Release Notes CBS 5.8.16

Collax Business Server
18.02.2016

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

E-Mail: New Version Webmail Roundcube 1.1.4

With this Collax software update the new version 1.1.4 of Roundcube is going to be installed. Please find Roundcube details here:

Roundcube Changelog

Zarafa Groupware: New Version 7.2.1

With this Collax software update the new version 7.2.1 of Zarafa Groupware is going to be installed. With this release Zarafa has focussed on improving stability, usability, compatibility, security and higher performance. Zarafa could benefit from a general performance improvement with a mean of 22% measured in their environments. Please keep in mind, though, that with new search the backend storage for the search index has changed, so the index will be re-created but this is done live while your system is running. Additionally, the support for Outlook 2010 and 2013 Clients has been improved. Please find details here:

https://download.zarafa.com

Zarafa Groupware: WebApp 2.1.2

With this Collax software update the new version 2.1.2 of Zarafa WebApp is going to be installed. This version includes mainly improvements.

Misc: Backup of large MySQL Databases improved

Under certain circumstances, the backup of huge mySQL databases on remote backup targets could result in connection breakups. Especially large Zarafa databases are affacted. By default, the mySQL database is started with certain values for net_read_timeout and net_write_timeout. Within this release, the use of these values are improved.

Issues Fixed in this Version

Security: MySQL Database

In the source code of the MySQL database security holes has been discovered. These holes will be closed within this software update to version MySQL 5.5.47.

Security: Scripting Language PHP5 and PHP Libraries

In the source code of PHP5 security holes have been discovered. These holes will be closed within this software update to PHP 5.6.18. See PHP 5.6.18 Changelog

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2016-1903 CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838

Security: OpenSSL - Security Vulnerability

In the source code of the cryptography toolkit OpenSSL security holes have been discovered. These holes will be closed within this Collax software update to OpenSSL 0.9.8zh.

Security: Remote Login Program OpenSSH

In the source code of OpenSSH security holes have been discovered. These holes will be closed within this software update to OpenSSH 7.1p2

See OpenSSH Release 7.0