### START 913bde210e8736026e696cffc47591e5 Security Fixes: o FreeBSD libarchive SA https://security.freebsd.org/advisories/FreeBSD-SA-16:22.libarchive.asc o FreeBSD libarchive SA https://security.freebsd.org/advisories/FreeBSD-SA-16:23.libarchive.asc o FreeBSD ntp SA https://security.freebsd.org/advisories/FreeBSD-SA-16:24.ntp.asc Enhancements: o FreeBSD 10 under the hood, bringing with it hundreds of performance and stability improvements. o Autotuning values refresh. Autotuner enabled by default on new installs. These changes provide for stability and performance improvements in environments with 10Gbe or faster networking configurations. o Hardware faults result in automatic ticket creation in the iXsystems support portal if TrueNAS has access to the internet. Critical Fixes: o Several bugs in encrypted HA addressed. o Fix several bugs in the behavior of an HA pair when failover is administratively disabled and one or both heads are cold started. o Fixed LDAP bind issues using SSL /TLS. Non-Critical Fixes: o HA status reporting distinguishes between administratively disabled and unavailable due to non-administrative circumstances. o Fixed handling of disk descriptions in HA nodes where the two nodes may not agree on device handles. o Don't warn that an action will cause a failover of an HA pair if failover is admistratively disabled. o Added an alert to let user know if Active Directory bind was unsuccessful. ### END 913bde210e8736026e696cffc47591e5 ### START 9a0531c3d5db2a87c0eaafc356ec0a15 Security Fixes: o Address possible MITM attacks that can downgrade SMB connections. https://www.samba.org/samba/security/CVE-2016-2119.html Enhancements: o Improve HA failover speed when the mailserver TrueNAS is configured to send alerts to is down. Critical Fixes: o Fix an issue where extending a volume would restart SMB services. o Fix an issue where deleting an IP that NFS was bound to would cause NFS not to start. o Fix an issue that could cause a member of an HA pair to boot with an incomplete configuration. Non-Critical Fixes: o Fix a bug that made it impossible to disable AD/LDAP if the AD/LDAP server was unreachable. o Don't allow a user to shut off CIFS when AD integration is enabled. The CIFS service is an integral part of the AD integration. ### END 9a0531c3d5db2a87c0eaafc356ec0a15 ### START 937c1bc7a724dd2a0ebd259f015e595a Security Fixes: o Fix multiple OpenSSL vulnerabilities. https://www.freebsd.org/security/advisories/FreeBSD-SA-16:26.openssl.asc Enhancements: o Remove auto LUN numbering from the block configuration. This could cause issues when an auto numbered LUN was deleted by renumbering the remaining LUNs. o Warn when deleting LUNs that are in use. o Update the serial port choices for serial console on the Z-series hardware to list the correct serial port(s) o Warn about a potential service interruption when moving the system dataset. Critical Fixes: o Fix a bug that could cause an HA failover to not occur when networking fails to the active node of an HA pair. o Fix a kernel panic that could occur when adding vlan or lagg interfaces. o Fix some replication issues when the source or target is a top level dataset. Non-Critical Fixes: o Fix the GUI display of datasets with more than three levels of nesting. o Fix a bug preventing SNMP from exporting zilstat values. o Fix a bug that prevented alerts from being generated when the support license is expired. o Suppress the STANDBY node of an HA pair from sending "Assuming "Backup" emails when there's network glitches. o Cut down on the verbosity of some overly chatty logging. ### END 937c1bc7a724dd2a0ebd259f015e595a ### START 5dcc439d1d497d22b38f7b15696b20cb Critical Fixes: o Fix a bug that could prevent HA from working properly in TrueNAS 9.10.1-U2 with certain encrypted pool configurations. o Fix a bug that could render the updater in TrueNAS 9.10.1-U2 inoperative. Please contact http://support.ixsystems.com for assistance updating if you are affected by this bug. ### END 5dcc439d1d497d22b38f7b15696b20cb ### START d6691d5ec6ddb8bf5541621e433edbce Security Fixes: o FreeBSD Security Advisory FreeBSD-SA-17:01.openssh https://www.freebsd.org/security/advisories/FreeBSD-SA-17:01.openssh.asc Enhancements: o Samba was updated to samba version 4.4.5. o Users can now download TrueNAS guide in PDF format. o AFP Share Auxiliary Parameters to have finer grained control over AFP share. o Manual update file have been brought back to assist IXsystems support staff to perform system updates on remote location. o Cloud Sync allows you to backup using Amazon S3 bucket. o Allow a secondary email address to be attached to automatic proactive support tickets. Critical Fixes: o Fixed a bug where clients using readdirplus on data sets exceeding billion files gets broken nfs file handles. o Samba tools were fixed in this release. o Fix a bug where any changes made to the network restarts network stack. o Fix some failing replication issue when you have large amount of data. o Fix anonymous ldap binding issues. o Fix periodic snapshot issues. Non-Critical Fixes: o Fix the snapshot bug where CIFS/SMB share will not show periodic snapshot task if there is space in snapshot task name. o Fix a bug where CLI for setting up networking was broken in HA mode. o Fix a bug that prevented alerts from being generated when the support license is expired. o Fixed a bug with Vmware snapshots were not working with periodic snapshots when dealing with recursive datasets. ### END d6691d5ec6ddb8bf5541621e433edbce ### START e39905edcd9b7e54bcaa3944b3bbfb05 Enhancements: o A new Proactive Support feature that allows iXsystems support staff to identify and resolve customers issues before they become problems. This enhanced service is available only to Gold and Silver support customers. o Added secondary contact to proactive support. o Updated TrueNAS vCenter Plugin to 2.0.0 allowing TrueNAS storage related operations from vCenter. Critical Fixes: o Fixed an issue where HA systems did not failover when critical network interface became unavailable. o Fix race condition in the boot process which could cause the node to drop into single user mode. Non-Critical Fixes: o Fixed an issue where when VMware-Snapshot failed due to invalid credentials and no errors were generated. o Fixed an issue where TrueNAS will, after a failover, reboot twice to difference in memory size between the two nodes. ### END e39905edcd9b7e54bcaa3944b3bbfb05 ### START 6d4b4ae1e044be3baeef1475fc150307 Critical Fixes: o Fixes slow listing of extremely large number of files/folders over SMB. ### END 6d4b4ae1e044be3baeef1475fc150307 ### START b0e0cdc2c259023f0ce3dad8c34fad96 Critical Fixes: o Fixes slow listing of extremely large number of files/folders over CIFS/SMB. o Move RRD files back to tmpfs from system dataset, this change reduces number of writes. ### END b0e0cdc2c259023f0ce3dad8c34fad96 ### START 4f761690a819ddd0c775e2df36938c7f Security Fixes: o Samba updated to 4.5.10 to address CVE-2017-7494 please read https://www.samba.org/samba/security/CVE-2017-7494.html for more details. ### END 4f761690a819ddd0c775e2df36938c7f ### START 0e8bf93de01c7554713d7309852e470d o Critical: Fixed segfault issue with samba protocol, please refer to https://bugzilla.samba.org/show_bug.cgi?id=12798 for more details. Patched CVE201610012, this bringing in OpenSSH server up to 7.4p1 release.o Critical: ### END 0e8bf93de01c7554713d7309852e470d