Issues Fixed in this Version

Security: Samba, Windows SMB/CIFS Server for UNIX

In the source code of the Windows SMB/CIFS fileserver Samba security holes have been discovered. These holes will be closed within this Samba software patch for version 3.0.37.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2010-2063

Security: GNU data type library glib2

In the source code of glib2 security holes have been discovered. These holes will be closed within this Collax software update.

A patch for glib2 2.18.2 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-3289

Security: Graphics Librarie Libpng3

In the source code of the graphics library Libpng3 security holes have been discovered. These holes will be closed within this Collax software update to version libpng3 1.2.44.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2010-0205 CVE-2010-1205

Security: Graphics Libraries Libtiff

In the source code of the graphics library Libtiff security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2010-1411

Security: Python Language Interpreter and Runtime

In the source code of the Python language interpreter and runtime security holes have been discovered. These holes will be closed within this Collax software update to version 2.6.5.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2010-1449 CVE-2010-1450 CVE-2010-1634

Notes

Collax SSL-VPN: Behaviour change of objects

With the new version of SSL-VPN the network permissions of all objects will be checked. Thus, the corresponding networks should be added to the group permissions. The port or interface for the SSL-VPN service does not have to be configured with this version.