Release Notes CSG 5.0.4

Collax Security Gateway
09.07.2008

Installation Notes

Upgrade from Version less than 4.1.26

To accomplish the upgrade to version Collax Business Server 5.0.2 the prior version 4.1.26 needs to be installed. To install the version 4.1.26 please follow the steps “Get Package List”, “Get Packages” and “Install”.

Please follow the steps “Accomplish Upgrade to Collax Business Server Version 5.0.2” if the version 4.1.26 is installed. Please read the release notes to the appropriate version.

Issues Fixed in this Version

Security: Cryptography Toolkit OpenSSL

In the source code of the cryptography toolkit OpenSSL 0.9.8k security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1387

Security: Grafic Tool ImageMagick

In the source code of the grafic tool ImageMagick security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1882

Security: Library for Layout and Rendering of Text Pango

In the source code of the library pango security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1194

System Management: System Information of HP/Compaq SmartArray HDD

The system information for hard disks connected to HP/Compaq SmartArray controller in version 5.0.2 was incorrect. The message “Error, no graph specified” was displayed. This error is fixed with the version 5.0.4, the values for input/output of the hard disks are graphically indicated.

Hardware: Boot Setup for HP/Compaq Smart Array Controllers

The entry in the Bootloader to boot HP/Compaq Smart Array controller devices, had been put falsely to /dev/sda in version 5.0.2. With this update to version 5.0.4 the correct device /dev/cciss/c0d0p3 is selected, if a HP/Compaq Smart Array controller is used.

Notes

Collax SSL-VPN: Behaviour change of objects

With the new version of SSL-VPN the network permissions of all objects will be checked. Thus, the corresponding networks should be added to the group permissions. The port or interface for the SSL-VPN service does not have to be configured with this version.