Release Notes CSG 5.8.8
Collax Security Gateway
To install this update please follow the following steps:
- It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
- In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
- Click Get Packages to download the update packages.
- Click Install. This installs the update. The end of this process is indicated by the message Done!.
- A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.
New in this Version
Security: Amavis ‘Mail Body Size Limit’
AMaViS (A Mail Virus Scanner) is a high-performance and reliable interface between the mailer (MTA) and one or more content checkers: virus scanners, spam filter. Mails with large attachement that have been checked by the spam filter Spamassassin needed huge amounts of memory to check the mail body, also the time to scan such a mail rised nonlinearly. Within this release the method sa_mail_body_size_limit has been improved.
System Management: Active monitoring of removed hardware
The server performs a system check of the components when beeing booted. If a formerly used ethernet- or isdn-device is going to be removed, a notification will be sent.
Issues Fixed in this Version
Security: OpenSSL - Security Vulnerability
In the source code of the cryptography toolkit OpenSSL security holes have been discovered. These holes will be closed within this Collax software update to OpenSSL 1.0.2a.
Security: Internet Domain Name Server Bind
In the source code of the internet domain name server BIND security holes have been discovered. These holes will be closed within this Collax software update to bind 9.9.7
Assigned Common Vulnerabilities and Exposures (CVE) numbers: CVE-2015-1349 CVE-2014-8500