Release Notes CBS 5.5.4

Collax Business Server
05.11.2012

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Zarafa Groupware: Zarafa Collaboration Platform 7.1.1

With this update the version 7.1.1 of the Zarafa Collaboration Platform is released. The focus of the release in the primary support phase is on stability and security and compatibility with evolving 3rd party software clients and browsers. Please find more details here:

Changelog ZCP 7.1.1

System Management: Lock of Zarafa Brick Level and MySQL Backup

With this update a locking mechanism is implemented which prevents zarafa-backup and bacula backup of the zarafa database from being run simultaniously.

Misc: Avira Pattern Update via Collax Cloud

Update of patterns for the Avira virus scanner are going to downloaded from the server update.collax.com.

Hardware: Extended Support of UPS (USB) with blazer_usb and bcmxcp

This update installs the drivers blazer_usb und bcmxcp for UPS with USB-Connection. A list of supported devices can be found in the Collax HWCL or on the site www.networkupstools.org .

Misc: Core-File Directory

In particular cases it is mandatory to analyse system processes in detail. These core files are written in to the systems directory /var/tmp from this version on.

Issues Fixed in this Version

Security: Scripting Language PHP5 and PHP Libraries

In the source code of PHP5 security holes have been discovered. These holes will be closed within this software update to PHP 5.3.18.

Security: Internet Domain Name Server Bind

In the source code of the Internet Domain Name Server security holes have been discovered. These holes will be closed within this patch update for Bind version 9.6.

Web Proxy: Web-Proxy Rules do not work when User of Active Directory contains a Blank

If a Active Directory is used for central user management the web proxy authentication mechanism can be connected to that Active Directory. The filter rules of the web proxy did not work if the login credentials contained a blank.

Authentication: All Users from ActiveDirectory can authorize via PPTP

If access via PPTP link is set up with authentication on an ActiveDirectory all users from the ActiveDirectory could login via PPTP. This is fixed with this update. Thus only one group from ActiveDirectory can authorize to establish a PPTP connection.

Net: Edit existing Traffic Classes

If traffic classes were used for bandwith management, existing traffic classes could not be edited. This message was display via the web administration interface Form definition does not match result set (or schema):.

If multiple WAN links and port forwardings were used on one ore more links, the port forwarding didn’t work correctly sometimes. A kernel patch is supplied with this update to fix the set up metioned above.

If multiple WAN links and L2TP connection were used on one link with low priority the L2TP connection to the client was established using the wrong source address. A patch is supplied with this update to set up the correct route right after the IPsec SA has been established.

Security: StrongSwan Pluto IKE Daemon

In the source code of the StrongSwan Pluto IKE Daemon security holes have been discovered. These holes will be closed within this patch update for StrongSwan version 4.6.1.

Authentication: LDAP Server does not Start after Reboot

In this update many improvements will be implemented for the integration of Active Directories. These improvements deal with email addresses, active monitoring of the AD proxy and clean up of imported AD objects when leaving an AD.

Zarafa Groupware: Zarafa Resources do not show a Description within Permissions

If Zarafa Resources were defined the description unknown message was displayed within the permissions for groups. Granting group permissions for this ressource was complicated subsequently. With this update the description of Zarafa ressources contains Zarafa-Resource and the name of the resspource to fix this issue.

Collax E-Mail Archive: Search doesn’t work if Email Aliases contains Capital Letters

If the email alias of an user was set up with capital lettes manually, in particular cases not all archived email had been shown within an archive search. The analysis of the aliases will be case insensitive from this update on, so all archived emails will shown as result in that specific case.

High System Load by Kavsd on 64 Bit Systems

The service kavsd caused a high system load in particular cases while scanning files on 64 bit systems. This behaviour is fixed with this update.w

System Management: Nagios-Check Areca Raid Controller

With this update the monitoring of Areca raid controller is going to be improved.

Notes

Zarafa Groupware: Zarafa creates new Index

With this update the version 7.1.1 the search index of the Zarafa Collaboration Platform will be optimized. Depending on the size of the Zarafa search index the optimzation process will take a few minutes.