Release Notes CPS 7.1.6
Collax Platform Server
06.08.2019
Installation Notes
Update Instructions
To install this update please follow the following steps:
Procedure
- It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
- In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
- Click Get Packages to download the update packages.
- Click Install. This installs the update. The end of this process is indicated by the message Done!.
- A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.
New in this Version
E-Mail: TLS version for outgoing e-mails selectable
Emails can be send via a secure TLS connection with remote mail servers which also support TLS. Now the SSL/TLS version for outgoing e-mails can be choosen.
Collax Web Security: Enable browser autoconfiguration for proxy (WPAD)
Activating this option activates the WPAD functionality, which enables automatic proxy detection by browsers and some operating systems. This dialog is located under “Web Proxy -> Web Proxy Server -> Options”.
Kopano Groupware: Kopano Core 8.7.5
With this Collax software update the new version 8.7.5 of Kopano Core is going to be installed. Please find details here:
Kopano Groupware: New version of Z-Push
With this Collax software update, Z-Push 2.5.0 is going to be installed. More information on:
Kopano Groupware: Synchronization of the global address book for the Kopano OL Extension
The Kopano OL Extension (KOE) serves as an enhancement to the already included ActiveSync support of Microsoft Outlook 2013 and 2016. For the synchronization of the entries from the global address book (GAB) it requires the regular timed execution of a z-push-gabsync script. This update automates the execution of the script.
File: Modern Web server index for directory shares
For the access to released documents via web service (http) a modern file inidex can be used from this release configured with preview. For this, the technology h5ai is used.
System Management: Overwrite MySQL configuration settings
This release gives you the ability to override MySQL configuration values. Depending on the application that works with the database, it may be useful to adjust the automatically determined configuration values. For Kopano installations, these values should only be changed in exceptional cases. Only in installations with a large number of users and unusual requirements can adjustments lead to better performance. Changes should only be made by experienced administrators or on the recommendation of support. The section is divided into three parts. The values for the MySQL server and the storage engines MyISAM and InnoDB can be configured. If a field remains empty, the default value is used. The names of the fields are linked and lead to the documentation of the respective value.
System Management: Linux Kernel 4.9.186
This update installs Linux kernel 4.9.186.
Add-on Software: New Version of Avira Antivir
The virus scanner Avira Antivir offers comprehensive antivirus protection for email services. Within this Collax system update the scanner is updated to the newest version 4.11.1.
Add-on Software: Update notification of the virus scanner pattern update
The update mechanism for the virus patterns of all installed and activated virus scanners can inform the administrator by e-mail about the update status. The previous statuses “Always” and “Never” will be extended by the status “On errors”.
Issues Fixed in this Version
Security: Important security relevant System Components
This update will also install/update the following important system components:
- freeradius 3.0.19
- libpng 1.6.37
CVE-2019-11234 / CVE-2019-11235 / CVE-2018-14048 / CVE-2018-14550 / CVE-2019-7317
Collax Web Security: Squid 4.8
The Webproxy Squid will be updated to version 4.8 with this update. It also corrects a bug that could cause web radio streams to crash with the error “assertion failed: stmem.cc:98:” lowestOffset “”.
Collax Web Security: Saving custom URL Lists
Custom lists offer the possibility to maintain one or several URL lists. These lists can be used in the Rules. The creation of custom lists with more than 7000 entries was acknowledged by an error. This behavior is corrected with this update, own lists can now easily contain over 10000 entries.
Kopano Groupware: Public folder with corrected address in e-mail domain
When using Kopano, it is possible to set up folders to which all users have shared access on the mail server. They can also be addressed by e-mail and also be chosen as the sender address for e-mails. Because of an error the folders have been created with the wrong e-mail address in the Kopano global address book. This is going to be fixed with this update.
VPN connection with revoked certificates
The VPN component charon has shown unexpected behavior and VPN connections with a certificate revoked by a CRL. With this update prevents VPN tunnels from being set up with revoked certificates. Existing VPN tunnels remain active until the next re-keying (default: 9 hours).
Certificates: Certificate Creation
Certificates can be added under “Usage Policy -> X.509 Certificates”. Due to an error, user-type certificates were generated incorrectly. The certificate purpose was in this case “SSL client: No” instead of “SSL client: Yes”. This is fixed with this update. Furthermore, under certain circumstances, certificates could not be generated in every key length. This is also fixed. This update also generates an error message if the entered CA password is wrong.
Notes
E-Mail: Avira AntiVir prior Version 7.1.6
From Avira, an automatic update of the core components of Avira has been carried out. In this context, a new dependency of the libraries has been added, the next time the virus scanner is not started can be resolved. The result is that the virus scanner does not work during a reboot or configuration change is restarted. For security reasons, emails will no longer be delivered. To solve the problem, please update your server to version 7.1.6. Note: As long as the virus scanner is not restarted, it works in its entirety.
Kopano Groupware: Database conversion after update 7.1.6
The Kopano database is automatically converted for update 7.1.6 after the server is restarted. This process can, depending on the database size, take between half and several hours. In the dashboard this background task is visible as a job. The Kopano service is not available at the time of conversion. Before the update, make a complete backup of the data. When the conversion is complete, the Kopano service is restarted. Subsequently, further optimizations and schema changes are made. In this time the services Kopano and MySQL may not be stopped.