Kolab Server 2.1 Beta 4 released

Thomas Arendsen Hein thomas at intevation.de
Wed Jan 17 19:16:02 CET 2007


Hi!

I've just uploaded Kolab Server 2.1 Beta 4, which fixes more than
20 problems found in Beta 3 and includes the security updates published
until now.

Documentation and OpenPKG source packages will be available in the
directory server/beta/kolab-server-2.1-beta-4/ of the mirrors listed
on http://kolab.org/mirrors.html soon. Included is a gpg signed
MD5SUMS file to verify if your download is correct:

  $ gpg --verify MD5SUMS
  $ md5sum -c MD5SUMS

Please look at 1st.README and release-notes.txt for more information
about this release. The changes since server 2.1 beta 3 are listed
below for your convenience.

UPGRADING.20-21 contains instructions for upgrading from Kolab
server 2.0 to 2.1, but they need testing on more live systems.
Please report failed and successful upgrades to the mailing list.
(These instructions didn't change since 2.1 beta 3)

Regards,
Thomas Arendsen Hein


Changes since 2.1 beta 3:

    - clamav-0.88.7-20061211

        bypass virus detection (CVE-2006-6406),
        denial of service, remotely exploitable (CVE-2006-6481)
        (http://kolab.org/security/kolab-vendor-notice-14.txt)

    - kolabd-2.0.99-20070117

        Updated proftpd.conf template: LDAPHomedirOnDemand(Prefix) is
        now named LDAPGenerateHomedir(Prefix).

        Set imapidlepoll to 5 seconds in imapd.conf.template.in.

        kolab/issue1433 (Some files in /kolab/etc/postfix have wrong ownership)
        kolab/issue1484 (Warnings using openldap = 2.3.27-2.20061018_kolab)
        kolab/issue1487 (amavisd.conf mynetworks incomplete)
        kolab/issue1531 (amavisd.conf local_domains only contains primary domain)
        kolab/issue1532 (Set "duplicatesuppression: 0" in imapd.conf.template?)

    - kolab-horde-fbview-2.0.99-20070112

        Improvements to the week view (part of kolab/issue666)

        Removed dangerous php scripts (part of kolab/issue1507)

    - kolab-resource-handlers-2.0.99-20070117

        kolab/issue1490 (freebusy cache written to /kolab/kolab/...)
        kolab/issue1512 (No FB information for resource accounts)
        kolab/issue1558 (kolab-webadmin and php 5.2.0)

    - kolab-webadmin-2.0.99-20070117

        kolab/issue1013 (user passwords sha1 encoded without salt)
        kolab/issue1262 (Setting quota to 4096+ MB breaks message delivery)
        kolab/issue1418 (fields visible even when attribute_access is "hidden" in session_vars.php)
        kolab/issue1540 (Typo on kolab/admin/service page)
        kolab/issue1555 (Login screen shows error msg for no good reason)

    - openldap-2.3.29-2.20061110_kolab

        New upstream version, fixes CVE-2006-5779 (Bugtraq ID 20939)

    - perl-kolab-5.8.7-20070117

        Only print warning about missing configuration variable if relevant.

        kolab/issue1550 (Masquerade problem)

-- 
Email: thomas at intevation.de
http://intevation.de/~thomas/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/users/attachments/20070117/4c375826/attachment.sig>


More information about the users mailing list