Release Notes CGS 5.8.18

Collax Groupware Suite
15.03.2016

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Hardware: Driver Update for Intel network cards

This update contains a new kernel with a driver update igb 5.3.3.5 for Intel network cards.

Issues Fixed in this Version

Security: OpenSSL - DROWN-Attack

In the source code of the cryptography toolkit OpenSSL security holes have been discovered. These holes will be closed within this Collax software update. See here . Also SSLv2 is beeing deativated.

Security: Scripting Language PHP5 and PHP Libraries

In the source code of PHP5 security holes have been discovered. These holes will be closed within this software update to PHP 5.6.19. See PHP 5.6.19 Changelog

Security: Internet Domain Name Server Bind

In the source code of the Internet Domain Name Server security holes have been discovered. These holes will be closed within this software update to Bind version 9.9.8-P3

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2015-8704 CVE-2015-3193 CVE-2015-8000 CVE-2015-8461 CVE-2015-5722 CVE-2015-5986