Release Notes CSG 5.8.12

Collax Security Gateway
13.08.2015

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Security: Linux Kernel 2.6.32.67

This update installs Linux kernel 2.6.32.67. It fixes two regressions introduced in 2.6.32.66.

Changelog

GUI: Configuration GUI

The modern administration interface has been updated. In addition to a series of optical adjustments and improvements to the usability of tables, lists, and the correct behavior when you press the Escape key, the new browser Edge (Spartan) of Windows 10 is supported.

VPN: StrongSwan IPsec

From this version StrongSwan 4.6.4 is going to be implemented.

Issues Fixed in this Version

Security: Internet Domain Name Server Bind

In the source code of the Internet Domain Name Server security holes have been discovered. These holes will be closed within this software update to Bind version 9.9.7-P2.

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

CVE-2015-4620 CVE-2015-5477

Security: Download Tool Curl

In the source code of the download tool curl security holes have been discovered. These holes will be closed within this software update for curl version 7.43.0

Assigned Common Vulnerabilities and Exposures (CVE) numbers:

Changelog

Security: Scripting Language PHP5 and PHP Libraries

In the source code of PHP5 security holes have been discovered. These holes will be closed within this software update to PHP 5.6.12. See PHP 5.6.12 Changelog

Backup/Restore: GUI Job-notify for backup jobs

The job-notify service could prevent the proper finish of job-notifications for backup-jobs under certain circumstances. In this case, the job-notification never got the “finish” messages and must be restarted manually. This is fixed within this release. The job-notification will finish now.

Hardware: Disbale mcelog daemon in virtual maschines

The detection of machine checks throught the mcelog daemon fails in virtual environments. Within this release the service is disabled in virtual maschines.