Release Notes CGS 7.1.16

Collax Groupware Suite
16.07.2020

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Kopano Groupware: Kopano Core 8.7.14

With this Collax software update the new version 8.7.14 of Kopano Core is going to be installed. Please find details here:

Kopano Core 8.7.14 Release

System Management: Linux Kernel 4.9.230

This update installs Linux kernel 4.9.230.

System Management: Monitoring consistency check on Broadcom Controllers

Nagios' active monitoring of RAID controllers from Broadcom (Avago / LSI) will be adapted with this release. The consistency check activated in the RAID controller is no longer displayed as a warning by Nagios.

Issues Fixed in this Version

Collax E-Mail Archive: Unsubscribe from media e-mail archive

Archive volumes burned on ROM media can be used for archive search via a Windows share for the Collax email archive Due to an error, media that are no longer available continue to appear in the list of media and were not unsubscribed. This behaviour is corrected with this update.

Security: Intel SRBDS Special Register Buffer Data Sampling

Intel has discovered further critical security vulnerabilities on numerous CPUs. These can be protected by adapting the operating system and updating the microcode. With this update the kernel-side protection mechanisms and the new microcode are introduced.

The new microcode is updated to microcode-20200616. The new Linux kernel is updated to version 4.9.230.

Security: Important security relevant System Components

This update will also install/update the following important system components:

  • GnuTLS 3.6.6
  • slapd Patch: “Fixed slapd to limit depth of nested filters”
  • Squid 4.9.12
  • Apache 2.4.43
  • PHP 7.2.31

CVE-2018-16868 CVE-2020-12243 CVE-2020-12243 CVE-2019-12521 CVE-2019-12528 CVE-2020-8517 CVE-2020-11945 CVE-2020-14059 CVE-2020-1934 CVE-2020-1927 CVE-2019-11048 CVE-2020-7066 CVE-2020-7064 CVE-2020-7062

System Management: Monitoring BBU state on Broadcom Controllers

Nagios' active monitoring of RAID controllers from Broadcom (Avago / LSI) will be adapted with this release. Due to a behavior change, the code had to be adjusted to give a degraded BBU the status CRITICAL.

Notes

Kopano Groupware: Database conversion after update 7.1.6

The Kopano database is automatically converted for update 7.1.6 after the server is restarted. This process can, depending on the database size, take between half and several hours. In the dashboard this background task is visible as a job. The Kopano service is not available at the time of conversion. Before the update, make a complete backup of the data. When the conversion is complete, the Kopano service is restarted. Subsequently, further optimizations and schema changes are made. In this time the services Kopano and MySQL may not be stopped.

E-Mail: Avira AntiVir prior Version 7.1.6

From Avira, an automatic update of the core components of Avira has been carried out. In this context, a new dependency of the libraries has been added, the next time the virus scanner is not started can be resolved. The result is that the virus scanner does not work during a reboot or configuration change is restarted. For security reasons, emails will no longer be delivered. To solve the problem, please update your server to version 7.1.6. Note: As long as the virus scanner is not restarted, it works in its entirety.

E-Mail: Changed ruleset format of Spam Filter SpamAssassin

Please note: On March 1st, the SpamAssassin project will change the format of the ruleset updates. From this date on, only systems that have installed Update 7.1.10 will receive updates.