs and missing error codes in AddDriver paths; (bso#7459). + Fix crash bug in _samr_QueryUserInfo{2} level 18; (bso#7479). + Fix 'not a string literal' warning in netdomjoin-gui; (bso#7500). + Fix calculation of st_blocks in vfs_streams_xattr; (bso#7503). + Fix numerous build issues; (bso#7504). + Fix session setup from linux kernel cifs clients with "sec=ntlmv2"; (bso#7517).- Remove all provides and obsoletes samba3 from the spec file. Packages with this base name have not been offered as part of a product.- Fix a NULL pointer dereference in smbd of the 3.4 code base; CVE-2010-1635; (bso#7229); (bnc#605935).- Address possible buffer overrun in chain_reply code of pre-3.4 versions; CVE-2010-2063; (bso#7494); (bnc#611927).- Update of the SMB Traffic Analyzer v2 VFS module- Fix trusts with Windows 2008R2 DCs; (bnc#613459); (bnc#599873); (bnc#592198); (bso#6697).- Update to 3.5.3. + Fix MS-DFS functionality; (bso#7339). + Fix a Winbind crash when scanning trusts; (bso#7389). + Fix problems with SIGCHLD handling in Winbind; (bso#7317). + Add replacement for IPV6_V6ONLY on linux systems with broken headers; (bso#7196). + Fix cups encryption setting; (bso#7263). + Fix exporting printers via 'cupsaddsmb' command; (bso#7277). + Fix SMB job IDs in CUPS job names; (bso#7288). + Fix segfault in mount.cifs; (bso#7315). + Make TIME_T_MAX defines consistent; (bso#7352). + Re-fix a bug with smbd serving a windows terminal server; (bso#7357). + Display an error on 'net conf import' failures; (bso#7378). + Fix bitmap leak in dptr_Close; (bso#7384). + Fix rename problems with full_audit VFS module; (bso#7398). + Fix setting of passwords via 'net rpc user password' command; (bso#7417). + Fix 'net rpc printer list' command; (bso#7418). + Rename mod_name to module_name; (bso#7421). - Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler. - Added EN ISO 216, A0 and A1 to builtin forms; (bso#7423). - Winbind not working over IPv6; (bso#7341).- Honor "interfaces" list in net ad dns register; (bnc#606947).- Exclude the RPM release from the vendor tag for openSUSE Factory; (bnc#604049).- Enable the build of the idmap tdb2 module; (bnc#600822).- BuildRequire keyutils-libs-devel for Fedora and post-RHEL4.- BuildRequire pkg-config for post-10.2 systems and else pkgconfig.- Add "net conf import" error messages; (bso#7378, bnc#598189).- Define cups_lib_dir %{_prefix}/lib/cups for post-11.2 systems; (bnc#575544).- Update to 3.5.2. + Fix smbd segfaults in _netr_SamLogon for clients sending null domain; (bso#7237). + Fix smbd segfaults in "waiting for connections" message; (bso#7251). + Fix an uninitialized variable read in smbd; (bso#7254); (bnc#605935); CVE-2010-1642. + Fix a memleak in Winbind; (bso#7278). + Fix Winbind reconnection to it's own domain; (bso#7295). + Fix segfault if hide files or veto files has no ".AppleDouble"; (bso#1206). + Fix parsing of the gecos field; (bso#5198). + Fix several printing issues; (bso#6727). + Fix valgrind warning; (bso#6814). + Fix race condition in mount.cifs that allows user to replace mountpoint with a symlink; (bso#6853). + Fix bug in vfs_scannedonly rmdir implementation; (bso#7075). + Fix handling of bad server data returns in client rpc_transport; (bso#7159). + Never mark external domains as internal in Winbind; (bso#7170). + Fix access by multi-threaded applications; (bso#7202). + Fix 'net share' command; (bso#7203). + Fix DN parsing name was always null; (bso#7204). + Signals are processed twice in child; (bso#7206). + Fix returning of group members with 'getent group'; (bso#7212). + Fix the build of net_afs.c with --fake-kaserver=yes; (bso#7216). + Make Winbind logs more verbose for troubleshooting; (bso#7225). + Fix a NULL pointer dereference in smbd; CVE-2010-1635; (bso#7229); (bnc#605935). + Fix automatic building of vfs_tsmsm if gpfs and dmapi are present; (bso#7231). + Fix race conditions in CTDB persistent transactions; (bso#7232). + Symlink delete fails but incorrectly reports success to client; (bso#7234). + Fix "printer admin" functionality; (bso#7255). + Fix value-needed calculation in_spoolss_EnumPrinterData(); (bso#7256). + Fix _winreg_QueryValue crash bugs and implement Windows behavior; (bso#7258). + Fix job management commands for CUPS queues; (bso#7269). + Fix smbd segfault if using vfs_acl_tdb; (bso#7283). + Fix core dump in 'ntlm_auth' with "gss-spnego" helper; (bso#7290). + Fix smbd crashes with CUPS printers and no [printers] share defined; (bso#7297). + Fix DOS attribute inconsistency with MS Office; (bso#7310). + Many disconnecting clients render clustered Samba unusuable for some time; (bso#7312). + Make 'net conf addshare' atomic; (bso#7313). + Eliminate race condition in creating/scanning sorted subkeys in the registry backend; (bso#7314). + Winbind possibly segfaults when trying a trusted domain without inbound trust; (bso#7316).- Add SMB Traffic Analyzer v2 VFS module.- Document "wide links" defaults to "no" in the smb.conf man page for versions pre-3.4.6; (bnc#577868).- Fix workgroup enumeration, for client printer and file share selection; (bso#6880); (bnc#586215).- Fix tdb validation for offline auth; (bnc#587014).- Fix "printer admin" functionality; (bso#7255).- An uninitialized variable read could cause an smbd crash; (bso#7254); (bnc#605935); CVE-2010-1642.- Ensure to have a valid talloc stackframe; (bso#7251).- _netr_SamLogon segfaults for clients sending NULL domain; (bso#7237).- Merge missing pam_winbind message translations; (bnc#499233).- Remove cifs-mount subpackage for post-11.2 systems as the tools are now part of the independent cifs-utils package.- Fix join of Windows 2008 domains; (bnc#567013).- Update to 3.5.1 and 3.4.7. + Fix security flaw on Linux platforms if built with libcap support allowing file system access even when permissions should have denied it; CVE-2010-0728; (bso#7222); (bnc#586683).- Fixed libldb.so link in libldb-devel.- Fix argc handling in net_share, making the command "net share" work again; (bso#7203); (bnc#584253).- Update to 3.5.0. + Fix duplicate sam and unix accounts; (bso#7145). + Keep the the correct negotiate_flags on the cli->dc structure; (bso#7160). + Avoid calling cli_alloc_mid twice in cli_smb_req_iov_send; (bso#7166). + Fix 'net ads dns' usage calls; (bso#7181). + Fix uninitialized variable in wkssvc_enumerateusers; (bso#7182).- Update to 3.4.6. + Change parameter "wide links" to default to "no"; it's also incompatible with "unix extensions"; (bso#7104); (bnc#577868). + Fix printing with 64 bit clients (bso#6888). + Fix core dump on 64 bit Linux (bso#7063). + Fix failing of smbd to respond to a read or a write caused by Linux asynchronous IO (aio) (bso#7067). + Fix string buffer overflow causing heap corruption in smbd (bso#7096). + Fix bogus ip address in SWAT; (bso#5885). + Fix vfs_full_audit; (bso#6557). + Use the first "uid" value; (bso#6157). + Fix large paged search with DirX LDAP servers; (bso#6981). + Fix crash bug in 'cifs.upcall'; (bso#6868). + Add cross option to samba_cv_linux_getgrouplist_ok; (bso#7047). + Fix DFS on AIX (maybe others); (bso#7052). + Fix pdb_search crash as non-root user; (bso#7068). + Fix unlocking of accounts from ldap; (bso#7072). + Fix vfs_expand_msdfs; (bso#7081). + Fix results of 'smbclient -L' with a large browse list; (bso#7098). + Normalize "Changing password for" msg IDs and STRs; (bso#7102). + Fix malformed require_membership_of_sid; (bso#7106). + Fix reading of large browselist; (bso#7122). + "mangling method = hash" can crash storing a name containing a '.'; (bso#7154). + Valgrind Conditional jump or move depends on uninitialised value(s) error when "mangling method = hash"; (bso#7155). + Fix listing of printjobs in Windows 7; (bso#7130). + Spoolss getprinterdriver2 level 101 marshalling is bad; (bso#7136). + Make idmap cache persistent for "ldapsam:trusted". + Also fill the memcache with sid<->id mappings in ldapsam_sid_to_id() not only the persistent idmap cache. + Shortcut uid_to_sid when "ldapsam:trusted = yes". + Make pdb_copy_sam_account also copy the group sid. + Shortcut gid_to_sid when "ldapsam:trusted = yes". + Speed up pdb_get_group_sid(). + Try to build the full unix_pw structure with ldapsam:trusted support. + Optimize ldapsam_alias_memberships() and cache ldap searches.- Update to 3.5.0rc3. + Change parameter "wide links" to default to "no"; it's also incompatible with "unix extensions"; (bso#7104); (bnc#577868). + Fix vfs_full_audit; (bso#6557). + Fix crash bug in 'cifs.upcall'; (bso#6868). + Fix duplicate initializer in the rmdir module; (bso#6876). + Fix printing with 64 bit clients; (bso#6888). + Add cross option to samba_cv_linux_getgrouplist_ok; (bso#7047). + Fix core dump on Ubuntu 8.04 64 bit; (bso#7063). + Fix failing of smbd to respond to a read or a write caused by Linux asynchronous IO (aio); (bso#7067). + Fix 'smbget' error status; (bso#7069). + Fix build of 'smbfilter'; (bso#7071). + Fix unlocking of accounts from ldap; (bso#7072). + Cliconnect gets realm wrong with trusted domains; (bso#7079). + Fix vfs_expand_msdfs; (bso#7081). + Fix storing of create time on directories in an EA in new create time code; (bso#7084). + Fix an early release of the global lock that can cause data corruption in libtdb; (bso#7085). + Fix string buffer overflow causing heap corruption in smbd; (bso#7096). + Fix results of 'smbclient -L' with a large browse list; (bso#7098). + Normalize "Changing password for" msg IDs and STRs; (bso#7102). + Fix malformed require_membership_of_sid; (bso#7106). + Add pdb_ldap performance fixes; (bso#7116). + Change ldap filter to what really was intended; (bso#7116). + Add new "nmbd bind explicit broadcast" parameter; (bso#7118). + Fix nmbd problems with socket address; (bso#7118). + Support large browselist; (bso#7119). + Fix reading of large browselist; (bso#7122). + Fix listing of printjobs in Windows 7; (bso#7130). + Owner of file not available with Kerberos; (bso#7139). + Fix IPv4/IPv6 problems; (bso#7140). + Fix get_acl_blob in the acl_tdb VFS module; (bso#7148). + "mangling method = hash" can crash storing a name containing a '.'; (bso#7154). + Valgrind Conditional jump or move depends on uninitialised value(s) error when "mangling method = hash"; (bso#7155). + Fix some wrong newlines in de translation strings.- Take extra care that a mount point of mount.cifs isn't changed during mount and don't allow it to be run as setuid root program; CVE-2010-0787; (bso#6853); (bnc#550002).- Check in mount.cifs for invalid characters in device name and mountpoint; CVE-2010-0547; (brc#562156); (bnc#577925).- Don't invalidate cache for uninitialized domains; (bnc#538923).- Signals are processed twice in child; (bnc#538923).- Allow forced pw change even with min pw age; (bnc#561894).- Change parameter "wide links" to default to "no"; it's also incompatible with "unix extensions"; CVE-2010-0926; (bso#7104); (bnc#577868).- Fix enumerate domain local groups for primary domain; (bnc#573813).- Fix malformed require_membership_of_sid; (bnc#525123); (bso#7106).- Normalize "Changing password for" msg IDs and STRs; (bnc#499233).- Build libtevent and libldb and put them into separate subpackages.- Update to 3.5.0rc2. + The Using Samba HTML book has been removed. + 'net', 'smbclient' and libsmbclient can use logon credentials cached by Winbind; (bso#7062). + New vfs_scannedonly module has been added; (bso#7028). + Check password history before increasing "badPasswordCount"; (bso#4347). + Fix changing of ACLs on writable file with "dos filemode=yes"; (bso#5202). + Restore Samba 3.0.x behavior and use the first "uid" value in pdb_ldap; (bso#6157). + Fix deletion of an object whose parent folder does not have delete rights fails even if the delete right is set on the object in vfs_acl_xattr and vfs_acl_tdb; (bso#6876). + Fix large paged search with DirX LDAP servers; (bso#6981). + Fix a segfault in winbindd_dual_ccache_ntlm_auth(); (bso#7027). + Disable sanity check in NetShareEnum for better compatibility with Windows; (bso#7029). + Fix SMBrmdir error message when deleting a directory fails; (bso#7033). + Fix segfault in vfs_cap; (bso#7034). + Fix 'net rpc getsid' in hardened Windows environments; (bso#7036). + Fix a Winbind segfault in "trusted_domains"; (bso#7037). + Complete and improve some German translation of 'net'; (bso#7039). + Fix compile error with WITH_DNS_UPDATE. Update .po files; (bso#7039). + Fix crash bug in libsmbclient; (bso#7043). + Fix bad (non memory copying) interfaces in smbc_setXXXX calls; (bso#7045). + Fix libsmbclient crash against OpenSolaris CIFS server; (bso#7046). + Lock down some srvsvc calls according to what w2k3 seems to do.- Update to 3.4.5. + Fix memory leak in smbd (bug #7020). + Fix changing of ACLs on writable files with "dos filemode=yes" (bug #5202). + BUG 6642: Fix opening the quota magic file. + BUG 6919: Fix remote quota management. + BUG 7034: Fix internal error caused by vfs_cap. + BUG 7036: Fix 'net rpc getsid' in hardened Windows environments. + BUG 7043: Fix crash bug in "SMBC_parse_path". + BUG 7045: Fix bad (non memory copying) interfaces in smbc_setXXXX calls. + BUG 7046: Fix a crash in libsmbclient used against the OpenSolaris CIFS server.- Free unused memory after a packet got processed; (bso#7020).- Add timeout to rpc call to prevent infinite loop when network is down; (bnc#538923).- Update to 3.5.0rc1. + BUG 6837: Fix "Too many open files" when trying to access large number of files with Windows 7; (bnc#619787). + BUG 6939: Fix long filenames when "mangling method" is set to "hash". + BUG 6991: Create symbol links to shared libraries. + BUG 6992: make test for getgrouplist cacheable. + BUG 7014: Fix Winbind crash when retrieving empty group members. + BUG 7020: Fix smbd using 2G memory. + Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level. + Vector correctly through reply_openerror() (which uses the same logic). + Fix bugs with the full Windows ACL support. + Add a few missing gettext calls to the 'net' command. + Fix up a share type translation and translate some more strings in 'net'. + Allow to call "pdbedit -N description -u user" without specifiyng "-r". + Add spoolss_DriverInfo7. + Fix rpcclient after setprinter IDL fixes. + Use generated krb5.conf in 'net ads testjoin'. + Add some German translations for the 'net' command. + Update mount.cifs man page with nounix option. + Fix _samr_GetAliasMembership for results with 0 rids. + Fix an error case in cli_negprot. + Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc. + Restore correct timeouts for SMB requests. + Fix a 64-bit error in libsmb. + Replace IS_DOMAIN_OFFLINE by a function in Winbind. + Simplify/cleanup Winbind code. + Fix write behind memory block in libtalloc. + Fix result check for getaddrinfo(). + Add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr() to tsocket. + Always set tdb->tracefd to -1 to be safe on goto fail in libtdb. + Add TDB_DISALLOW_NESTING and make TDB_ALLOW_NESTING the default behavior. + Fix standalone 'make installdocs'. + Output %p as unsigned in snprintf replacement. + New attempt at TDB transaction nesting allow/disallow. + Remove swig stuff from libtdb. + Reset tdb->fd to -1 in tdb_close() in libtdb. + Change the way mksysms work in libtalloc. + Also build and install tdb manpages from standalone tdb. + Fix infinite loop in NCACN_IP_TCP as there is no timeout. + Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query. + List trusted domains from wcache when domain is offline.- Update to 3.4.4. + Fix interdomain trust relationships with Win2008R2 (bug #6697). + Fix Winbind crashes when queried from nss (bug #6889). + Fix Winbind crash when retrieving empty group members (bug #7014). + Fix "UID range full" error in Winbind (bug #6901). + Fix multiple LDAP servers in "idmap backend" and "idmap alloc backend" (bug #6910). + BUG 4832: Fix iconv checks. + BUG 6338: Do not always display "none" in 'net rpc trustdom list'. + BUG 6851: Add pdbedit --kickoff-time/-K to set the user's kickoff time. + BUG 6828: Fix infinite timeout when byte lock held outside of samba. + BUG 6837: Fix "Too many open files" message when trying to access a large number of files with Windows 7; (bnc#619787). + BUG 6841: Fix "map acl inherit = yes". + BUG 6850: Fix shadow copy display on Windows 7. + BUG 6867: Fix listing of directories with a lot of files. + BUG 6868: Support building with Heimdal we well as with MIT. + BUG 6875: Fix DOS attributes on OS/2 clients. + BUG 6880: Fix listing of workgroup servers in libsmbclient. + BUG 6898: Samba duplicates file content on appending. + BUG 6918: Fix krb5 build problem on Ubuntu karmic. + BUG 6929: Fix build with recent heimdal. + BUG 6939: Fix long filenames with "mangling method = hash". + BUG 6967: Fix 'net ads join' with OU. + BUG 6981: Fix paged search with DirX LDAP server. + BUG 6982: Remove erroneous out of memory error path in lookup_sid. + BUG 6997: Fix _samr_GetAliasMembership for results with 0 rids. + BUG 7005: Fix "mangle method = hash" truncates files with dot "." character. + Fix the build of the winbind krb5 locator plugin. + Fix enumprinter key client and server.- Readjust the _libdir/cups/backend/smb sym link only on uninstall of the samba-krb-printing package; (bnc#568603).- Add BuildRequires to fam-devel; (bnc#564260).- Prevent winbind crash; (bso#7014); (bnc#566119).- Fix processing of open modes in POSIX open; (bnc#530683).- Add baselibs.conf as a source.- Update to 3.5.0pre2. + BUG 2350: Add LDAP Alias Dereferencing support. + BUG 6288: SWAT adds a second share when changing parameters of an existing share. + BUG 6435: Fix minor memory corruption. + BUG 6710: Only install the cifs.upcall man page if CIFSUPCALL_PROGS was set while configure. + BUG 6802: A created folder does not properly inherit permissions from parent in vfs_acl_xattr. + BUG 6837: "Too many open files" when trying to access large number of files from Windows 7; (bnc#619787). + BUG 6860: Fix shared library build on QNX. + BUG 6879: Fix crash in Winbind. + BUG 6929: Fix build with recent heimdal. + BUG 6938 : No hook exists to check creation rights when using acl_xattr module. + BUG 6967: Prevent glibc error on 'net ads join'. + Fix vfs_acl_xattr which was failing to call the NEXT connect function. + Restructure the ACL code. + Refactor reply_rmdir to use handle based code. + Fix the build when no external talloc and tdb are installed. + Fix detection of CTDB headers on systems without system-libtalloc. + Fix several printing issues. + Fix the build on Mac OS X 10.6.2. + Fix net and rpcclient after setprinterdataex changes. + Add full support for level 8 printer drivers. + Add more spoolss architectures to IDL. + Fix enumprinter key client and server. + Fix crash in EnumPrinterDataEx. + Prefer posix_fallocate for doing "strict allocate". + Restore "fake directory create times" as a share parameter. + Fix explicit stat64 support. + Add support for NetWkstaGetInfo 101 and 102. + Add rpcclient wkssvc_enumerateusers. + De-deprecate "write cache size" to prevent its removal without a proper alternative. + Allow more than 1000 users in BUILTIN\Users. + Complete support for NetWkstaGetInfo/NetWkstaEnumUsers. + Fix the build of the example VFS modules. + Fix crash in free_file_list(). + Give the user a chance to change password when password will expire soon.- Store the smbfs service state if enabled and restore it for cifs while upgrade on post-11.2 systems.- Prevent cifstab from being overwritten while upgrade on post-11.2 systems.- Give the user a chance to change password when password will expire soon; (FATE#302414).- Rename smbfs init script to cifs for post-11.2 systems.- Allow Windows 7 to connection to samba domain controllers and member servers; (bnc#551811); (bso#6099); (bso#6100); (bso#6680).- Error on joining windows domain (invalid pointer); (bso#6967); (bnc#553622).- Add PreReq /usr/sbin/groupadd to the winbind package; (bnc#559165). - Simplify the winbind package %pre script and suppress stdout only.- Update to 3.5.0pre1 + Add support for full Windows timestamp resolution. + Experimental implementation of SMB2. + Add encryption support for connections to a CUPS server. + Major windbind asynchronous refactoring. - Remove using_samba from the doc package. - Increase major version of libtalloc to 2.- Fix kerberos refresh chain; (bnc#546162); (bso#6872).- Hardlink duplicate files on post-11.1 systems.- Add BuildArch noarch to samba-doc on post-11.1 systems.- Use full 16byte session key in make_user_info_netlogon_interactive(); (bnc#551811).- Update to 3.4.3. + Fix trust relationships to windows 2008 (2008 r2) (bug #6711). + Fix file corruption using smbclient with NT4 server (bug #6606). + Fix Windows 7 share access (which defaults to NTLMv2) (bug #6680). + BUG 4675: mount.cifs: Do not attempt to update /etc/mtab if it is a symbolic link. + BUG 6529: Offline files conflict with Vista and Office 2003. + BUG 6532: Fix domain enumeration if master browser has space in name. + BUG 6606: Fix file corruption using smbclient with NT4 server. + BUG 6690: Fix wrong error check in profile. + BUG 6703: Allow smbstatus as non-root. + BUG 6704: Fix syntax error in avahi configure test. + BUG 6707: Fix an occasional segfault in config file parsing. + BUG 6710: Adjust regex to match variable names including underscores. + BUG 6711: Fix trust relationships to windows 2008 (2008 r2). + BUG 6726: SIVAL should have been an SVAL. + BUG 6728: BSD needs sys/sysctl.h included to build properly. + BUG 6731: Fix reading beyond the end of a named stream in xattr_streams. + BUG 6735: Don't overwrite password in pam_winbind, subsequent pam modules might use the old password and new password. + BUG 6764: Fix timeval calculation. + BUG 6765: Add a "hidden" parameter "share:fake_fscaps". + BUG 6769: Fix symlink unlink. + BUG 6772: Allow outstanding_aio_calls to be decremented. + BUG 6774: smbd crashes if "aio write behind" is set. + BUG 6776: Fix core dump caused by running overlapping Byte Lock test. + BUG 6781: Fix renaming subfolders in Explorer view. + BUG 6791: Fix linking order in cifs.upcall. + BUG 6793: Fix Winbind crash with "INTERNAL ERROR: Signal 6". + BUG 6793: Fix segfault in winbindd_pam_auth. + BUG 6796: Deleting an event context on shutdown can cause smbd to crash. + BUG 6797: Fix a memleak in libwbclient. + BUG 6804: Fix hpux compiler issue. + BUG 6805: Correctly handle aio_error() and errno. + BUG 6807: Fix a segfault in "net rpc trustdom list" for long domain names. + BUG 6810: Add support for finding alternate credcaches to cifs.upcall. + BUG 6811: Fix reference to freed memory in pam_winbind. + BUG 6815: Fix Windows 2008 R2 SPNEGO negTokenTarg parsing failure. + BUG 6824: Fix avahi activation. + BUG 6826: Don't fail authentication when one or some group of require-membership-of is invalid. + BUG 6828: Fix infinite timeout when byte lock held outside of Samba. + BUG 6829: Fix displaying of multibyte characters in smbclient. + BUG 6840: Fix crash in pam_winbind. + Fix an uninitialized variable. + Only ever handle one event after a select call. + Conditional install of the cifs.upcall man page. + Fix warning occuring when building the manpages.- Let smbclient show special characters properly; (bso#6829); (bnc#544204).- Don't fail authentication when one or some group of require-membership-of is invalid; (bnc#525123); (bso#6826).- Allow winbind to ignore certain domains; (bnc#539506).- Update to 3.4.2. + Fix unresolved home path; CVE-2009-2813; (bso#6763); (bnc#539517). + Fix potential denial of service; CVE-2009-2906; (bso#6768); (bnc#543115). + Fix potential mount.cifs password leaks; CVE-2009-2948; (bnc#542150).- Fix potential denial of service; CVE-2009-2906; (bnc#543115).- Fix potential mount.cifs password leaks; CVE-2009-2948; (bnc#542150).- Fix unresolved home path; CVE-2009-2813; (bnc#539517).- Don't overwrite password in pam_winbind; (bnc#515444).- mods for winbind (when used with squid - ntlm_auth) o winbind adds group 'winbind' o permission 0750,root,winbind LOCKDIR/winbindd_privileged- Merge two fixes from 3.2.8 and 3.3.1. + Adjust regex to match variable names including underscores. + Conditional install of the cifs.upcall man page.- Remove supplements from baselibs.conf while %clean for pre-11.1 systems; (bnc#520579).- Update to 3.4.1. + Fix authentication on member servers without Winbind (bug #6650). + Nautilus fails to copy files from an SMB share (bug #6649). + Fix connections of Win98 clients (bug #6551). + Fix interdomain trusts with Windows 2008 R2 DCs (bug #6697). + Fix Winbind authentication issue (bug #6646). + BUG 5879: Update LDAP schema for Netscape DS 5. + BUG 5886: Fix password change propagation with ldapsam. + BUG 6105: Make linking of cifs.upcall and rpcclient --as-needed safe. + BUG 6222: Default to DRSUAPI replication for net rpc vampire keytab. + BUG 6437: Make open_udp_socket() IPv6 clean. + BUG 6496: MS-DFS cannot follow multibyte char link name in libsmbclient. + BUG 6506: Smbd server doesn't set EAs when a file is overwritten in NT_TRANSACT_CREATE. + BUG 6532: Fix the build with external talloc. + BUG 6538: Cancel all locks that are made before the first failure. + BUG 6560: Fix lookupname. + BUG 6564: SetPrinter fails (panics) as non root. + BUG 6568: Fix _spoolss_GetPrintProcessorDirectory() implementation. + BUG 6585: Fix unqualified "net join". + BUG 6593: Correctly implement SMB_INFO_STANDARD setfileinfo. + BUG 6601: Avoid global fd limits. + BUG 6607: Fix crash bug in spoolss_addprinterex_level_2. + BUG 6611: Fix a valgrind error in chain_reply. + BUG 6615: Fix browsing of DFS when using kerberos in libsmbclient. + BUG 6627: Raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds. + BUG 6650: Fix authentication on member servers without Winbind. + BUG 6651: Fix smbd SIGSEGV when breaking oplocks. + BUG 6655: Fix 'smbcontrol smbd ping'. + BUG 6620: Fix a bug in renames of directories. + BUG 6664: Fix truncation of the session key. + BUG 6673: Fix 'smbpasswd' with "unix password sync = yes". + BUG 6680: Fix authentication failure from Windows 7 when domain joined. + BUG 6688: Fix crash in 'net usershare list'. + BUG 6693: Check we read off the complete event from inotify. + BUG 6700: Use dns domain name when needing to guess server principal.- Update to 3.2.14. + Fix SAMR access checks (e.g. bugs #6089 and #6112). + Fix 'force user' (bug #6291). + Improve Win7 support (bug #6099). + Fix posix ACLs when setting an ACL without explicit ACE for the owner (bug #2346). + BUG 6387: Fix Winbind crash when multiple IDmappings exist in the LDAP directory. + BUG 6509: Use gid (not uid) cache in fetch_gid_from_cache(). + BUG 6089: Fix SAMR access checks. + BUG 6112: Fix SAMR access checks. + BUG 6279: Fix Winbind crash. + BUG 6291: Fix 'force user'. + BUG 6099: Try to fix domain join of Win7 Beta. + BUG 6386: Groupdb mapping fix. + BUG 6421: Fix POSIX read-only open on read-only shares. + BUG 6476: Fix more smbd-zombies in memory. + BUG 6488: acl_group_override() call in posix acls references an uninitialized variable. + BUG 6504: Fix SAMR server for Winbind access. + BUG 6520: Fix time stamps. + BUG 6301: Fix samr_ConnectVersion enum which is 32bit not 16bit. + BUG 6340: Don't segfault when cleartext trustdom pwd could not be retrieved. + BUG 6372: Fix usermanager only displaying 1024 groups and aliases. + BUG 6465: Fix enum_aliasmem in ldb branch. + BUG 6484: Fix searching for users while adding them to groups via Windows usermanager. + BUG 2346: Fix posix ACLs when setting an ACL without explicit ACE for the owner. + BUG 6526: Let parent_dirname() correctly return toplevel filenames. + BUG 6627: Raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds. + BUG 5798: Preserve CFLAGS info in configure. + BUG 6382: Case insensitive access to DFS links broken. + BUG 6481: Don't require "Modify property" perms to unjoin. + BUG 6628: 'smbpasswd -a' uses algorithmic rid base with 'passdb backend = tdbsam'. + BUG 6560: Lookupname failed, cannot find domain when attempt to change password. + Prevent creation of keys containing the '/' character. + Fix join of Windows 7 RC to a Samba3 DC. + Fix bug in processing of open modes in POSIX open. + Fix the negotiate flags. + Protect netlogon_creds_server_step() against NULL creds. + Also handle DirX return codes. + Fix a crash bug if we timeout in net rpc trustdom list. + Add '--request-timeout' option to 'net'. + Fix a race condition in Winbind leading to a panic. + Add workaround for MS KB932762. + 5945: Fix out of memory error with Winbind idmap. + Avoid duplicate ACEs. + Fix profile ACLs in some corner cases. + Zero an uninitialized array.- Unable to browse DFS when using kerberos in libsmbclient; (bnc#528271); (bso#6615).- check in .po files for pam_winbind; (bnc#499233); (bso#6602).- Add ntp and network-remotefs as Should-Start dependency to the winbind init script; (bnc#515629).- Update to 3.0.36. + Fix Winbind crash on 'getent group' (bug #5906). + Excel save operation corrupts file ACLs (bug #4308). + Prevent segmentation fault on joining a very long domain name. + BUG 4308: Excel save operation corrupts file ACLs. + BUG 4370: Clean-up entries in /etc/mtab after unmount. + BUG 4640: Fix guest mounts in mount-cifs. + BUG 5906: Fix Winbind crash on 'getent group'. + BUG 6066: netinet/ip.h present but cannot be compiled on Solaris. + BUG 6099: In order to allow Win7 to connect to a Samba NT style. + BUG 6279: Fix Winbind crash. PDC we set the flags before we know if it's an error or not. + BUG 6085: Fix build of vfs_default. + BUG 6098: When the DNS server is invalid, the ads_find_dc() does not work correctly. + Fix logic error in try_chown. + Correctly use chroot(). + Fix bug in processing of open modes in POSIX open. + Don't install the cifs.upcall binary twice. + Fix mount.cifs handling of -V option. + Prevent segmentation fault on joining a very long domain name. + Don't try and delete a default ACL from a file. + Add workaround for MS KB932762. + Add fakemount (-f) and nomtab (-n) flags to mount.cifs. + Fix a crash during name resolution when log level >= 10 and libc segfaults if printf is passed NULL for a "%s" arg.- Use a conditional suse_version macro in front of the SUSE_ASNEEDED export.- lookupname failed, cannot find domain when attempt to change password; (bnc#520645); (bso#6560).- Don't link with --as-needed flag on post-11.1 systems.- Stop the smbfs service if an interface goes down; (bnc#517768).- Disable build of static libraries on post-11.1 systems; (bnc#509945).- Fix missing zlibs for cifs.upcall and test_shlibs.- Update to 3.4.0. + BUG 6431: Local groups from 3.0 setups no longer found. + BUG 6459: Fix build of pam_smbpass on some distributions. + BUG 6481: 'net ads leave' needs to try account deletion, NetUnjoinDomain not. + BUG 6497: Fix calling of 'test' in configure. + BUG 6498: Add workaround for MS KB932762. + BUG 6499: Fix building of pam_smbpass. + BUG 6509: Use gid (not uid) cache in fetch_gid_from_cache(). + BUG 6512: Fix support for enumerating user forms. + BUG 6514: Improve error message in 'net' when smb.conf is not available. + BUG 6520: Fix time stamps when "unix extensions = yes". + BUG 6521: Fix building tevent_ntstatus without config.h. + BUG 6526: Fix notifies in the share root directory. + BUG 6531: Fix pid file name.- Package /etc/samba/smbpasswd as %ghost on post-11.1 systems.- Fix net ads leave; (bnc#511695).- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164). - Supplement glibc-32bit/glibc-64bit in baselibs.conf (bnc#354164).- Update to 3.2.13, 3.3.6. + In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server; CVE-2009-1886; (bnc#513360); (bso#6478).- Update to 3.0.35. + In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes"; CVE-2009-1888; (bnc#515479).- Uninitialized read of a data value; CVE-2009-1888 (bnc#515479).- Update to 3.4.0rc1. + BUG 4699: Remove pidfile on clean shutdown. + BUG 5456: Fix "net ads testjoin". + BUG 6081: Make it possible to change machine account sids. + BUG 6253: Use correct value for password expiry calculation in pam_winbind. + BUG 6297: Owner of sticky directory cannot delete files created by others. + BUG 6305: Correctly prompt for a password when a username was given. + BUG 6328: Add support for multiple rights to "net sam rights grant/revoke". + BUG 6333: Consolidate create/delete account paths in pdbedit. + BUG 6449: 'net rap user add' crashes without -C option. + BUG 6451: net/libnetapi user rename using wrong access bits. + BUG 6458: Fix uninitialized variable in local_password_change(). + BUG 6465: Fix enumeration of empty aliases. + BUG 6476: Fix smbd-zombies in memory when using [x]inetd. + BUG 6487: Add missing DFS call in trans2 mkdir call. + BUG 6488: acl_group_override() call in posix acls references an uninitialized variable. + Improve pam_winbind documentation. - Install a vendor copy of samba-common.dhcp as dhcpcd-hook-samba-functions.- Samba 3.2.0 - 3.2.12 smbclient commands dealing with file names treat user input as a format string to asprintf; CVE-2009-1886; (bnc#513360).- Fix a bad memleak in vfs_full_audit; (bnc#510035).- Update to 3.3.5. + Fix SAMR and LSA checks (bug #6089, #6289) + Fix posix acls when setting an ACL without explicit ACE for the owner (bug #2346). + Fix joining of Win7 into Samba domain (bug #6099). + Fix joining of Win2000 SP4 clients (bug #6301). + BUG 2346: Fix posix acls when setting an ACL without explicit ACE for the owner. + BUG 5832: Fix build on RHEL when ccache is not available. + BUG 5853: Add keyutils-devel to build requires to fix build on RHEL. + BUG 5897: Fix shutdown script example in the smb.conf manpage. + BUG 6089: Revert the extra SAMR and LSA checks. + BUG 6099: Fix joining of Win7 into Samba domain. + BUG 6157: Fix handling of multi-value attribute "uid". + BUG 6289: Revert the extra SAMR and LSA checks. + BUG 6297: Owner of sticky directory cannot delete files created by others. + BUG 6301: Fix joining of Win2000 SP4 clients. + BUG 6309: Support remote unjoining of Windows 2003 or greater. + BUG 6315: smbd crashes doing vfs_full_audit on IPC$ close event. + BUG 6320: Handle registry config source in file_list. + BUG 6330: Fix DFS on AIX. + BUG 6336: Fix 'net groupmap set' segfault. + BUG 6361: Make --rcfile work in smbget. + BUG 6365: Re-Add the "dropbox" functionality with -wx rights on a directory. + BUG 6372: Fix usermanager only displaying 1024 groups and aliases. + BUG 6382: Fix case insensitive access to DFS links. + BUG 6415: Filter out of range mappings in default idmap config in idmap_tdb. + BUG 6416: Filter out of range mappings in default idmap config in idmap_tdb2. + BUG 6417: Filter out of range mappings in default idmap config in idmap_ldap. + BUG 6441: Fix the compile with --enable-dnssd. + BUG 6449: 'net rap user add' crashes without -C option. + BUG 6465: Fix enumeration of empty aliases (ldb backend). + Prevent infinite include nesting. + Mark registry shares without path unavailable. + Also handle DirX return codes. + Fix Coverity ID 897. + Do not crash in ctdbd_traverse if ctdbd is not around. + Fix a race condition in winbind leading to a panic. + Some man pam_winbind improvements. + Zero an uninitialized array.- Update to 3.2.12. + Fix SAMR and LSA checks (bug #6089, #6289) + Fix posix acls when setting an ACL without explicit ACE for the owner (bug #2346). + Fix "force user" (bug #6291). + Fix Winbind crash (bug #6279). + Fix joining of Win7 into Samba domain (bug #6099). + BUG 2346: Fix posix acls when setting an ACL without explicit ACE for the owner. + BUG 5798: CFLAGS info lost in configure. + BUG 5832: Fix build on RHEL when ccache is not available. + BUG 5835: Add keyutils-devel to build requires. + BUG 5945: Fix out of memory error with Winbind idmap. + BUG 6089: Revert the extra SAMR and LSA checks. + BUG 6099: Fix joining of Win7 into Samba domain. + BUG 6279: Fix Winbind crash. + BUG 6289: Revert the extra SAMR and LSA checks. + BUG 6291: Fix "force user". + BUG 6301: Fix samr_ConnectVersion enum which is 32bit not 16bit. + BUG 6372: Fix usermanager only displaying 1024 groups and aliases. + BUG 6386: Groupdb mapping fix. + BUG 6382: Fix case insensitive access to DFS links. + BUG 6465: Fix enumeration of empty aliases (ldb backend). + Prevent creation of keys containing the '/' character. + Fix bug in processing of open modes in POSIX open. + Protect netlogon_creds_server_step() against NULL creds. + Also handle DirX return codes. + Fix a race condition in winbind leading to a panic. + Fix a crash bug if we timeout in net rpc trustdom list. + Fix profile acls in some corner cases.- Default with passdb backend to smbpasswd for SUSE products older than 11.2.- Explicitly use 'tdbsam' as passdb backend in the default smb.conf file.- Update to 3.4.0pre2. + The default passdb backend has been changed to 'tdbsam'! + Samba4 and Samba3 sources are included in the tarball. + Changed the way smbd handles untrusted domain names given during user authentication. + Various fixes including printer change notificiation for Samba spoolss print servers. + The remaining hand-marshalled DCE/RPC services (ntsvcs, svcctl, eventlog and spoolss) were replaced by autogenerated code based on PIDL. + Samba3 and Samba4 do now share a common tevent library. + The code has been cleaned up and the major basic interfaces are shared with Samba4 now. + An asynchronous API has been added. + Made parameter syntax of the net command more consistent. + BUG 2346: Fix posix ACLs when setting an ACL without explicit ACE for the owner. + BUG 4271: testparm should not print includes. + BUG 4831: Don't call openlog() or closelog() from pam_smbpass. + BUG 5681: Do not limit the number of network interfaces. + BUG 5859: Fix renaming of samr objects failed due to samr setuserinfo access checks. + BUG 6099: Fix NETLOGON credential chain. + BUG 6136: New AFS syscall conventions. + BUG 6157: Fix handling of multi-value attribute "uid". + BUG 6253: Use correct value for password expiry calculation. + BUG 6291: Fix 'force user'. + BUG 6292: Update config.guess from gnu.org. + BUG 6302: Give the VFS a chance to read from 0-byte files. + BUG 6309: Support remote unjoining of Windows 2003 or greater. + BUG 6313: ldapsam_update_sam_account() crashes while doing talloc_free on malloced memory. + BUG 6315: Fix smbd crashes when doing vfs_full_audit on IPC$ close event. + BUG 6320: Handle registry config source in file_list. + BUG 6330: Fix DFS on AIX. + BUG 6336: Fix segfault in 'net groupmap set'. + BUG 6340: Don't segfault when cleartext trustdom pwd could not be retrieved. + BUG 6357: Use Samba default command line arguments in 'net'. + BUG 6359: smbclient -L does not list workgroup for hosts with both IPv4 and IPv6 addresses + BUG 6361: Make --rcfile work in smbget. + BUG 6371: Unsuccessful 'net conf setparm' leaves empty share. + BUG 6372: usermanager only displaying 1024 groups and aliases. + BUG 6387: Fix a crash bug in idmap_ldap_unixids_to_sids. + BUG 6415: Filter out of range mappings in default idmap config (idmap_tdb). + BUG 6416: Filter out of range mappings in default idmap config (idmap_tdb2). + BUG 6417: Filter out of range mappings in default idmap config (idmap_ldap). + Change the way smbd handles untrusted domain names given during user authentication. + Replace the hand-marshalled DCE/RPC services ntsvcs, svcctl, eventlog and spoolss by autogenerated code based on PIDL. + Fix several printing issues and improve support for printer change notificiations. + Add 'net eventlog'. + Add asynchronous API. + Make Samba3 and Samba4 share a tevent library. + Add two new parameters to control how we verify kerberos tickets. + Add 'net rpc service' subcommands 'create' and 'delete'. + Fix the core of the SAMR access functions. + Fix SAMR server for winbindd access. + Add dbwrap_tool - a tdb tool that is CTDB-aware. + Hide "config backend" from swat. + Fix linking with --disable-shared-libs. + Fix issue with missing entries when enumerating directories. + Map NULL domains to our global sam name. + Fix driver upload for Xerox 4110 PS printer driver. + Add "net dom renamecomputer" to rename machines in a domain. + Inspect the correct computername string before enabling/disabling the change button in netdomjoin-gui. + Fix join prompt dialog test in netdomjoin-gui. + Only gray out labels when not root and not connecting to remote machines (netdomjoin-gui). + Allow to switch between workgroups/domains with the same name (netdomjoin-gui). + Add NetShutdownInit and NetShutdownAbort. + Fix samr access checks. + Add a security model to LSA. + Also handle DirX return codes. + Do not crash in ctdbd_traverse if ctdbd is not around. + Fix Coverity ID 897. + Fix a race condition in vfs_aio_fork with gpfs share modes. + Fix bug disclosed by lock8 torture test. + Fix a race condition in winbind leading to a panic. + Detect tight loop in tdb_find(). + Fix chained sesssetupAndX/tconn messages. + Fix strict locking with chained reads. + Fix two bugs in sendfile. + Fix memory leak. + Fix file descriptor leak. + Fallback to the legacy sid_to_(uid|gid) instead of returning NULL. + Always allocate memory in dptr_ReadDirName. + Fix 'net' crash during domain join. + Zero an uninitialized array. + Allow child processes to exit gracefully if we are out of fds.- Enable cifs.upcall on versions newer than SUSE 10.0.- Add BuildRequires to keyutils-devel.- Remove redundant Requires to keyutils-libs for cifs-mount.- Detect tight loop in tdb_find(); (bnc#450974).- Fix lp printing with kerberos; (bnc#476913).- Add BuildRequires to ctdb-devel for systems newer than SUSE 10.0 and all other build targets.- Update to 3.4.0pre1. + Samba4 and Samba3 sources are included in the tarball + Changed the way smbd handles untrusted domain names given during user authentication. + Various fixes including printer change notificiation for Samba spoolss print servers. + The remaining hand-marshalled DCE/RPC services (ntsvcs, svcctl, eventlog and spoolss) were replaced by autogenerated code based on PIDL. + Samba3 and Samba4 do now share a common tevent library. + The code has been cleaned up and the major basic interfaces are shared with Samba4 now. + An asynchronous API has been added. + Change the way smbd handles untrusted domain names given during user authentication. + Replace the hand-marshalled DCE/RPC services ntsvcs, svcctl, eventlog and spoolss by autogenerated code based on PIDL. + Fix several printing issues and improve support for printer change notificiations. + Add 'net eventlog'. + Add asynchronous API. + Make Samba3 and Samba4 share a tevent library. + Add two new parameters to control how we verify kerberos tickets. + Add 'net rpc service' subcommands 'create' and 'delete'. + Make merged build possible. + Move common libraries to the shared lib/ directory.- Update to 3.3.4. + Fix domain logins for WinXP clients pre SP3 (bug #6263). + Fix samr_OpenDomain access checks (bug #6089). + Fix usrmgr.exe creating a user (bug #6243). + BUG 6089: Fix samr_OpenDomain access checks. + BUG 6254: Fix IPv6 PUT/GET errors to an SMB server (3.3) with "msdfs root" set to "yes". + BUG 6279: Fix Winbind crash. + BUG 5329: Add "net rpc service delete/create". + BUG 6238: Make sure wbcLogoffUserParams are properly initialized before freed. + BUG 6263: Fix domain logins for WinXP clients pre SP3. + BUG 6286: Call init function for builtin idmap modules before probing for them as shared modules. + BUG 6243: Fix usrmgr.exe creating a user. + net conf: Save share name as given, not as lower case only. + Prevent creation of registry keys containing the '/' character. + Allow pdbedit to change a user rid/sid. + When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid. + Don't access a freed structure when logging off and re-using a vuid. + Try to to fix password_expired flag handling. + Make sure to grey out change fields in the netdomjoin-gui when not running as root. + Don't look up local user for remote changes, even when root. + Use procid_str in debug messages for better cluster-debuggability. + Use cluster-aware procid_is_me instead of comparing pids. + Fix smbd crash for close_on_completion. + Fix a memleak in an unlikely error path in change_notify_create(). + Do not use the file system GET_REAL_FILENAME for mangled names. + Fix a crash bug if we timeout in net rpc trustdom list. + Add '--request-timeout' option to net. + In net_conf_import, start a transaction when importing a single share. + Fix writing of roaming profiles with "profile acls" set to "yes".- Update to 3.2.11. + Fix domain logins for WinXP clients pre SP3 (bug #6263). + Fix samr_OpenDomain access checks (bug #6089). + Fix smbd crash for close_on_completion. + BUG 6089: Fix samr_OpenDomain access checks. + BUG 6205: Correct sample smb.conf share configuration. + BUG 6254: Fix IPv6 PUT/GET errors to an SMB server (3.3) with "msdfs root" set to "yes". + BUG 6263: Fix domain logins for WinXP clients pre SP3. + Allow pdbedit to change a user rid/sid. + When doing a cli_ulogoff don't invalidate the cnum, invalidate the vuid. + Fix resume command typo for "printing = vlp". + Fix smbd crash for close_on_completion. + Fix a memleak in an unlikely error path in change_notify_create(). + Don't look up local user for remote changes, even when root.- Don't lookup local user for remote password changes; (bnc#493507).- Update to 3.3.3. + Migrating from 3.0.x to 3.3.x can fail to update passdb.tdb correctly (bug #6195). + Fix serving of files with colons to CIFS/VFS client (bug #6196). + Fix "map readonly" (bug #6186). + BUG 6195: Don't let smbd child processes panic. + Add backend_requires_messaging() method to libsmbconf. + Add methods is_writeable() and wrapper smbconf_is_writeable() to libsmbconf. + Fall back to file backend when no valid backend was found. + Fix a memleak in dbwrap_rbt. + Provide transaction_start|commit|cancel fns for the registry tdb. + Speed up "net conf drop". + Speed up "net conf import". + Add transactions to the libsmbconf API. + Reduce memory usage of "net conf import". + Registry cleanup. + Fix handling of SAMBA_VERSION_VENDOR_PATCH. + Fix build of pam_winbind.so with static linking. + Tidy up some convert_string_internal error cases. + BUG 6224: nmbd waits 5 minutes at startup before checking if it needs to run elections. + Allow DFS client paths to work when POSIX pathnames have been selected. + Try and fix the build farm RAW-STREAMS errors. + Ensure files starting with multiple dots are hidden. + BUG 6102: NetQueryDisplayInformation could return wrong information. + BUG 6193: Avoid messing with sync_context in libnet_samsync_delta(). + Fix notify_printer_status_byname. + Fix Coverity IDs 722, 762, 774, 775, 776. + Fix build on old Heimdal based systems. + Fix compile warning. + Use parentheses in if condition to make negation clear. + Add dirsort module. + BUG 6147: Fix detection of the GNU ld version. + BUG 6097: Fix smbd segfault. + BUG 6130: Don't crash in winbindd_rpc lookup_groupmem() on unmapped members. + BUG 6139: Add missing whitespace in mount.cifs error message. + Fix a malloc/talloc mismatch when cli_initialise() fails. + Fix a valgrind error. + Speed up "net conf list". + Add sorted subkey cache. + Use StrCaseCmp in the dirsort module. + Document the dirsort module. + Disable dns_sd by default. + Add avahi detection to configure. + Add event avahi binding. + Use avahi to register _smb._tcp in smbd. + Fix two memleaks in the encryption code. + Fix a scary "fill_share_mode_lock failed" message. + BUG 6228: Fix SMBC_open_ctx failure due to path resolve failure doesn't set errno. + Don't use reserved words in smbconftort. + Fix smb signing for fragmented trans/trans2/nttrans requests. + Parse_packet can return NULL which is then dereferenced in match_mailslot_name. + Format the header check for netinet/ip.h more nicely. + Missing break in conversion function prevents tdb password database update.- Update to 3.2.10. + BUG #6195: Don't let smbd child processes panic.- BUG 6195: Fix crash on passdb conversion.- Update to 3.2.9. + BUG 5920: The length of the memcpy was calculated wrong. + BUG 6097: Fix smbd segfault. + BUG 6098: Fix ads_find_dc() with "security = domain" when the DNS server is invalid. + BUG 6099: Samba returns incurrate capabilities list. + BUG 6100: Implement _netr_LogonGetCapabilities() with NT_STATUS_NOT_IMPLEMENTED. + BUG 6102: NetQueryDisplayInformation could return wrong information. + BUG 6130: Fix crash in winbindd_rpc lookup_groupmem() on unmapped members. + BUG 6133: Cannot delete non-ACL files on NFSv4 ACL filesystem. + BUG 6161: smbclient corrupts source path in tar mode. + BUG 6193: Avoid messing with sync_context in fetch_database_to_ldif(). + BUG 6196: Unable to serve files with colons to Linux CIFS/VFS client. + BUG 6224: nmbd waits 5 minutes before checking to run elections. + BUG 6228: Fix SMBC_open_ctx failure when path failure doesn't set errno. + Numerous Coverity fixes + Fix double free caused by incorrect talloc_steal usage. + Backport delete semantics of alternate data streams on a file truncate. + Allow set attributes on a stream fnum to redirect to the base filename. + Fix use of streams modules with CIFSFS client. + Fix more POSIX path lstat calls. + Allow DFS client paths to work with POSIX pathnames. + Ensure files starting with multiple dots are hidden. + Fix guest auth when Winbind is running. + Fix memleak in get_remote_printer_publishing_data(). + cifs mount fix for handling -V parameter. + Fix guest mounts. + Clean-up entries in /etc/mtab after unmount. + Add fakemount (-f) and nomtab (-n) flags to mount.cifs. + Enable total anonymization in vfs_smb_traffic_analyzer. + Don't try and delete a default ACL from a file. + Fix remotely adding a share via MMC. + Fix resume handle for _samr_EnumDomainGroups. + Fix a buffer handling bug when adding lots of registry keys. + Fix a O(n^2) algorithm in regdb_fetch_keys(). + Fix a valgrind error / segfault in dns_register_smbd(). + Don't log NDR_PRINT_DEBUG at level 0, this always ends up in syslog. + Fix a malloc/talloc mismatch when cli_initialise() fails. + Fix two memleaks in the encryption code. + Fix "fill_share_mode_lock failed" message. + Add S-1-22-X-Y sids to the local token. + Fix smb signing for fragmented trans/trans2/nttrans requests. + Don't miss an absolute pathname as a kerberos keytab path. + Have nmbd check all available interfaces for WINS before failing. + Initialize the id_map status in idmap_ldap to avoid surprise.- Obsolete change from 2008-03-05 by removing the needless examples cleanup.- Update to 3.3.2. + Fix "force group" (bug #6155). + Fix saving of files on Samba share using MS Office 2007 (bug #6160). + Fix guest authentication in setups with "security = share" and "guest ok = yes" when Winbind is running. + Fix corruptions of source path in tar mode of smbclient (bug #6161). + BUG 6082: Fix renaming and deleting of directories using Windows clients. + BUG 6154: Make ZFS honor admin users. + BUG 6155: Fix "force group". + BUG 6160: Fix saving of files on Samba share using MS Office 2007. + BUG 6161: Fix corruptions of source path in tar mode of smbclient. + Fix some NetBSD warnings. + Fix bug in processing of open modes in POSIX open. + Fix use of streams modules with CIFSFS client. + Ensure ACL modules work with POSIX paths. + Use fsp->posix_open in preference if we have it. + Fix more POSIX path lstat calls. + Fix a bug in message handling for the change notify code. + Fix guest authentication in setups with "security = share" and "guest ok = yes" when Winbind is running. + BUG 4640: Fix guest mounts in mount.cifs. + Fix displaying the version string properly when no other parameters passed in in mount.cifs. + Prefer gssapi header files from subdirectory. + BUG 6176: winbindd -n should disable the winbind idmap cache. + Add a vfs_preopen module to hide fs latencies. + Don't log NDR_PRINT_DEBUG at level 0, this always ends up in syslog. + Fix a valgrind error / segfault in dns_register_smbd(). + Fix build on SLES8. + Decremented by 1 for ntcancel requests. + Fix creation of core files. + Fix first mapping of uids/gids in Winbind. + Initialize the id_map status in idmap_ldap to avoid surprise. + Fix initialization of idmap status.- Only call '%find_lang pam_winbind' in the samba spec file, not samba-doc.- Ignore return value from subshell to fix build.build03 1298982291z01.34b-298.17.11.34b-298.17.1ldapsmbldapsmb.5.gz/usr/sbin//usr/share/man/man5/-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:11.4/standard/716ab01250931f88f509916d07037345-sambacpiolzma5x86_64-suse-linuxƲK(溤 M?] c~>E?zۨDu!E^ cY?H: ip.c~g^yWX}6PwvP)% ~'tvRR5ˆQ)PKtTonߋT&|}rK]eYtȢ#,(ёpA*f_ e>^19Dq*L̵҅4 H7 ޛ?:kcR@1&3}YY@F1jV*Nhb`q!܆ b#G.&/G@ ]3wlzR.*9V1LavZgFH)Ҋ, `_A~ Z {9A#}6* AB,6.{ :UJi7~/A K!)J1Z3 {lVDE;3H*U;d25&-9WYw4ăm2cu"R~Dv@ Īw3{헲!Er2=eGMbZBҞ!:k=L4BkEt3(_D-#IP 5&+mz3jA*WBG;8DϨt(;~G5PylYӱFF-H: oSmR_+L+=Sm Y&{pӰ?q2e,.׽wZEwd|KE"b Q` ::YsT3b6 \ L2V? %jzY8zO ww?cp="X(^k.Y?T g*yv)A{/"Vc gof NrMYhLطp{!3}c&5/I!+ bvÚL|+tCTBAE̪Uc ). ,  O2Eiʐ-jp.ie/yd)EBZ2m*ΤRDN<0[@4YBvwS%XMn]&="$X/\RLU\gv yo%~i[WW΢7$=K81 æˑ:Q>07Ș1W@>3z1xӒ6.cK`=rө,gK&yAa0zA_KuRCaeExN&` ͝S2gX8Q,75/Q":#vLrCM4Gt&J/ Nڱti`'V&%/fb?MW݈j+@8|T oHk1Vz zw?oN}@&P,|֖9%]9ʁjfγHJbGW2,aZ o,>ۖgsfm/2'l4T)څAL؜&2N70k̗WIH.%&v MSP)úq8=O!R6]NcvꆎPGRٔ))ʎGiG {G(Dy74̿nA8i<)ƕ(9k,_ ;>Ŧ;Z Z?ԓ\'1qAU)C ıXŰ\,z6{3wc"zS(hVs+Q>(g E3i/M5aˤP$P2RHYnfQ |zI5(m6g ɂfhk0s8sщ/828jmCt V>9"p#Oc*C ,iqORA ͻ2ڊ{b*0@f~[KJڂ{F0Q,yy`|}]MBS+vKl4EÿEX tL);Vh̓"Sc5D5R&ϭ rT}LɒX8ni|+*+S6jș ITYNg FGM- GϬu댿Qin,64RH-p%]zv^(,p>'NvEPj\^g~C[~I:= #ir\>SBvJ$E4D!&<"7plNϚϔj~;'H`.g1( vʵfsg7 !c 8 rd.(z+Nn:, xa[,r6 9RaNoQ|AUXDr?叜rEݭ7[w,܁OrA鑫tiZ'mHG [@94rna` }7x6\h _":[aޗ4R: h@ؗggt{HݻMY~8PaƲWr)ALߖ}I F{6ߩibP~D+F pq^vo~uT'Ueoؐb/D)2fhHˆƄ-;C 6myYNOIx% QA3He5'6qlfȵ@G휈)8KK-zH(.-d;INʈh;*q iaUu@iR . 5jA5E2N%["F6XZ.^ D`[%ǡ}snA(v-_bwr-T#1MH!P!bW3?oŴH!Z5 ;E諮sHwq1GB3 _%( /4┣F dXetn(y $eU<xZɒJP2-|uWXAc:uU)joӛU]|T;upcƙtB3,g_p+ Ǹug\/Lrٹ w@N8huT[BQd ٺ;'. ~A&WmmH1P+YVڀi^VLuSGo^0znR.NV9K Fp^ԘG9w݋LPNH RN\lz62b[mFPDmHLB0 ޾$:t5_⧥t(FYt{q<{ eEZ 9Gӛ%2 ;vغAwy}:W%r`a Mm@2q=.I2Mwt-@ Gʲ^®줌3o{Q#}^d}, j;qqoѥu~MCxoSjqSe&WPOC#f :P0R>@ }xIQcBtP8 Ų糋 NOSKrkFK )U)Z3۪d.};~wo p~:xTpҩ[X+ ƥ{t+K1JH w7ܛk7zC?k +4b %27=Rt{9R6[t!t[JNR `2ԆWН Wi޾CמȾ0['zoZ zFh庑x[Y4 f.k2F:#4zM'jWy3x,3bmDїx`>̬^(Azd SE Q{Na$WmՆVG'-1jqG(^̺' >L].PlM >'_RF_]ݤƓJn/t> n= ر$0\:YJB '=Ԫdaod5qi{Apq8QM:: ٙje[D^>..k+iFc'Sx Of@KiXi{`>J$2[(צI=0$4iȖ~fL{ ㊥|ȽMk vqǓ0 8?l`|q^z k2xKzF 4z f 9o˓&ParaCJ,}inrɦDe2ו +ڣ?H6VҲPU Y .m|חSH(ɆjHcU&Yq_QT7ІUPKC$tXkCe*e)@LEհf M!p۠3!?!>w~Z .}0#dx Ju-+sTߧR1gGo#֪Y!tdV%9\J~){ḅT\MrU6=}@+LWfC#sagr@,#ѬQW5+qePv.Mc6*nXe _MIӬ#W4 B!Zy h3amwCY٘ -%2z?:aDcޙС9O/kNzWIgSH.8GlH+P` y~5uLG: E](3Gb2E|6#A4egL(ZPq?=[$10U;ahqo.'o>_ ;/7h%t_nEC)5?#D|<ۉ>X㑷׬P-NGiQ|OtZd:Id҃Zk9b!7՝KzH_ЬPKA8P?wSgcbF:+8n#]=q7m;@d˕p < PDw z>qSB>lМYs LZE΋-:b77%tZñr%*i#\OO BkQ|:mC;5aG&ڿ;_;.3t*Z[ӛiiA@@Ʌ{bErbf,B ,UC|1AqmSXE旲35JL^iM:|.HT!"fb z=tN;[v[>R,M L`@udk|}p̍0Y0FPTl;6笤U=JBLqp^t"I;u@} b*bOyaՂľ]i` ^)aix^ri_cNL{D$'} Fwr#PU+ u`Jۆɾc"ϘjyLšf>frXK}WI(ʊ-@. ̀rQKzjeTWRTFT&1ct:fŠwf ZLh7ߊ-t` rwUni^u$dxiH%rV˪3{,>F. Y==bƊjtjbvcmpO P\xme{G~Z@9ԉMbffR1)%rRi[a\_IՊ7 vgz= :?5LK[dmΎSr-҃)8ޔ;Qe}@>Vh=oͶRr_R=zT`+ߡcG6oCSjAw( 'n֜PNunלޓ4#  +5 "0A-A#AϜv 0|&1 0s+4kNI`(㖞2#bئ|y a&3$ 8>HI8n@%m РA8؝Ց"/*"Mj24E@ɎT_鎥ZA"9 qdRaD_g⡁0]g˘VW*c' 0:\qa̿?B 3U(.g*M'NëhV\87jV=B! )/wxc "a}d8@Z]dhh/)# s I"q9 m[ݔyYWhņ0uPK{MUo.b_UFFj86iڰh<`QӆOVM<&$%m 1f kǎyB9#1gڊs#~|u8q׊ߖwH(ߐ;m z&['\IVJ.UiX<_|?Vv5L7AwJzEt:3׃/d:؎Ք߇EbvKV#ke|Kޛ2:@,O$ j-zfv>Jfp~4-CeZp=-`H[|'{%ǒZÀX9 Dʛhq]' Af>+MᥐPt Z%Y!ΰ{%dϏf_lf繫9[v)Dp_f:ʖrB` JN~j+ bA-JߠN~ uzKɪ&"s5CFC܏9ǐJH*zO[wmC˫ Xf6_o"{+vk1E"Re]ב0H>먆B")t=5! ,7gƼ)Uʠ藷NɪF#ٕ3"oO|a3zٌܴFp~Aj@8lS 0eg1Hs2N2:;Csx[7z<c@!)svttk7ٳ:8hĊZwՆ#lILCDuM-<*8 *]aLh&R"۟J __R0̛Tr%vrI*#'>v @YpYY"Jϖ<&Űjzwhm.+0-9E6ۃm'#,,9xyg[ P6|R9ZzuSHKunŨRօh JRq7,}͡Y5vD8mɚ}XvTK.TjyN9]%v턦=j `KDB45[P^kEC~_ム[c 7Y?2"tԉ(cПVTtF/^{`,[0eŊ \sL? &P'28SY0S͔Ѽ\ZDžcĄKn&/uOQcC|3z<,akKQqxcum@,)5_3aؑ4?YڏMg>1j1/;}'VnݖxY[ /69ʒccvvb1ײ>zrZmg'9ޛ?5#u pƑ J۳#=wiR12Dʋ+·%Q`n>QTF2Xȅ{˻ >k)_jPKv&oۚפ@RvHgoo & Ň.Ă fed/:f(4P7|>t@uQIf͑]4޾{0~g[24֝G'> ϳ |9ut)և'N >)aN*2oLJg}Tp74lye}!jdMC<Mu1x2nFo[5ml7(lyBKgj*$ɭ:&\dZĂga%>?E?p}>[K#AQxƞj%< &߈aCRpnԖUa$:Q&1vIHTD(>x A=uKFBkw{XF@p駧qT<%8!$^=Gt!CE bl6|Hق>[,*gHX|NQ=Hv#.kC&? ܼσݽ*\uwA yy)">dbg(p1`{+)(vG~bze93 +nB|vh6F6$:mGZ(ZYV挑.(Vټ1 ?J 0qX 8++#߈ox HeԪ6eGLDmZ2ǯ]fI ,Ui :?މ=G Y|8 iJsD\l FIeb}Gb')te,.1rF(fj+Xx.%AǹɤꈎRrV̽[ʗ1ܓR`FjbWwv`I.d+9f@c]Ѣ56kʥwn 8˒`h gx0{BL`-GXyͼҨ5`j &Hl䄔~=eYAD. F2 셨 Y9b8՝%$)ºvBZ۴& `KjNt>=y0zO/U4, xBEZA;iX$тMol;X“?P̪Aioj/:Rr6\He*@+BcXtEJh=`B~.Gz߲Տ"),t-Qm {F XSD- YkL. bzcipb_GPt6`4JX_Rr$^iC[ Qr S4 `Bm[ @5$`"u%$ $?eQQO/6h43xf/e qAGڻ71/RqZY\A K9-^pyP/P&`'ӫRSw 2g0o+ M_MQ=Grm}ibP׏},}uC;o d:-Ԏ aZ<z(|#g +~83TȍĆKQ V`{*^m1VA58$Uy||@uBM+$M&XX'j_Ty<-),KCJ < !]ĸ FA>!ڸv>Qz2F/ѹ *?hl}V엻cq. Ah RC1a¹9zHW֝ɘZ-S,dAc1ooƇQ_ÝMn!OʩmwÂSҀgmQ[n=V.Zڔ +%c9;f%L7B1a`S.@`JW"s^ Vp&C٬x4-B("b^[ T0eͦ. +\= -/|$i.jQ+{)4 zok溟$u7g%f,⇏٫fgqGc',[3AXiX +as=o-kfabS"|n%Տn]C 24ӻs#: :fx7lW);pE]6x›.#)Ja"]4WxGޤRk;Y,P:Şppc<E@ap}jݜOg6?79dve;$ "T&K2zn(csQ}nzؒj+Vv1<{ڙM(1F:yY5)1/N1Co Gn_{d>{!xVB˜p}yc+@ïz{-O5>c:RTs 8g#KFWVW󀮻BJSk*aF ]76&֤B$X9k4e'kX̫Ts:Z?AJ$W]{J,ƈGq? D Vļ0wxcc=Jpp01w&q`phumjܐK @tH 7-x+!ܘ!BCg ##бmc`t1NZؠҠ̉H_vF񀁬^֎A,f'ҹYIO0  d(S>b;749ԩ'QrF4Yq6ŠՈLҨx"5ޮ=uo3 4+<5C5 ~Cw" oϷk5:wuXpP<3 o= m#OL]QӾ@Y,QCPoZrm@T00Qshg O|E}e 8o>%3JJ:xr~xrW8c|+fQSgjD  $r<ȩqE9_o%cT[9Yyc/Dztt<ʢGڨ %)?mo{N&`ɲ0aWkP6"ƉuZʌ>z?84N-+BwZ S[Tu%` }U$'ɳ? 6וyhzCKA.$Q5l_M3,c!J^c*=py:P-4AAĤ-d'l)-ϲ(6OI/7Mc'D[CXĹ.DrKvց=tNKr#` FIޜF{$[Tނ {2  ̨?EQxE)1-].A.)..RF6/SzV(s:A![t&Ɏzawܕ}(K;駀HwbG!!LJj 8| 'hy^ ^XR ;pS[mz-9̌\t'=)7AwVFwZFL+Riܛ?Afj<ي#Ȩ^l#^ef=_L\(U,w,6F*$3+L2ָ$S$78uѝ<V+ R͉5M \}j0kX}q좛2n LioLrF'RF2xEre LBI!cBXRpnP_ @ltuih#ˀ!L`lI$7WfRȕ`~ s:6&I23ԧFFA8&. q./T6j1`Hb3@MZCnUV 0Pϣ(ZE4gg{ٱ#YGS ZqmLYeE!<G^ wbjMݲcn{k[f^bxFAht$39HMɒO0U/!Q&}3S\z"ĺXu=J߅ /k,_b xt,븀^ϸ.m="Q!SplޒpxNO-~ZgdfZ" ͗JҴ#Uern6Y 4EcQ4?d7a4Tux(oVC|P$Z[ F+-V%!p񨂵/e4M U V[}YP_Tt;їCe*ۮ5//9bL4wY e/q"ѥeF(γy{QgVȿ|;{SQ z햙;P yꓓْaghOὮh'(۠TWHY՝m-zG_JWT,IFi# KKA{- _~7HaHMA4+mY35ǍZrz%3`C"њܽ*%İ>+О3[`ykOyQ*{+@UPv۷|-iD||۩3ZW湧V;P Uşy+QYzSA˥"yPa@". 6o3.|[fI 7ACLᏔFҢ.4t*)كXs(A4K4ZN[syI;<,,^ȝz/7Q*Jz|-#8*QʤlD ukm\mςL4/кfU]5Û=qm$qnx1Vsr<T{68 0>\cOregHLk mhܭ_ᓀ#+݄j혥Hf:%)D hZ"hت(<nK2S@\8R_(s9ߟv=QEEHˏOgftϡ o:Q7DS1>>QEk\*%bP6]_,E}K7nnU0U=,oV`$pO\Ouv:ۓD6NZL,Cq-?r/&sy$dh8^5j8E1á!&k/SUXzx5V XH^)J͊ ,%$d͞R`i,Ъ}x* mZ[^lٴ{k7K.XLYRXG5}u2k&?y 4*\d %A,6G9:q=8>`(4[NZ(Rf =!6LOv4E(h֒ԧrOA0yCDKo*ҫ*P$QkZٛhpeOdz{AWrZ,3h!FG;i_E{|qۧjGu sp b$-4P Z 4@9@Ov %UWӚ@}n[ L%3.`Cڃ 4J~ի;o) K/ȸb+iBvHh4'[wdmSWy/A';kxQ&ʦx#POWpM8-N`i9@wwê:bU.fՍ7-e>w̢k(:mj9sbߦՈ!x]k^ڍ,N?'iQ5bR2slWƋ_˔;/*yU' 7MϜ]qkit2#wHrA{DmmZ>(zZ;G &oFEt H9.0@yp-bx[;E#,t7ƨk[ aGװ032)tnv W -V#XRqLƱk[]29Mg@YsKK tvU86G2b7{!-dW1o> \K Q(_]Ow/#fڜĨpZN_Q#zST;H6A>,J6j>LM -}YLI?g}>޽NoJC6h޻#MqIƕz~{bM>~!o1քMbd{Bet3jh_=%7ЉcP9{6 kOp|_TJe:iαh@ۻըТEʻr鰘1K_2)/ϸq@v @L7tc/o,w%Buor Krێ~*mtCe EO$[\@65JEZ1XȀT x'2M"n@P: ZAvzy*l' 厼Q"x|P Kj*TepǖY7Y$C%_ keo4Ef\EO2((m1tg|~/ #Gg`c@!!f(\9#xgqdtgx,Ȓ'%.1O5^ 4|ɄHqz_5FH)VV0Q,ȂqW*O9ҭL:JuE!Hc"{'x,c;e5=36:j-DaVRr*3Ն%ɍ8V.w8eϷU`s2A.BW|MGBoh-B[F)JZ(r.@2⬪L+XhDC?"ڹ=+O)U r)@,c}t_1L &"F2L{51_O07oJ>c*9MV3'IH[œq{53;QmcN U'0TpAXRId܇9'odHӍ`Rj/ٟm <#-Du`pԬΧ&T(ɜO{OqmI lp"/nS8bW ugbtmK .a܁)@0 Mx3Yn7 #/%;b-{Y7j(B 9y,^``Tl J ͵|iXemMS<^od}_K%Ë!`[2G%R=+Nr8,N5C}-+=@Ԥ/W&pi^mmn}&pWN-),=;w3ox%: tE l&ɑ)8a0ڸj'Ojo ;dhZ760sGP/@ ӋBgC<(RKWJz~WWiG^)a֕xO ㅯ0WMMsO#$ڮ(E[y/dyUEel+t^qS:Ԏ[@Hp*Vb:ػ^>% 2 T'FC SLÇ,UOʀE)-V@L#L\ޤn4իV+xrfD4@)qs( !'~wyPA-1M7ˆeé855PUMo6 ]B'dQ|c6NL*8i软g}3fM6}Ŵs,*,htH Rh/;LvM%/JTNwp)P£Ծo2Bp) "l =rW|Gp ⣡4' eB71rj=%&vǮk=?sV0w ?4ŸEM IGd>2ØAQɽE ͖]H)UlZU t>ڳYV$iR1|XfnlzrG?W .^hW /~GHg4xC(gOL1h p1%!F53VIb#od>AS;&%-Bp$,iTu.!ʹiQΛJ>$ed-2_6B5j䜛"q]UNyZ3;빑-˰YDc;Ѷ//{4 #RA5'&oyʞ"hXH;ۊ.9:СG w1`=yrAc =0FM 2'Bf'(3m!ŝhfõ7$2nHWe9P+$iޏ`aH$;WgWG\ȞM9|x=Bd%:)9Rm%[ {_.W!#癄Ԣk*} ,%۹3G tD> B?c|}Y:szrTK-I/sX;KiPU0&?M+jvF%3_|7 SSځ`x'uMZL<mSyv'KɑcH`¼7inƎ.]VE[o ڏ9[>{{tԆ;9`XMDYUސZWMgv{VLڻ>UTaM/)U.;ڇDIq'"D3<$T!nZhHOOLgܮYf$W?W;-bI CVJ1B2.X<XFDM Ԯ.cH%xI@M/ͯZkb!z]2l[PŀӲ6 G?t;"+n]8Qb.d-MRƬr ta\Xg-|ۧSbuK`2*3'{az$Z|yl;R/D9)ŒNSCC: ՉKGi AmnwB,漾g'6$Xg6`,zQBSfߒs|jNviv DN_> tD˝}y<: z3Ķ/ d3!%,7DQnTQBfHĦ/:wЗ>={s QL,vu94p2ݦ/Wݳ5k']vfj}4h{ ~28@ jU.>R| K;~Ԑ,"ox7i kBCkS0UP,B#2Ox4&^2SXi5x730_(}FjhH:H ^ cUZ*L Tu0ZͭoU/QؘKr O_]Yʜl3Ua? 1>%=[,.b_P[Th5 P?1:Ý~xbNѴ%vx{s6!l2-A՜E}R>jh`;]L6\닏QD N֍)a >C(!d3ݤɰZP[+4t[ ƀS7`oMm61 K ^/:?ja1r$=b]$.@z<c]c4EW`t;S>% $kxfVKd69&_MRBr_(t੡b枦%Pl}o38X1Na- `h'8/ ͩRWQ'}w,1n[=%BiLg4 {8JHS׹ucuwlnyqFq # Xn2\j[=˅1V v"dgHˣ1FԸ-iD#֮M@59J%YHKD=0bœ-R4Ip1;yD?T[^G*`Dp-Ej*fTXYoꎊ{y s҇ ,?>j|= 7cBpshзF8lzo5q 1_[qaw V$44-MEhA(n&t:S&'ԛ>9 9m}h"*WR e6EuW Z@;D:?_t# ?w̃P)_[W -95OGPr:<i+흟pЮT zh׻PnЄ{1'5}q^uaʨ/r|Ih4VďdB۟"'e^VA ZkXU`1tolz9 {&wuق(svFÕ~3rr wk >U `2jC2I¸],^/pm+u8Z @bЈr,2÷ʲţDw0-nq3ĊM* v'/LAAwj&ߩFg;-ԁv)7%-~|$h8gLՖ?>-ߘR M.㿗I/ASoqPoR& *y6t |֩T i"C"c/&k[-aCDL9C=snD@wP6A֕Veyͽ ~ᠴ%~(X r̥ ~7Iw}mR'Z_k۹Njޗ1TCdb/ͨ0#/9q1jr <|E$>!վȨ/K[S7A]'w_>s8E]=T &O&o<d?>K:胅XA IĄyhEU#M,Oj\/Yizs@ŒQ]|NcꝂP>"/.}[yZ7_xڡ5.tM\a­P.t亟r Y w6M@+֥ w?jTC):6Czd*0zp5@uՐ02X,vQA ]u : nYooff ,R-4C87?_Zy&_ }5j5Wt(>}K˹p}~Q:[k/'J!Xf&r\`Svtyz.L~3Às uRbq~i=hB9 D:<=`-V7%uuIZJmZo$mtaNMy/(ٲyu98pICߵ6bq^DkW)joY8WҮ܎yJEA Ivr]mNAIb_|(*cMK}u{4c}rq  <Ec7M:;m_G$% ,p)vfXcI|80P8OWPKzxH=˟;eExمIZ2aKE*1{ ݃DCm0(ceY&jF|^d4㑡 Ȉ 4jXŒ?*Q@Z'jr)ka3\0!gEs}& 6B6`.`]Bb=GbH& QqΙoכTr_1 Bq2{ʢ?m8z*fy^bJ?lI8aS/9̔UamtqSOK鸯2=X =APv