Release Notes CSG 5.8.20

Collax Security Gateway
19.07.2016

Installation Notes

Update Instructions

To install this update please follow the following steps:

Procedure

  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Backup/Restore: Aditional parameters for Backup targets

Regular backups are the only way to protect against unforeseeable events such as hardware failures. Among other things, Collax Server supports backups to shares on other servers. Additional parameters for backup destinations In some cases it is necessary to specify additional parameters or to set switches to backing up data on a file server. This update adds a field, where additional parameters can be entered. This parameters will be used by the mount command, i.e. sec=ntlm.

Add-on Software: Improved heuristic technique of Avira Antivir

This update improves the heuristic technique of Avira Antivir by adapting the option “SAVAPI3_SCAN_STATUS_SUSPICIOUS”.

Add-on Software: Improved heuristic technique of Kaspersky

This update improves the heuristic technique of Kaspersky by adapting the option “EVENT_SUSPECTED”.

Misc: Control + Alt + Delete

This update suppresses the shortcut combination ctrl+alt+del.

Hardware: Support of UPS (USB) with nut 2.7.3

This update installs the Network UPS Tool (nut) 2.7.3. This extends the support for UPS with USB-Connection. A list of supported devices can be found in the Collax HWCL or on the site www.networkupstools.org .

Issues Fixed in this Version

Security: IMAP Service Cyrus

In the source code of the IMAP service cyrus security holes have been discovered. These holes will be closed within this Collax software patch for version cyrus 2.3.19.

DFN-CERT Portal

E-Mail: AMaViS and strict HELO settings

With the option “HELO identification required” set to the value “Strict” when using AMaViS (A Mail Virus Scanner) no emails could be sent. This is fixed within this update, email will be sent, if the option is set to “Strict”.

Web Proxy: Web Proxy does not start, bungled configuration

For certain Web pages, header lines need to be removed in order for these pages to be displayed correctly when using the Web proxy. Otherwise, a white browser window would be displayed instead of the content. By using the field Disable transfer encoding in the Tab “Advanced” the domains of the Web pages can be entered. If the configuration was bungled due to double occuring entries, this resulted in the Web-Proxy-Service being unable to start. There will be a fix in this update recognizing double entries.

Authentication: Synchronisation with Active Directory

Whenever an object and its attributes change in an Active Directory Environment with multiple Domain Controllers (DCs) its Update Sequence Number (USN) is incremented. The Active Directory Proxy (AD-Proxy) then synchonizes. In environments with multiple DCs these USNs differ per DC. Thereby it could happen that the USN was lower than the saved one, resulting in no synchronisation. Within this update the mapping of USNs per DC is beeing saved in a sequence file so that all users and groups are synchronized.