Release Notes CPS 5.0.8
Collax Platform Server
15.12.2009
New in this Version
Backup/Restore: Logical Volume for Backup Target
Logical Volumes are now also work as backup targets to save important data on them. This offers two possibilities. First, a backup can be placed on a local logical volume which has a certain size and does not effect the system even it is filled. Second, the backup data can be saved on an external iSCSI target.
E-Mail: SMTP Relay Port adjustable
In this version when using a SMTP-Relay under “Settings->Mail and Messaging->Mail->SMTP outbound” or “Domains” a port for the SMTP-Host can be specified. The adjustment of another SMTP relay port may be needed if the relay-server of your E-mail provider does not accept E-mails on standard port 25.
Collax Communication: Notification of incoming Facsimiles
Incoming facsimile can now be relayed to an arbitrary receipient additional to relay to user, to store facsimiles within folders or home directories. Also it is possible to send an e-mail notification in different languages if a facsimile comes in or an error occurs.
Collax Net Security: Extended link type DHCP (cable modem)
From this update on it is possible to create a network link based on DHCP with routing into internet. This is i.e. used for cable modem connections.
Collax Net Security: Citrix ICA client for SSL VPN application
SSL-VPN offers a secure and authenticated connection to internal network resources. From this update on the Citrix(ICA)-Client can be used as SSL VPN application to connect to Citrix server or terminal server.
Collax Net Security: Additional SSL VPN Options for RDP Connections
From this version on additional option can be used when configuring RDP connection via SSL-VPN. These options enable to choose i.e wether compression, themes, wallpapers, serial devices, printer or disk drives are used within the RDP connection.
Collax Net Security: Multi Level Firewall
With the Multi Level Firewall it is possible to include Users, Operating Systems and Applications to the Firewall rules. Therefore specific Applications like e.g. Skype can be forbidden.
The Multi Level Firewall can be set up under “Settings->Network->Multi Level Firewall”. To use the Multi Level Firewall the Collax Multi Level Firwall Client has to be downloaded from the “Installation packages” tab. Finally the client must be installed on the machines the Multi Level Firewall schould take effect.
System Management: Importable Groups
Groups which are usable over the ActiveDirectory-Proxy can now be added to the local groups under “Settings->Usage Policy->Policies->Importable Groups”
In this list all groups and their import state are displayed which are usable over the ActiveDirectory-Proxy. Imported ActiveDirectory-Proxy groups can be used as usual groups.
Misc: Zarafa 6.30.5 ISV application available
With this Collax software update the new version 6.30.5 of Zarafa Groupware is available. Some new functions are
Please find the complete list of changes here . The upgrade of an existing installation of Zarafa 6.20 can be executed if wanted via the Collax administration GUI in the menu “Settings -> Mail and Messaging -> Zarafa Groupware -> Configuration”. Please note: A valid license is needed or needs to be converted to use all the functions of Zarafa Groupware 6.30 after the upgrade.
Hardware: Support of GUID Partition Tables
From this update on GUID partition tables (GPT) for new installtions of Collax servers are supported. This extends the possible size of a server hard disk over 2 TB. The maximum size of an allocated harddisk may be 8192 Exabytes.
Issues Fixed in this Version
Security: Directory Service OpenLDAP
In the source code of the directory service OpenLDAP security holes have been discovered. These holes will be closed within this Collax software update to version OpenLDAP 2.4.19.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
Security: Linux Kernel
In the source code of the Linux Kernel security holes have been discovered which will be closed within this update. Furthermore newer versions of the e1000e- and igb-driver for intel networkcards will be installed.
Security: Unix printing system CUPS
In the source code of the unix printing system CUPS security holes have been discovered. These holes will be closed within this Collax software patches for version cups 1.3.11.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
Security: IMAP Service Cyrus
In the source code of the unix printing system CUPS security holes have been discovered. These holes will be closed within this Collax software patches for version cyrus 2.3.13.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
Security: Fetchmail Service
In the source code of the unix printing system CUPS security holes have been discovered. These holes will be closed within this Collax software patches for version fetchmail 6.3.11.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
Security: Samba, Windows SMB/CIFS Server for UNIX
In the source code of the Windows SMB/CIFS fileserver Samba security holes have been discovered. These holes will be closed within this Samba software patch for version 3.0.34.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
CVE-2009-2813 CVE-2009-2906 CVE-2009-2948
Security: File Download via SSL and Internet Explorer
If downloading files from the Collax server via HTTPS on Collax Webaccess with Internet Explorer the message
could be displayed. With this Collax update the option unsetCacheControl can be set for the according file share. If the Internet Explorer is provided with the Hotfix , files can be downloaded correctly afterwards.
Security: MySQL Administration phpmyadmin
In the source code of the MySQL administration phpmyadmin security holes have been discovered. These holes will be closed within this Collax patch update of version phpmyadmin 2.11.9.5.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
Collax Net Security: Anonymize HTTP Header and Authentication
If the web proxy option Anonymize HTTP header was set to Paranoid the web proxy authentication didn’t work correctly. With this update some settings for Anonymize HTTP header Paranoid have been improved so the web proxy authentication is going to work.
Collax Mail Security: Fetchmail Service
In the source code of the unix printing system CUPS security holes have been discovered. These holes will be closed within this Collax software patches for version fetchmail 6.3.11.
Assigned Common Vulnerabilities and Exposures (CVE) numbers:
File: File Download via SSL and Internet Explorer
If downloading files from the Collax server via HTTPS on Collax Webaccess with Internet Explorer the message
could be displayed. With this Collax update the option unsetCacheControl can be set for the according file share. If the Internet Explorer is provided with the Hotfix , files can be downloaded correctly afterwards.
System Management: Monitoring of a URL
The active monitoring enables the check of certain URLs of other servers. If characters like = & ? are used within the URL string the monitoring service displayed an error message concerting the service description:
With this update the illegal characters will be deleted from the service description. So the service check can be executed correctly and the URL is going to be monitored.
Hardware: HP/Compaq Smart Array Controllers
The entry in the Bootloader to boot HP/Compaq Smart Array controller devices, had been put falsely to /dev/sda in version 5.0.6. With this update to version 5.0.8 the correct device /dev/cciss/c0d0p3 is selected, if a HP/Compaq Smart Array controller is used.
Notes
Collax Advanced Networking: Multiple Links into one Target Network (Multi Wan)
With this update all functions of the modul will be installed and can be used on the server. In the list of additional modules in the “License and modules” formular the module will be shown as not installed. To solve this you have to run the Install action.
Add-on Software: New Licensing of Avira Antivir
The Anti Virus product Avira Antivir will now be identically licensed like all Collax Modules. With this method a higher handling comfort is reached.
Add-on Software: Download Progress Bar when using Avira Antivir Web-Virus-Filter
The anti virus product Avira Antivir displayed a special progress bar while scanning downloaded files. With the new anti virus technology within this update this progress bar becomes superfluous. From this update the progress bar of Avira Antivir is going to be removed.