Release Notes CSG 5.5.12

Collax Security Gateway
21.03.2014

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

E-Mail: Email retrieval Utility Fetchmail - Notification of bad email-header

Fetchmail cannot fetch e-mails as it sees incorrect header lines. An error message is not beeing sent to the administrator. The notification is corrected with this update. The administrator can now contact the provider to check the account.

So far, notifications about authentication failures for external mailboxes have been sent to the user. The notification is corrected with this update. Notifications are beeing sent to the administrator.

Misc: Support for custom DynDNS-Provider

You can now add custom DynDNS-Provider.

Hardware: Kernel Support for more Intel Network Cards

This new kernel 2.6.32.61 enables further driver support for a large number of Intel network cards:

  • e1000e - 2.5.4
  • ixgbe - 3.18.7
  • igb - 5.0.6

Issues Fixed in this Version

Security: Email retrieval Utility Fetchmail

In the source code of the email retrieval utility Fetchmail security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2012-3482 CVE-2011-3389

Security: GnuTLS Library

In the source code of the GnuTLS library security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2014-1959 CVE-2014-0092

Security: Network Time Protocol Daemon Ntp

In the source code of the network time protocol daemon Ntp security holes have been discovered. These holes will be closed within this Collax software update.

GUI: Active Monitoring and stopped services

The “Active Monitoring” tool (Nagios) can be used to check local services. When you stopped a service, it was restarted automatically through Nagios. With this update, you’re able to stop services permanently within the web gui.

Backup/Restore: Wrong Status if CIFS Target Filled Up to 100%

If a backup was written to a CIFS share which file system was filled up to 100% the backup system still wrote the status OK even if the backup failed. This is fixed from this update of, the backup system reports the correct status in this case.