/[smeserver]/cdrom.image/sme10/README.txt
ViewVC logotype

Diff of /cdrom.image/sme10/README.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by unnilennium, Wed May 18 11:10:40 2016 UTC Revision 1.4 by jpp, Fri Dec 28 03:33:50 2018 UTC
# Line 1  Line 1 
1  Koozali SME Server 10.alpha1  Release Notes  Koozali SME Server 10 Alpha 4 Release Notes
2  ===========================================  =====================================
 18 May 2016  
3    
4  The Koozali SME Server (SME Server) development team is pleased to announce  These are draft only and are in a constat state of update.
 the release of SME Server 10.apha1 which is based on CentOS 7.2.1511  
5    
6  SME 10.alpha1 incorporates the very first packages for the 10 version  27 Dec 2018
7    
8  TEST PURPOSE ONLY. DO NOT USE ON PRODUCTION SERVER !  The Koozali SME Server development team is pleased to announce the
9    release of SME Server 10 Alpha 4 which will be the next major release of
10    SME Server.
11    
12  CentOS 7.# has an EOL of 30 June 2024.  This release is based on CentOS 7. CentOS 7.# has an EOL of 30 June 2024.
13    
14    ***************************
15    Koozali SME Server users should not upgrade production servers to this
16    release but those who can are encouraged to load the alpha to a
17    dedicated test machine and take part in the testing phase.
18    ***************************
19    
20    Some notes on Koozali SME Server 10 can be found at
21    https://wiki.contribs.org/SME_Server_10.0_Development
22    
23    SME10 Roadmap - Alpha 4
24    https://wiki.contribs.org/SME10_Roadmap#SME_10_Alpha_4
25    
26  Bug reports and reports of potential bugs should be raised in the bug  Bug reports and reports of potential bugs should be raised in the bug
27  tracker (and only there, please);  tracker (and only there, please);
28    
29      http://bugs.contribs.org/       https://bugs.koozali.org/
30    
31  Download  Download
32  ========  ========
33  You can download SME Server 10 from  You can download SME Server 10 from
34  http://mirror.contribs.org/smeserver/releases/testing/10/  https://mirror.koozali.org/smeserver/releases/testing/10/
35  or for other methods see http://wiki.contribs.org/SME_Server:Download  or for other methods see https://wiki.koozali.org/SME_Server:Download
36    
37  Please note it may take up to 48 hours for mirrors to finish syncing,  Please note it may take up to 48 hours for mirrors to finish syncing,
38  during this time you may experience problems.  during this time you may experience problems.
# Line 40  meeting our expenses, such as hosting co Line 52  meeting our expenses, such as hosting co
52    
53  As such, we ask for a donation to offset costs and fund further development.  As such, we ask for a donation to offset costs and fund further development.
54    
55  a) If you are a school, a church, a non-profit organisation or an individual  a) If you are a school, a church, a non-profit organisation or an
56  using SME Server for private purposes, we would appreciate you to contribute  individual using SME Server for private purposes, we would appreciate
57  within your means toward the costs associated with hosting, maintenance and  you to contribute within your means toward the costs associated with
58  development.  hosting, maintenance and development.
59    
60  b) If you are a company or an integrator and you are deploying SME Server in  b) If you are a company or an integrator and you are deploying SME
61  the course of your work to generate revenue, we expect you to make a donation  Server in the course of your work to generate revenue, we expect you to
62  commensurate with the level of revenue you generate and the number of servers  make a donation commensurate with the level of revenue you generate and
63  your have in the field. Please, help the project  the number of servers your have in the field. Please, help the project
64    
65  Please visit http://wiki.contribs.org/Donate to donate.  Please visit https://wiki.koozali.org/Donate to donate.
66    
67  Koozali Inc is happy to supply an invoice for any donations received,  Koozali Inc is happy to supply an invoice for any donations received,
68  simply email treasurer@koozali.org  simply email treasurer at koozali.org
69    
70  Notes  Notes
71  =====  =====
72  In-place upgrades are not supported. It is necessary to backup and then restore.  In-place upgrades are not supported. It is necessary to backup and then
73  /boot partition is always RAID 1.  restore.
74    (Remember, testing purpose only)
75    
76  The spare handling for RAID arrays is not implemented.  The spare handling for RAID arrays is not implemented.
77    
78  USB installs are now supported, see:  USB installs are now supported, see:
79  http://wiki.contribs.org/Install_From_USB#SME_Server_9  https://wiki.koozali.org/Install_From_USB
80    
81  Minimal changes have been made from SME9.1rc1  Current installer is still branded CentOS. A kickstart script allows you
82    to go through the graphical installation process. If your disk is not
83    empty, you will need to use the Anaconda interface to format it and
84    partition it. If it is empty all is automatic. You will have to set your
85    root password twice: once during Anaconda installation (you could use a
86    lame password), a second time in the Koozali SME server configuration
87    process.
88    
89  Major changes in this release  Major changes in this release
90  =============================  =============================
91    This release is based on CentOS 7.#
92    
93  Changes in this release  Changes in this release
94  =======================  =======================
95    see above and below
96    
97  General features  General features
98  ================  ================
99  - Based on CentOS 7.2.1511 and all available updates  - Based on CentOS 7.6.1810 and all available updates
100    
101    Detailed changes in this release
102    =======================
103    Only the changes since SME Server 10 Alpha3 are listed, mainly
104    autogenerated from the changelogs.
105    
106    Packages altered by Centos, Redhat, and Fedora-associated developers are
107    not included.
108    
109    Backups
110    
111    # e-smith-backup updated from 2.6.0-11.el7.sme to 2.6.0-12.el7.sme
112    - added patch for workstation backup lock [SME: 9127]
113    - code from Stefano Zamboni <zamboni@mind-at-work.it>
114    
115    File Server
116    
117    # e-smith-samba updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
118    - fix typo in  /server-resources/regedit/win10samba.reg  [SME: 10515]
119    
120    # samba updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
121    # samba-common updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
122    # samba-common-tools updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
123    # samba-python updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
124    # samba-client-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
125    # samba-client updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
126    # samba-winbind-krb5-locator updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
127    # samba-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
128    # samba-dc updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
129    # samba-winbind-modules updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
130    # samba-dc-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
131    # samba-winbind-clients updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
132    # libwbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
133    # samba-common-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
134    # libsmbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
135    # samba-winbind updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
136    - import 4.6.2-12 [SME: 10429]
137    - change gnutls-devel >= 3.4.7 to gnutls-devel to allow build
138    - import to SME the two last upstream releases [SME: 10326]
139    - resolves: #1514314 - Fix CVE-2017-14746 and CVE-2017-15275
140    - resolves: #1491213 - CVE-2017-12150 CVE-2017-12151 CVE-2017-12163
141    - resolves: #1484423 - Require at least krb5 version 1.15.1
142    - resolves: #1484713 - Fix password changes for users via smbpasswd
143    - resolves: #1484723 - Be more graceful on FSCTL_VALIDATE_NEGOTIATE_INFO
144                           returned errors
145    - resolves: #1481188 - Fix 'net ads changetrustpw'
146    - resolves: #1459936 - Fix regression with "follow symlinks = no"
147    - resolves: #1461336 - Fix smbclient username parsing
148    - resolves: #1460937 - Fix username normalization with winbind
149    - resolves: #1459179 - Fix smbclient session setup printing
150    - related: #1277999 - Add missing patchset
151    - resolves: #1431986 - Fix expand_msdfs VFS module
152    
153    LDAP
154    
155    Localisation
156    
157    # smeserver-locale updated from 2.6.0-9.el7.sme to 2.6.0-11.el7.sme
158    - apply locale 2018-12-14 patch
159    - apply locale 2017-12-02 patch
160    
161    Mail Server
162    
163    # clamav updated from 0.99.2-1.el7.sme to 0.100.2-1.el7.sme
164    - Update to 0.100.2 [SME: 10578]
165    
166    # e-smith-pop3 updated from 2.6.0-2.el7.sme to 2.6.0-3.el7.sme
167    - fix undefined fqdn for pop3 [SME: 10257]
168    
169    # qpsmtpd updated from 0.96-18.el7.sme to 0.96-19.el7.sme
170    - add support to force spamcheck on specific IP for fetchmail [SME: 10290]
171    
172    # smeserver-qpsmtpd updated from 2.6.0-30.el7.sme to 2.6.0-32.el7.sme
173    - add forcespamcheck support for fetchmail [SME: 10290]
174    - Log DMARC reporting in syslog instead of sending email to the admin.
175      Also suppress SSL connection failed warnings [SME: 10298]
176    
177    # djbdns updated from 1.05-8.el7.sme to 1.05-10.el7.sme
178    - improve short ttl cname resolution and glueless answer from akadns [SME: 8362]
179    - 500-cutom-dnscache-maxloop.patch: increase QUERY_MAXLEVEL 5->10 , set  QUERY_MAXLOOP 160
180    --import patches from openwrt and rename already applied patches
181    --fix security issues [SME: 10374]
182    - 020-dnsroots-update.patch: update list of root DNS servers
183    - 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch
184    - 080-dnscache-cache-negatives.patch: rfc2308 ?
185    - 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch
186    - 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch
187    - 270-dnscache-sigpipe-fix.patch: SIGPIPE
188    - 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
189    - 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
190    - 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
191    - 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2
192    --bug fixes [SME: 10374]
193    - 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets
194    - 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records
195    --fix issue with short ttl cname like akamaid [SME: 8362]
196    - 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch
197    - 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
198    - 500-cutom-dnscache-maxloop.patch: set max loop to 200
199    --needed for previous patches to apply cleanly
200    - 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch)
201    - 050-tinydns-mmap-leak.patch: report cdb leak
202    - 080-dnscache-cache-negatives.patch: rfc2308 ?
203    - 090-tinydns-one-second.patch: improve tinydns with 8 or more  concurent connections (for 240-*.patch)
204    - 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch)
205    
206    # smeserver-spamassassin updated from 2.6.0-7.el7.sme to 2.6.0-8.el7.sme
207    - disable auto_learn by default when enabling Bayes [SME: 8160]
208    - added properties UseBayesAutoLearn, BayesAutoLearnThresholdSpam and BayesAutoLearnThresholdNonSpam
209    
210    # e-smith-qmail updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme
211    - Update aliases files for every groups passed as argument [SME: 10386]
212    
213    Server manager
214    
215    php
216    - load openssl configuration file on startup #1408301
217    - gd: fix buffer over-read into uninitialized memory CVE-2017-7890
218    - fix php should provide php(httpd) #1215429
219    - fpm: backport PHP-FPM's clear_env option from 5.4.27 #1410010
220    default value is "yes", preserving previous behaviour
221    - openssl: fix default_socket_timeout does not work with SSL #1378196
222    - gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167
223    - gd: Signed Integer Overflow gd_io.c CVE-2016-10168
224    
225    Webmail and Groupware
226    
227    Web Server
228    
229    Other fixes and updates
230    
231    # e-smith-base updated from 5.8.0-35.el7.sme to 5.8.0-38.el7.sme
232    - icleaning xinetd.conf fragment out of the package [SME: 10219]
233    - revert previous change - wrong package
234    - added post transaction rule for ntp [SME: 10190]
235    - thank you to Stefano Zamboni for this work
236    
237    # smeserver-yum updated from 2.6.0-16.el7.sme to 2.6.0-17.el7.sme
238    - add yum-plugin-post-transaction-actions as requirement [SME: 1100]
239    
240    # e-smith-devtools updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
241    - ease update of e-smith-devtools on non SME builders [SME: 10536]
242    
243    # smeserver-support updated from 2.8.0-12.el7.sme to 2.8.0-15.el7.sme
244    - exclude libtevent,python-tevent from base and updates to avoid conflict with localy build version of samba [SME: 10573]
245    - add back perl(LWP::Protocol::https) support  [SME: 10516]
246    - upstream samba packages were not all excluded [SME: 10428]
247    
248    # e-smith-ntp updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme
249    - added post transaction rule for ntp [SME: 10190]
250    - thank you to Stefano Zamboni for this work
251    
252    # e-smith-lib updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
253    - Skip tap_soft interfaces (eg SoftEther, code from Hsing-Foo Wang)
254      [SME: 10445]
255    
256    
257  On behalf of the SME Server development team  On behalf of the Koozali SME Server development team


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed