Release Notes V-Cube 7.5.2
Collax V-Cube
30.07.2024
Installation Notes
Update Instructions
Please read the release notes carefully before proceeding with the next steps.
Important information
Update note: Important information for Collax V-Cube 6.9.12 or earlier Please note the release notes Collax V-Cube 7.5.0 if the nodes have a version 6.9.12 or earlier and have not yet been updated.
Upgrade for Collax V-Cube+ and V-Bien will follow It is not yet possible to upgrade a cluster to version 7.5.2. The upgrade for Collax V-Cube+ and Collax V-Bien will follow.
Procedure
To install this update, please carry out the following steps:
- It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
- In the administration interface go to Menu → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
- Click Get Packages to download the update packages.
- Click Install. This installs the update. The end of this process is indicated by the message Done!.
- A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.
New in this version
Mail: Port 465 now uses SMTPS
Outgoing emails can be sent via a relay server. Providers usually offer ports 25 and 587 with the StartTLS procedure. Port 465, on the other hand, is used for sending via SMTPS. With this release, Collax servers now use SMTPS when using port 465. The “Test e-mail” button in the “Usage guidelines -> Administrator” form for receiving status e-mails has also been adjusted accordingly.
System Management: Network UPS Tools 2.8.2
This update installs the current release of the Network UPS Tools (NUT) in version nut-2.8.2.
Security: Security-related and general updates
Various software packages have been updated in this release. In addition to security-related updates, general maintenance and care updates were also carried out.
The updates and bug fixes affect the following packages
- Apache 2.4.59
- Openssl: Patches
- Ghostscript: Patches
- microcode: 20240312
- bind: 9.18.27
- curl: 8.6.0
- ImageMagick: 7.1.1-29
- gnutls: Patches
- openssh: Patches
- tar: Patches
- ncurses: Patches
- mariadb: 10.5.24
- heimdal: 7.8.0
Net: Routing of networks with 31-bit netmask
Ethernet PtP links can now route networks with a 31-bit netmask.
Backup: Sender domain for status messages
Previously, backup status messages were sent to the e-mail address entered here, whereby the sender was also identical. In future, a suitable sender domain will be searched for, similar to “cron” scripts, and “backup” from this domain will be used as the sender.
Problems fixed in this version
System management: Linux kernel 6.6.32 and SMB protocols
A bug in the last kernel led to increased resource consumption and a higher server load in certain installations, up to a complete standstill when backing up large files to SMB-based backup targets (classic NAS). Only backups that used the old SMB protocol SMB1 and SMB2 were affected. Servers with the newer SMB3, which has been supported since Windows 8 and Windows Server 2012, were not affected by this problem. We would like to take this opportunity to once again strongly advise against using SMB1, as this older protocol has known security vulnerabilities that may be associated with ransomware and other malware. We therefore strongly recommend that you check your backup targets (NAS) accordingly. SMB3 also supports AES-based encryption of data transfer and offers the possibility to combine multiple SMB actions into a single request.
The Linux Kernel 6.6.32 is installed with this update.
Network: RegreSSHion
Experts have discovered critical security vulnerabilities in the OpenSSH server and published them under the name “RegreSSHion”. This vulnerability, a race condition in the signal handler of sshd, allows Remote Code Execution (RCE) with root privileges. This software update installs the package ssh_9.3p2, which closes the vulnerabilities.