2 minute read.Last Modified 2021-03-19 08:31 EDT
December 26, 2018
This patch release to FreeNAS 11.1-U6 primarily addresses a critical security vulnerability in Netatalk (CVE-2018-1160). While Netatalk is included in FreeNAS, this particular vulnerability only impacts those who have the AFP service enabled.
This patch release includes fixes from TrueNAS 11.1-U6.1 and 11.1-U6.2 that address several FreeBSD and Samba vulnerabilities. It also includes several SMART fixes.
FreeNAS 11.1-x users are encouraged to update to U6.3 using the instructions in the Guide. FreeNAS users who are running versions prior to FreeNAS 11.1-U6 are still vulnerable and should make a plan to update. Always backup your system configuration and verify the integrity of your backups before updating.
- 34687 Bug Add timeout for LDAP status calls
- 39982 Bug Optimize detection of best host in freenasldap.py for large environments
- 42257 Bug Keep AD in configured state even if service start fails
- 42635 Bug Fix calculating total file size when resuming download of updates
- 43168 Bug Fix SMART debug
- 43712 Bug Drop server minimum protocol to SMB2_02
- 44240 Bug Fix removal of SMART alerts
- 44581 Bug Fix bug that prevented deletion of Volume/Pool comments
- 44625 Bug Fix a Samba panic if fruit_access_check detects a locking conflict
- 46821 Bug Disable loop debug
- 48721 Bug Apply recent FreeBSD security patches
- 50929 Bug Increase maximum upload size for update file
- 50973 Bug Remove unused ports from installation and upgrade files
- 59958 Bug Fix multiple Samba CVEs
- 64602 Bug Address Netatalk CVE-2018-1160
Tickets can be viewed at the iXsystems & FreeNAS Redmine page.