Release Notes CPS 5.0.2

Collax Platform Server
29.06.2009

Installation Notes

Accomplish Upgrade to Version 5.0.2

To install this update please follow these steps:

  • Please do a backup of all server data.
  • Go to System -> System Operation -> Software -> System Update and click Upgrade-Information. Please read the information carefully. For further questions please contact Collax GmbH before accomplishing the upgrade.
  • Click Start upgrade. The successful update of the package list is indicated by the detail message Please continue with downloading package list. and the final message Done!.
  • For updating the packet list click Get Package List. The successful update of the package list is indicated by the message Done!.
  • Click Get Packages for downloading the listed update packages. Important: If you download the packages over a slow connection (ISDN, analog, etc.), the browser may drop the connection to the administration interface. However, the download will continue in the background. Continue with the next step. If you get an error message, wait a few minutes and try again.
  • Click Install. This action installs the update. The end of this process is indicated by the message Done!.
  • Please Note that a reboot automated will be executed to engage the new kernel.

Installation Notes

Upgrade from Version less than 4.1.26

To accomplish the upgrade to version Collax Business Server 5.0.2 the prior version 4.1.26 needs to be installed. To install the version 4.1.26 please follow the steps “Get Package List”, “Get Packages” and “Install”.

Please follow the steps “Accomplish Upgrade to Collax Business Server Version 5.0.2” if the version 4.1.26 is installed. Please read the release notes to the appropriate version.

Check File System

Before upgrading the server a check of the file system should be carried out. The file system check is available in the boot menu of the server. To lead the check by, a display and a keyboard must be connected to the server and afterwards a restart needs to be executed. After loading the BIOS the file system check can be selected in the boot menu. As a result the file system is checked and suitable state messages are displayed. If the file system is in order the server starts and the upgrade can be carried out. Technical questions to the file system check can be placed to your certificated Collax partner or to the support team by Collax.

Duration of Upgrade

Depending on your existing server installation up to 320 software components will be downloaded and replaced. So the total duration of the upgrade process will take between 45 minutes and 180 minutes.

New in this Version

Misc: Add-on Modul Collax Net Security available

Ab diesem Software-Update kann das Modul im Menü “System->Systembetrieb->Software->Lizenzen und Module” mit einer zusätzlichen Lizenz aktiviert werden, anschließend kann das Modul installiert werden.

The module Collax Net Security unites all important security and network functionalities, those of a gateway can be expected. With this module new functions like Multi-WAN-Access, L2TP-VPN, SSL-VPN, VPN Wizard, Intrusion Detection and Intrusion Prevention (IDS/IPS) are available for the Collax Business Server within this add-on.

From this software update the module can be activated in the menu “System -> System Operation -> Software -> Licences and Modules” with an additional licence, afterwards the add-on can be installed.

Misc: Add-on Modul Collax Mail Security available

Ab diesem Software-Update kann das Modul im Menü “System->Systembetrieb->Software->Lizenzen und Module” mit einer zusätzlichen Lizenz aktiviert werden, anschließend kann das Modul installiert werden.

The module Collax Mail Security protects workstations and servers against all dangers which e-mail traffic can include. This module has available the Spam filter steps Greylisting, tar pit emulation and a reputation filter (Razor check) as well as the virus scanner ClamAV as add-ins for the Collax Business Server.

From this software update the module can be activated in the menu “System -> System Operation -> Software -> Licences and Modules” with an additional licence, afterwards the module can be installed.

Add-on Software: New Version of Collax Virus Protection

The virus scanner Collax Virus Protection offers comprehensive antivirus protection for email services. Within this Collax system update the scanner is updated to the newest version.

The options for “Email disinfection”, “Damaged Email” and “Alerts” are omitted from this update on. Emails can additionally be copied to quarantine (mail queue for hold mails) if they had been cleaned or before they shall be deleted.

Attention: Please start a manual pattern update by clicking the button “Get Updates” at the bottom of the form in Settings -> Filter -> Collax Virus Protection, Tab Mail. This update is necessary to start the services successfully.

Hardware: iSCSI Initiator

iSCSI makes the use of the SCSI protocol on a TCP/IP network possible. From this version the function of the controller, the iSCSI initiator, is implemented in the Collax server. With the iSCSI initiator storage devices in the network (iSCSI Targets) are integrated transparent as local storage devices. To the functions of the iSCSI initiator counts the target discovery, to integrate storage devices fast on the network, as well as the possibility of the authentication to establish a reliable connection to the iSCSI-Target.

Hardware: Driver for 10GB Network Interface Cards

The driver for 10gigabit network interface cards will be implemented within kernel version 2.6.25.20. These driver support the following NICs: Chelsio 10Gb Ethernet, Chelsio Communications T3 10Gb Ethernet, Intel® 10GbE PCI Express, Intel® PRO/10GbE PCI-X, S2IO 10Gbe XFrame NIC, NetXen Multi port (110) Gigabit, Sun Neptune 10Gbit, Tehuti Networks 10G, Broadcom NetXtremeII 10Gb.

Issues Fixed in this Version

Security: Cryptography Toolkit OpenSSL

In the source code of the cryptography toolkit OpenSSL 0.9.8k security holes have been discovered. These holes will be closed within this Collax software update.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-0590 CVE-2009-0591 CVE-2009-0789

Security: GNU TLS and SSL implementation

In the source code of GnuTLS security holes have been discovered. These holes will be closed within this Collax software update.

GnuTlS 2.6.6 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2008-4089 CVE-2009-1415 CVE-2009-1416 CVE-2009-1417

Security: Udev, Dynamic Device Management

In the source code of GnuTLS security holes have been discovered. These holes will be closed within this Collax software update.

A patch for udev 126 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1185

Security: VPN IKE Daemon Pluto

In the source code of the IKE daemon Pluto security holes have been discovered. These holes will be closed within this Collax software update.

A patch for Pluto 2.4.9 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-0790

Security: GNU data type library glib2

In the source code of glib2 security holes have been discovered. These holes will be closed within this Collax software update.

A patch for glib2 2.18.2 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2008-4316

Security: Authentification library libsasl2

In the source code of system library libsasl2 security holes have been discovered. These holes will be closed within this Collax software update.

A patch for libsasl2 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-0688

Security: System library libfreetype

In the source code of system libraries libfreetyp security holes have been discovered. These holes will be closed within this Collax software update.

A patch for libfreetype is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1416

Security: SquirrelMail Web Mail

In the source code of web mailer SquirrelMail security holes have been discovered. These holes will be closed within this Collax software update.

SquirrelMail 1.4.18 is going to be installed and fixes the assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1578 CVE-2009-1579 CVE-2009-1580 CVE-2009-1581

Security: Samba, Windows SMB/CIFS Server for UNIX

In the source code of the Windows SMB/CIFS fileserver Samba security holes have been discovered. These holes will be closed within this Samba software patch for version 3.0.34.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2009-1888

Notes

With this update all functions of the modul will be installed and can be used on the server. In the list of additional modules in the “License and modules” formular the module will be shown as not installed. To solve this you have to run the Install action.

Add-on Software: New Licensing of Avira Antivir

The Anti Virus product Avira Antivir will now be identically licensed like all Collax Modules. With this method a higher handling comfort is reached.

Add-on Software: Download Progress Bar when using Avira Antivir Web-Virus-Filter

The anti virus product Avira Antivir displayed a special progress bar while scanning downloaded files. With the new anti virus technology within this update this progress bar becomes superfluous. From this update the progress bar of Avira Antivir is going to be removed.