Release Notes CSG 5.8.8

Collax Security Gateway
25.03.2015

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Security: Amavis ‘Mail Body Size Limit’

AMaViS (A Mail Virus Scanner) is a high-performance and reliable interface between the mailer (MTA) and one or more content checkers: virus scanners, spam filter. Mails with large attachement that have been checked by the spam filter Spamassassin needed huge amounts of memory to check the mail body, also the time to scan such a mail rised nonlinearly. Within this release the method sa_mail_body_size_limit has been improved.

System Management: Active monitoring of removed hardware

The server performs a system check of the components when beeing booted. If a formerly used ethernet- or isdn-device is going to be removed, a notification will be sent.

Issues Fixed in this Version

Security: OpenSSL - Security Vulnerability

In the source code of the cryptography toolkit OpenSSL security holes have been discovered. These holes will be closed within this Collax software update to OpenSSL 1.0.2a.

Security: Internet Domain Name Server Bind

In the source code of the internet domain name server BIND security holes have been discovered. These holes will be closed within this Collax software update to bind 9.9.7

Assigned Common Vulnerabilities and Exposures (CVE) numbers: CVE-2015-1349 CVE-2014-8500