/[smeserver]/cdrom.image/sme10/README.txt
ViewVC logotype

Diff of /cdrom.image/sme10/README.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.3 by unnilennium, Wed May 31 17:52:31 2017 UTC Revision 1.12 by jpp, Mon Jun 7 01:25:48 2021 UTC
# Line 1  Line 1 
1  Koozali SME Server 10 Alpha 2 Release  Koozali SME Server 10 Final Release Notes "Justine"
2  =====================================  ============================================
3    
4  31 May 2017  07 June 2021
5    
6  The Koozali SME Server development team is pleased to announce the release of  The Koozali SME Server development team is pleased to announce the
7  SME Server 10 Alpha 3 which will be the next major release of SME Server.  release of SME Server 10 Final which will be the next major release of
8    SME Server. Code named "Justine"
9    
10  This release is based on CentOS 7. CentOS 7.# has an EOL of 30 June 2024.  This release is based on CentOS 7. CentOS 7.# has an EOL of 30 June 2024.
11    
12  ***************************  **********************************************************
13  Koozali SME Server users should not upgrade production servers to this release  Koozali SME Server users should not upgrade production servers to this.
14  but those who can are encouraged to load the alpha to a dedicated test machine  Those with test servers are encouraged to load the release to a
15  and take part in the testing phase.  dedicated test machine and take part in the testing phase.
16  ***************************  **********************************************************
17    
18  Some notes on Koozali SME Server 10 can be found at  Some notes on Koozali SME Server 10 can be found at
19  https://wiki.contribs.org/SME_Server_10.0_Development  https://wiki.contribs.org/SME_Server_10.0_Development
20    
21    SME10 Roadmap -
22    https://wiki.contribs.org/SME10_Roadmap#SME_10_Final
23    
24  Bug reports and reports of potential bugs should be raised in the bug  Bug reports and reports of potential bugs should be raised in the bug
25  tracker (and only there, please);  tracker (and only there, please);
26    
27      https://bugs.koozali.org/       https://bugs.koozali.org/
28    
29    Copy of releaase notes may be found here:
30    https://lists.contribs.org/pipermail/updatesannounce/
31    
32  Download  Download
33  ========  ========
34  You can download SME Server 10 from  You can download SME Server 10 from
35  https://mirror.koozali.org/smeserver/releases/testing/10/  https://mirror.koozali.org/smeserver/releases/testing/10/
36  or for other methods see https://wiki.koozali.org/SME_Server:Download  or for other methods see:
37    https://wiki.koozali.org/SME_Server:Download
38    
39  Please note it may take up to 48 hours for mirrors to finish syncing,  Please note it may take up to 48 hours for mirrors to finish syncing,
40  during this time you may experience problems.  during this time you may experience problems.
# Line 46  meeting our expenses, such as hosting co Line 54  meeting our expenses, such as hosting co
54    
55  As such, we ask for a donation to offset costs and fund further development.  As such, we ask for a donation to offset costs and fund further development.
56    
57  a) If you are a school, a church, a non-profit organisation or an individual  a) If you are a school, a church, a non-profit organisation or an
58  using SME Server for private purposes, we would appreciate you to contribute  individual using SME Server for private purposes, we would appreciate
59  within your means toward the costs associated with hosting, maintenance and  you to contribute within your means toward the costs associated with
60  development.  hosting, maintenance and development.
61    
62  b) If you are a company or an integrator and you are deploying SME Server in  b) If you are a company or an integrator and you are deploying SME
63  the course of your work to generate revenue, we expect you to make a donation  Server in the course of your work to generate revenue, we expect you to
64  commensurate with the level of revenue you generate and the number of servers  make a donation commensurate with the level of revenue you generate and
65  your have in the field. Please, help the project  the number of servers your have in the field. Please, help the project
66    
67  Please visit https://wiki.koozali.org/Donate to donate.  Please visit https://wiki.koozali.org/Donate to donate.
68    
69  Koozali Inc is happy to supply an invoice for any donations received,  Koozali Inc is happy to supply an invoice for any donations received,
70  simply email treasurer@koozali.org  simply email treasurer at koozali.org
71    
72  Notes  Notes
73  =====  =====
74  In-place upgrades are not supported. It is necessary to backup and then restore.  In-place upgrades are not supported. It is necessary to backup and then
75  (Remember, testing purpose only)  restore.
76    
77    Restore of a sme9 console or workstation backup is now fully supported, there
78    are cautions to be aware of and followed.
79    
80    Single disk install no longer creates a degraded Raid1 array, Two or more disks
81    will be created as a Raid1-6 array, see wiki https://wiki.contribs.org/Raid
82    
83    The spare handling for RAID arrays is now implemented.
84    
85    Support for further Raid configuration on install is now implemented - see wiki
86    
87    New Server-Manager Framework, Mojolicious, is now well on the way to full implementation
88    
89    USB installs are once again fully supported,
90    Note: it is important to use recommended apps to create the boot media
91    See: https://wiki.koozali.org/Install_From_USB
92    
93    Netinstall is once again fully supported, additional repos easily added
94    
95    Install to a system supporting a UEFI BIOS is also now fully supported
96    
97  The spare handling for RAID arrays is not implemented.  Console backup, and workstation backup to removable storages is now fully supported.
98    
99  USB installs are now supported, see: https://wiki.koozali.org/Install_From_USB  Koozali templating is now fully inegrated with systemd
100    
101  Current installer is still branded CentOS. A kickstart script allows you to go through the graphical installation process. If your disk is not empty, you will need to use the Anaconda interface to format it and partition it. If it is empty all is automatic. You will have to set your root password twice: once during Anaconda installation (you could use a lame password), a second time in the Koozali SME server configuration process.  An enormouse number other under the hood changes, far to numerous to list here
102    
103    The work that has gone into getting SME 10 to this stage has been enormous, an attempt to list
104    and detail the work that has been done in recent months would not do justice to the effort
105    contributed by the following,
106    
107    thank you one and all:
108    
109    Jean Phillipe Pialasse
110    Michel Begue
111    Brian Read
112    Catton Durbrow
113    Chris Sansom-Ninnes
114    Jean-pierre Odion
115    Zsolt Vasarhelyi
116    John Crisp
117    Terry Fage
118    
119    there have also been many others who have done what they can, thank you:
120    
121    The changes that have been implemented to ensure the Koozali Sme Server way is fully implemented
122    have been far reaching, far to many to try and list, suffice to say long live "Justine".
123    
124  Major changes in this release  Major changes in this release
125  =============================  =============================
126  This release is based on CentOS 7  This release is based on CentOS 7.#
127    
128  Changes in this release  Changes in this release
129  =======================  =======================
130  see above  see above and below, too much to list
131    
132  General features  General features
133  ================  ================
134  - Based on CentOS 7.2.1511 and all available updates  - Based on CentOS 7.9.2009 and all available updates
135    
136  Detailed changes in this release  Detailed changes in this release
137  =======================  =======================
138  Only the changes since SME Server 10 Alpha2 are listed, mainly  Only the changes since SME Server 10 RC1 are listed, mainly autogenerated from the changelogs.
 autogenerated from the changelogs.  
139    
140  Packages altered by Centos, Redhat, and Fedora-associated developers are  Packages altered by Centos, Redhat, and Fedora-associated developers are not included.
 not included.  
141    
142  General features - Based on CentOS 7.2.1511 and all available updates  The changelogs are written per package
143    
144  Backups  SME built or modified packages - ChangeLogs
145    
146  e-smith-backup  10 June 2021
 - added lock during backup to avoid multiple instance running [SME: 9127]  
 - code from Stefano Zamboni <zamboni@mind-at-work.it>  
 - added support back to ext2 and ext3 [SME: 9299]  
 - fix removable device detection [SME: 9299]  
 - console restoration can be launched again from console [SME: 9550]  
 - fixed bug on the dar catalog when backups are not added in it [SME: 9563]  
 - Added e-smith-backup-2.6.0.bz9563.UpdateDarCatalogFollowingBackups.patch  
 - Remove the dar exclusion message in the email if there is no exclusion.  
 - Modified e-smith-backup-2.6.0.Do_Dar_Exclusion.patch [SME: 9633]  
 - Added two commented files backup.{include,exclude} in /etc/backup-data.d  
 - Modified e-smith-backup-2.6.0.Add_Or_Remove_Path_In_Backup.patch [SME: 9607]  
 - Add or remove path in your backup by a file *.include and *.exclude  
 - Added e-smith-backup-2.6.0.Add_Or_Remove_Path_In_Backup.patch [SME: 9607]  
 - Test if the remote host (cifs/nfs) is up, else save and display a warning.  
 - Added e-smith-backup-2.6.0.bz9090.Testing_the_remote_host_parameters.patch [SME: 9090]  
 - The 'tar backup to desktop' of the backup panel takes consideration of exclusion  
 - Added e-smith-backup-2.6.0.Do_Tar_Exclusion_In_Panel.patch [SME: 9635]  
 - The 'dar workstation backup' of the backup panel takes consideration of exclusion  
 - Added e-smith-backup-2.6.0.Do_Dar_Exclusion.patch [SME: 9633]  
 - The 'tar backup' of the console takes consideration of exclusion and display a page with the exclusion content  
 - e-smith-backup-2.6.0.Do_Tar_Exclusion_In_the_console.patch [SME: 9635]  
147    
148  File Server  Backups
149    flexbackup
150    - fix package version and release 1.2.1-6.4
151    - new source from debian packages repos 1.2.1-6.4
152    - convert initial release
153    - remove /usr/share/lintian directory
154    - add convert script to doc directory
155    - add debian changelog to doc directory
156    
157    File Server
158  e-smith-proftpd  e-smith-proftpd
159  - fix typos [SME: 6804]  - restart proftpd on ssl-update [SME: 11603]
160  - set default as required  - cleanup in /etc/rc.d [SME: 9692]
161  - NB: client must be set as active connection, not passive  - redirect log away from message [SME: 11384]
162  - updated patch for certificate chain  - fix circular Conflict with proftpd [SME: 11357]
163  - Thanks to Daniel Berteaud  - improve protect from proftpd.service running [SME: 11106]
164  - Adding TLS support to proftp configuration [SME: 6804]  - protect from proftpd.service running in place of ftp.service [SME: 11106]
165  - default is enabled but not required, only TLSv1.1 and v1.2  - remove system-preset file from usr [SME: 10958]
166    - SSL crt and key to self signed if path does not exist [SME: 11316]
167    - add Requires=runit.service [SME: 11245]
168    - execute systemd-reload before service adjust in events [SME: 11228]
169    - remove S95reset-unsavedflag [SME: 11229]
170    - Remove ftp from 'init.d/supervise' [SME: 11106] [SME: 11150]
171    - Move ftp service to systemd [SME: 11106]
172    - Create e-smith-proftpd-update event [SME: 11150]
173    
174  e-smith-samba  e-smith-samba
175  - fix outlook error code 0x8004011c [SME: 10169]  - netlogon.bat +x [SME: 11566]
176  - when setting up and email account on a win10 computer joined to a domain (with roaming profiles)  - add possibility to reenable allow execute always on ibays homes or everywhere [SME: 11555]
177  - add systemd skip redirect [SME: 9688]  - fix double entries for min protocol [SME: 11558]
178  - Fix deprecated syntax '~' in rsyslog [SME: 9398]  - clean rsyslog syntax for smbd and nmbd [SME: 11422]
179  - added e-smith-samba-2.6.0.bz9398.DeprecatedRsyslogSyntaxSamba.patch  - fix noise in message log from nmbd and smbd redirected to dedicated logs [SME: 11349]
180  proftpd  - allow using user-create-profiledir action with temp or package-update events [SME: 11348]
181  - AllowChrootSymlinks off could cause login failures depending on filesystem  - fix log noise for smb.service [SME: 11157]
182  permissions: use the IDs of the logging-in user to perform the directory  - add Restart=always [SME: 11118]
183  walk, looking for symlinks, to be more consistent with similar checks done  - add Restart=always [SME: 11117]
184  during login (#1443507, upstream bug 4306)  - migrate nmbd to systemd [SME: 11118]
185  - Crypt::CrackLib always available now  - migrate smbd to systemd [SME: 11117]
186  - Update to 1.3.5e    create generik smb.service service
187  - SFTP clients using umac-64@openssh.com digest failed to connect  - create e-smith-samba-update event [SME: 11157]
188  (upstream bug 4287)  - Fix mutex locking [SME: 11199]
189  - SFTP rekeying failure with ProFTPD 1.3.5d, caused by null pointer  - Fix pid directory [SME: 11198]
190  dereference (upstream bug 4288)  - Add /etc/krb5.conf as template using templates from smeserver-samba [SME: 11093]
191  - AllowChrootSymlinks off did not check entire DefaultRoot path for symlinks  - remove win98pwdcache.reg from server-resources [SME: 9060]
192  (CVE-2017-7418, upstream bug 4295)  - set min server and client protocol SMB2 [SME: 10576]
193  - Change shellbangs in shipped perl scripts to use system perl    add check so max always greater than min
194  - Drop EL-5 support  - add port 445 if min server protocol is SMB2 or SMB3 [SME: 10963]
 - Drop BuildRoot: and Group: tags  
 - Drop explicit buildroot cleaning in %install section  
 - Drop explicit %clean section  
 - /etc/pam.d/password-auth always available now  
 - pcre 7.0 or later always available now  
 - Properly allocate (and clear) the UMAC contexts, to fix segfault in mod_sftp  
 (#1420365, upstream bug 4287)  
 - Update to 1.3.5d  
 - Support OpenSSL 1.1.x API (upstream bug 4275)  
 Bug fixes:  
 - SSH rekey during authentication can cause issues with clients  
 (upstream bug 4254)  
 - Recursive SCP uploads of multiple directories not handled properly  
 (upstream bug 4257)  
 - LIST returns different results for file, depending on path syntax  
 (upstream bug 4259)  
 - "AuthAliasOnly on" in server config breaks anonymous logins  
 (upstream bug 4255)  
 - CapabilitiesEngine directive not honored for <IfUser>/<IfGroup> sections  
 (upstream bug 4272)  
 - Memory leak when mod_facl is used (upstream bug 4278)  
 - All FTP logins treated as anonymous logins again (upstream bug 4283,  
 regression in 1.3.5c of upstream bug 3307)  
 - Handle client/server version skew in mod_sql_mysql  
 (https://forums.proftpd.org/smf/index.php?topic=11887.0)  
 - Fix a possible cause of segfaults in mod_sftp (#1337880, upstream bug 4203)  
 - See if we can fix crash in mod_lang  
 - BR: perl-generators for correct dependencies in utils sub-package  
 - Prefer %global over %define  
195    
196  LDAP  LDAP
   
197  e-smith-ldap  e-smith-ldap
198  - Disable SSLv3, but keep the possibility to enable it again [SME: 10108]  - fix wrong path for templates.metadata [SME: 11595]
199  - Better default cipher suite, and honor global suite [SME: 10108]  - use template for ssl pem [SME: 11595]
200  - systemd skip redirect [SME: 9688]  - fix ldap failing to start on initial boot [SME: 11480]
201  - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  - fix wrong alias to ldap.init [SME: 11301]
202    - add -update event [SME: 11140]
203    - move ldap to systemd [SME: 11099]
204    - move ldap.init to systemd [SME: 11096]
205    - New protocol default as TLSv1.2 [SME: 10936]
206      New property TLSProtocolMin
207      Ciphers are now ordered with stronger first
208    
209  Localisation  Localisation
   
210  smeserver-locale  smeserver-locale
211  - apply 2017-04-26 translation patch [SME: 10252]  - apply local 2021-05-12.patch [SME: 11593]
212  - updated donate patch to correct location https://wiki.koozali.org/Donate [SME: 9595]  - apply local 2021-01-09.patch [SME: 11310]
213  - applied smeserver-locale-2.6.0-locale-2017-03-03  - apply local 2019-12-07.patch
 - Added translations smeserver-locale-2.6.0-locale-2016-07-17.patch  
 - fix wrongly converted http to https in  
 - URL starting with http:// or ftp://  
 - fix path to documentations (wiki) [SME: 9595]  
 - convert all koozali url to https  
 - change http://www.smeserver.org\donate to https://wiki.koozali.org/donate [SME: 9595]  
 - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  
 - change contribs.org to koozali.org [SME: 9595]  
214    
215  Mail Server  Mail Server
216    djbdns
217    - import modification from SME9 [SME: 11548]
218    - improve short ttl cname resolution and glueless answer from akadns [SME: 8362]
219    - 500-cutom-dnscache-maxloop.patch: set QUERY_MAXLEVEL 5 QUERY_MAXLOOP 500 QUERY_MAXNS 16 [SME: 10300]
220    
221  e-smith-email  e-smith-email
222  - fix webmail status not displaying correctly in manager [SME: 9594]  - add new RAR file signatures to default mailpatterns database [SME: 11265]
223  - More change from smtpd to qpsmtpd in masq templates [SME: 9561]  - webmail is only SSL [SME: 11443]
224  - Replace smtpd with qpsmtpd in smtp-auth-proxy [SME: 9554]  - create -update event [SME: 11133]
225  e-smith-pop3  - move smtp-auth-proxy to systemd [SME: 11102]
226  - Honor ConcurrencyLimit and ConcurrencyLimitPerIP prop for pop3 and pop3s  - allow creation of pseudonyms with setting of local only [SME: 3802]
227  [SME: 10271]  
 e-smith-qmail  
 - Add possibility to exclude users or members of other groups from group  
 email address [SME: 9523]  
228  qmail  qmail
229  - added documentation [SME: 9705]  - add remote tls transport for qmail-remote [SME: 9349]
230  - added binaries ipmetest et ipmeprint to help configuration  - updated release number higher than SME9
231  - add moreip to avoid loop [SME: 9705]  - now TLS and EHLO are defined to allow proper compilation
232  - patch from Scott Gifford  - add DEBUG flag for the moment to help configuring -DDEBUG=1
233  - remove qmail-0.0.0.0.patch as it is included  
234  - Consider literal <> as null sender [SME: 9884]  smeserver-clamav
235  qpsmtpd  - fix typo and missing +x [SME: 11520]
236  - Removed Message-Id validation, as it rejects MS account validation email [SME: 10139]  - fix issues with non epel standard scan.conf [SME: 11520]
237  - fix whitelist plugin to support helo with naughty rejecting at mail stage [SME: 10112]    move clamd.conf to scan.conf
238  - Validate domains found in uribl with Data::Validate::Domain [SME: 9467]    remove alias for clamtop
239  - Use eval to fetch dkim policies, prevent fatal errors in case of DNS    add a wrapper for clamdscan to force --fdpass
240  timeout [SME: 9480]  - ease use of clamdtop [SME: 11313]
241  - Remove karma rcpt handling (buggy and doesn't make a lot of sense)  - fix Transaction check error [SME: 11311]
242  [SME: 9462]  - add pid folder /run/clamd/ [SME: 11103]
243  qpsmtpd-plugins    few improvements
244  - remove whitelit_soft [SME: 10126]  - create update event [SME: 11162]
245    - Updated to use 0.103+ from EPEL [SME: 11194]
246    - Updated to use systemd for clamd [SME: 11103]
247    - Updated to use systemd for freshclam [SME: 11104]
248    - increase lower memory limit to 1GB [SME: 10833]
249    - fix for AllowSupplementaryGroups warning [SME: 10813]
250      thanks to bunkobugsy
251    
252  smeserver-dovecot  smeserver-dovecot
253  - Better default cipher suite, and honor global suite [SME: 10110]  - ssl pem update via template expand in place of copy [SME: 11601]
254    - clean rsyslog syntax for dovecot [SME: 11422]
255    - add Restart=always [SME: 11101]
256    - fix path for event -update [SME: 11101]
257    - cleanup /var/service/dovecot [SME: 11101]
258      close logger and service from previous runit instance before starting systemd one
259    - add systemd drop-in expand in bootstrap-console-save, console-save, post-install, post-upgrade [SME: 11101]
260    - move service to systemd [SME: 11101]
261    - add imap idle notify interval setting [SME: 10947]
262    - fix typo in enabling TLSv1.2 as default [SME: 10934]
263    - fix typo in 35ssl template [SME: 10934]
264    - fix typo in createlinks [SME: 10932]
265    - revert property names with period in it [SME: 10934]
266    - add property AcceptFullEmail with enabled as default [SME: 9865]
267    
268  smeserver-qpsmtpd  smeserver-qpsmtpd
269  - Turn DMARC reporting off by default [SME: 10303]  - update depreacted reject_threshold to reject [SME: 11492]
270  - update patch smeserver-qpsmtpd-2.6.0-smtpd_to_qpsmtpd.patch [SME: 9478]  - remove /usr/lib/systemd/system-preset/80-koozali-qpsmtpd.preset [SME: 10958]
271  - Greeting property was still attached to smtpd in a template  - modify for clamav 0.103.0 [SME: 11210]
272  - updated regex for RBL and SBL in smeserver-qpsmtpd-2.6.0-change_rbl_sbl_list_separator.patch  - roll up patches
273  - to take into account list using a subdomain [SME: 10123]  - add Requires=runit.service (qpsmtpd & sqpsmtpd) [SME: 11245]
274  - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  - fix service not enabled [SME: 11107]
275  - Turn SPF and DMARC rejects off by default [SME: 9664]    remove reset-unsavedflag
276  - Fix disabling DMARC reporting [SME: 9206]  - Move qpsmtpd & sqpsmtpd services to systemd [SME: 11107]
277  - Add missing tnef2mime and MaximumDateOffset to qpsmtpd [SME: 9560]  - Create smeserver-qpsmtpd-update event [SME: 11164]
278    - expand badrcptto_ext when needed [SME: 10638]
279      this avoid user, group or pseudonyms for internal purpose to be reachable
280      from outside
281    - minimum Protocol TLSv1.0 [SME: 10460]
282      better ciphers order.
283    
284  smeserver-spamassassin  smeserver-spamassassin
285  - Rewrite spamd run script to add support for --allow-tell [SME: 10137]  - prevent noise in log at spamassassin call from qpsmtpd [SME: 11491]
286    - clean rsyslog syntax for spamd [SME: 11422]
287    - remove warning while trying to delete file when missing in post script [SME: 11375]
288    - remove spamd reference as service use spamassassin.service [SME: 11375]
289      migrate spamd propertie SpamLearning to spamassassin
290      template for /etc/sysconfig/spamassassin, revert --allow-tell option
291      stop spamassassin spamd and delete /etc/systemd/system/spamassassin.service link if exists
292    - fix typo [SME: 11361]
293    - fix spamd unable to load [SME: 11361]
294    - redirect spamd loging to spamd.log instead of message [SME: 11362]
295    - add requires DCC as we have built it [SME: 11065]
296    - fix smeserver-spamassassin-update event fix [SME: 11166]
297    - Start systemd migration. Remove symlinks [SME: 11224]
298    - remove refresh clam as this will be provided by clamav
299    - require spamassassin 3.4.4 +
300    
301  Server manager  Server manager
302    e-smith-formmagick
303  e-smith-manager  - fix wrong PATH which makes fail grub reconfiguration [SME: 11556]
304  - add a panel to ease reporting bugs [SME: 8783]  - increase CSRF timeout from 120s to 180s [SME: 10902]
305  - Original work from Mats Schuh m.schuh@neckargeo.net    added property httpd-admin{csrfTimeout} in second to override
306  - fix warning uninitialized value in lc [SME: 10209]    added hability to ovarride the Timeout from panel to panel
307  - fix typo in e-smith-manager-2.8.0-bz10167-emptyback.patch  - add update event [SME: 11136]
308  - avoid internal server error if empty back parameter [SME: 10167]  - add locale for CSRF [SME: 10626]
309  - return user friendly message  - add CSRF patch [SME: 10626] - thank you to Daniel Berteaud
 - fix too short timeout in server-manager [SME: 9921]  
 - now 30 min as default instead of 5  
 - possibility to change this and adapt the default 0.66 of timeout remaining to reset it  
 - by default only a session cookie, can activate persistent cookie  
 - sha256 as encryption.  
 - fix bad redirection parameter that might reveal session information to remote site [SME: 9924]  
 - added missing template-begin for tkt.css [SME: 9676]  
 - Update server-manager to Koozali branding [SME: 9676]  
 - We thanks John Crisp for his wonderful work.  
 - change link for donation to koozali.org [SME: 9599]  
 - Fix syntax for removing Indexes options [SME: 9587]  
 - Remove index option for manager's resources [SME: 9587]  
 - fix 307 redirection to http when https is used [SME: 8825] [SME: 9583]  
 - update syntaxe for TKT Auth  
 - bump 8 for typo  
 - Fix a syntax error in server-manager's logout script [SME: 9527]  
 e-smith-starterwebsite  
 - fix can't chownfile index file [SME: 9900]  
 perl-CGI-FormMagick  
 - fix uninitialized value $what_to_make in lc [SME: 10210]  
 php  
 - bz2: fix improper error handling in bzread() CVE-2016-5399  
 - gd: fix integer overflow in _gd2GetHeader() resulting in  
 heap overflow CVE-2016-5766  
 - gd: fix integer overflow in gdImagePaletteToTrueColor()  
 resulting in heap overflow CVE-2016-5767  
 - mbstring: fix double free in _php_mb_regex_ereg_replace_exec  
 CVE-2016-5768  
 - don't set environmental variable based on user supplied Proxy  
 request header CVE-2016-5385  
 - fix segmentation fault in header_register_callback #1344578  
 - curl: add options to enable TLS #1291667  
 - mysqli: fix segfault in mysqli_stmt::bind_result() when  
 link is closed #1096800  
 - fpm: fix incorrectly defined SCRIPT_NAME variable when  
 using Apache #1138563  
 - core: fix segfault when a zend_extension is loaded twice #1289457  
 - openssl: change default_md algo from MD5 to SHA1 #1073388  
 - wddx: fix segfault in php_wddx_serialize_var #1131979  
 - session: fix segfault in session with rfc1867 #1297179  
310    
311  Webmail and Groupware  Webmail and Groupware
312    smeserver-horde
313    - fix missing call to perl module emsith::php [SME: 11489]
314    - clean rsyslog syntax for horde [SME: 11422]
315    - improved php basedir, with filtering of noise for gpg [SME: 10945]
316    - force SSL for horde [SME: 11443]
317    - fix horde not honoring switch to php-fpm 5.4 [SME: 11433]
318    - update mail settings for the php-pool [SME: 11431]
319    - spamd SpamLearning property migrated to spamassassin SpamLearning [SME: 11376]
320    - Configuration is not up to date, hash to update [SME: 11308]
321    - fix wrong template path for php55, php56 and php [SME: 11255]
322    - fix webmail not accessible after enabling from manager [SME: 11233]
323    - update rsyslog syntax [SME: 11016]
324      move fragment so syntax is similar to message
325    - remove harcoded ports [SME: 10969]
326    - add gpg to php base dir [SME: 10945]
327    - workaround logging noise caused by libsasl [SME: 10943]
328    - log as admin and not admin@domain for cli tasks [SME: 10910]
329    - fix ingo imap preferences [SME: 10912]
330    - allow httpd-auth for calendar, tasks access using rpc.php ... [SME: 10908]
331    - add smeserver-horde-update event [SME: 10909]
332    - avoid loss of user parameter on Primary Domain change [SME: 1005]
333      this will also avoid the loss of parameter if we log with a different virtualhost
334      horde preference is now stored with the SME username without @domain
335    - fix bad regex to strip domain [SME: 10224]
336      also we can now force Primary domain to use as default email
337      we can strip heading string from virtualhost domain to create email
338      default identity email will update as long as no other identity is created for the user
339    - fix typo in php-fpm patch [SME: 10872]
340    - remove php3 references [SME: 10866]
341    - remove strict and warning alert from error log [SME: 10823]
342    - dedicated php-fpm pool for horde [SME: 10872]
343    - apply patches from John H. Bennett III [SME: 10717]
344    - cvs admin -ko on patch1
345    
346  Web Server  Web Server
347    e-smith-apache
348  e-smith-php  - add possibility to force https on LAN only [SME: 11511]
349  - clean daily session and tmp folders [SME: 9626]    usefull for VPN over port 443
350  - updated path for ibays' session and tmp folders to /var/cache  - prevent httpd to fail if modSSL defined certs does not exist [SME: 10826]
351  - add tmp folder to ibays [SME: 7011]    default on self generated cert
352  - add session folder to ibays [SME: 9620]  - create-update event [SME: 11123]
353  - change global session folder from /tmp to /var/lib/php/session/ [SME: 139]  - move httpd-e-smith to systemd [SME: 11111]
354      changed sigusr1 used in events to reload as defined in the unit file
355    - give a logger to httpd-e-smith : journald [SME: 1416]
356    - set default SSLStrictSNIVHostCheck to off [SME: 8693]
357    - add SNI support for individual certificates per VirtualHosts [SME: 8693]
358    - port 80 and 443 should not be hardcoded [SME: 9192]
359    - e-smith-apache removing hardcoded ports [SME: 10966]
360    - remove php3 and php4 refs [SME: 10867]
361    - disable TLSv1 TLSv1.1 by default [SME: 10459]
362    
363  Other fixes and updates  Other fixes and updates
   
364  e-smith-base  e-smith-base
365  - Expand route-bond0 when nic bonding is enabled [SME: 10272]  - add local domains in self signed cert alt subjects [SME: 11624]
366  - improve regex to catch local [SME: 9724]    add local hosts in self signed cert alt subjects
367  - change smtpd to qpsmtpd for default service access [SME: 9478]    modSSL property to disable hosts domains addition : AddDomains AddHosts
368  - add translation links for manager to most language variations we support [SME: 11121]    default is enabled when empty
369  - prevent restoration from being called on regular and post-upgrade reboot [SME: 9550]  - fix missing export [SME: 11620]
370  - console restoration can be launched again from console  - fix issue with adding new user to the ldap db [SME: 11607]
371  - Use ip route syntax to define routes to local network [SME: 10083]  - always renew self signed certificate [SME: 11552]
372  - Allow /32 masks on the external interface, in which case we don't    update key / crt if not signed with the right key size
373  check if the gateway is on the correct network) [SME: 9610]    default to self signed if custom cert and key are not files or not rigth type
374  - fix config db locale property [SME: 9724]    add perl module to help handle certificates and keys
375  - adapt e-smith service command to systemd [SME: 9672]    TODO: check if both key and cert are related, if not default to self signed
376  - add systemd skip redirect to e-smith-service [SME: 9688]  - fix openssl.conf not generated when openldap field are empty [SME: 11569]
377  - fix broken link /etc/init.d/supervise/local link [SME: 9687]  - fix missing path to systemctl for add-wants [SME: 11537]
378  - fix mysqld to mariadb [SME: 9438]  - merge dhcpdmanager custom template fragments with core [SME: 10657]
379  - fix missing path to chkconfig [SME: 9641]  - remove templates-custom previously owned by a contrib [SME: 11508]
380  - Fix deprecated syntax '*' in rsyslog [SME: 9398]    they got migrated as part as normal backup restore
381  - Added e-smith-base-5.8.0.bz9398.DeprecatedRsyslogSyntax.patch  - fix masq failing on initial boot [SME: 11479]
382  - Set the hostname by hostnamectl [SME: 9631]  - removing weekly cron for ddns update, targeted script has been removed [SME: 11470]
383  - Stefano Zamboni <zamboni@mind-at-work.it>  - revert e-smith-service file [SME: 9692]
384  - fix Lang and keyboard layout configured are not used [SME: 9539]  - add systemctl wrapper [SME: 11345]
385  - Fix display of email forward fields since smtpd entry has been merged  - clean rsyslog syntax for dhcpd [SME: 11422]
386  qpsmtpd [SME: 9552]  - cleanup /etc/rc.d and /var/service [SME: 9692]
387    - remove klogd references [SME: 11363]
388    - restore part of pptp code and move to generik vpn entry [SME: 11374]
389    - drop dyndns core support [SME: 11415]
390    - fix enabled service not started on reboot [SME: 11355]
391      unless a power outage, as long as you reboot, halt or shutdown systemd will
392      be in sync
393    - fix console::startup run twice [SME: 11358 ]
394    - improve run order in systemd-default [SME: 11356]
395    - fix uninitialized value during post-install [SME: 11350]
396    - fix user with rssh shell need to be member of rsshusers group [SME: 9155]
397    - add missing /sbin/e-smith/bootstrap-runlevel7 [SME: 11318]
398    - fix typo for isolate [SME: 11246]
399    - separate bootstrap-console from run level service launch [SME: 11318]
400    - only run isolate if sme-server.target is not active [SME: 11246]
401    - update system-preset usr/lib file [SME: 10958]
402    - fix loss of httpd basic auth [SME: 11309]
403    - fix services starting when they are in Wants= for sme-server.target and preset disabled [SME: 11247]
404    - rewrite of manageRAID.pl and add_drive_to_raid for SME10 [SME: 10918]
405    - added gdisk as a dependency to support GPT systems
406    - fix modSSL key crt and keychain files really exist [SME: 11252]
407    - add ldap.init as exception for preset
408    - fix init-accounts [SME: 9642]
409    - validate modSSL key crt and keychain files really exist [SME: 11252]
410      if not we use self generated
411    - drop pptpd support [SME: 11250]
412    - add bash-completion [SME: 11244]
413    - improve local service to systemd [SME: 11119]
414      now run rc.local file as part of the event
415    - move local service to systemd [SME: 11119]
416      make it run /etc/rc.d/rc.local
417      cleaning /var/service/syslog still there
418    - workaround drop-in install section ignored by systemctl preset [SME: 11231]
419      some cleanup
420    - remove S95reset-unsavedflag [SME: 11229]
421    - add exclusion for lpd [SME: 11006]
422    - execute systemd-reload before service adjust in events [SME: 11228]
423    - fix ExecStart for raidmonitor [SME: 11094]
424    - fix permission for /sbin/e-smith/systemd/mdmonitor-pre [SME: 11094]
425    - Don't ask for confirmation to save changes on first install configuration [SME: 11193]
426    - Fix RAID detection regex for disk redundancy screen [SME: 10918]
427    - add Install part of systemd unit [SME: 11100]
428    - move dhcpd to systemd [SME: 11100]
429    - get dhcpd log out of message [SME: 2408]
430      also configure logrotate for /var/log/dhcpd/dhcpd.log and /var/log/dhcpd/current
431    - reverte previous changes for service2adjust and util.pm [SME: 11177]
432      files are owned by e-smith-lib
433    - allow more systemctl controls [SME: 11177]
434      convert unrecognized signals from service2adjust in events for systemd
435      handle unsupervised services the same way supervised were in adjust-services
436      make service-status only log when service disabled and not fail it
437    - add template for /etc/systemd/system-preset/49koozali.preset [SME: 11174]
438    
439  e-smith-devtools  e-smith-devtools
440  - added grub2 directories to ignore list [SME: 10325]  - netlogon.bat +x [SME: 11566]
441  - Quote filenames in genfilelist so filenames containing spaces are correctly  - add update event [SME: 11126]
442  handled [SME: 9750]  
443    e-smith-domains
444    - setup dns services on domain creation and other events [SME: 10115]
445    - avoid encoding of utf strings in domain table [SME: 11391]
446      this will mess with some languages
447    - Create e-smith-domains-update event [SME: 11128]
448    
449  e-smith-grub  e-smith-grub
450  - rebuild for file ownership conflict [SME: 10325]  - set missing locale if update-grub called by server-manager [SME: 11559]
451  - fix edition and consol grub terminal not visible because of koozali logo [SME: 9728]  - fix unable to boot on a non xfs root filesystem [SME: 11365]
452  - enable quota for groups and users with XFS [SME: 10211]  - cleanup remove /boot/grub dir [SME: 11354]
453  - Koozali grub splash screen  - Add support for EFI systems [SME: 10998]
454  - Write the full path for the grub Action [SME: 9668]  - add update event [SME: 11137]
455  - Added e-smith-grub-2.6.1.bz9668.AddFullPath2GrubAction.patch  
 - New source [SME: 9321]  
 - Adaptation to grub2 [SME: 9321]  
 e-smith-hosts  
 - remove reference to smtpd [SME: 9478]  
 - fix servicename syslog to rsylog [SME: 9691]  
 - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  
 by assuming the date is correct and changing the weekday.  
 - fix mysqld to mariadb [SME: 9438]  
 e-smith-ibays  
 - fix typo thanks to Stephane de Labrusse [SME: 7011]  
 - ibay to ibays  
 - as per comment 2 of bug 0600 instead of 0700 for perms [SME: 9621]  
 - as discussed, moving cache and tmp out of ibay folder [SME: 9105] [SME: 9621]  
 - creating basedir /var/cache/e-smith/files/ibays for tmp and cache  
 - create tmp folder in ibays when needed [SME: 9105]  
 - create session folder in ibays when needed [SME: 9621]  
 - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  
456  e-smith-lib  e-smith-lib
457  - remove reference to smtpd in configuration.conf [SME: 9478]  - update copyright dates, and make it easier to change from spec file [SME: 11570]
458  - fix console startup display [SME: 9352]  - partial revert of signals [SME: 11177]
459  - fix service name syslog to rsyslog [SME: 9691]    signal s not passed to runit services (dnscache*, qmail, qpsmtpd...)
460  - fix mysqld to mariadb [SME: 9438]    services handled by systemd crash if they do not have Restart=always defined
461  - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  - add support for signals SIG* with systemd [SME: 11177]
462  - fix esmith::util::serviceControl to manage systemd service [SME: 9660]    fix typo for reload-or-try-restart
463  - Added e-smith-lib-2.6.0.bz9660.serviceControlSystemd.patch    unsupervised services: really stop when disabled and start stopped enabled ones
464  e-smith-mysql  - remove error when sending sighup event [SME: 11177]
465  - systemd skip redirect [SME: 9688]  - allow more systemctl controls [SME: 11177]
466  - Corrected a typo in e-smith-mysql-2.6.0.bz9671.RemoveDummyMysqlDatabase.patch    convert unrecognized signals from service2adjust in events for systemd
467  - [SME: 9671]    handle unsupervised services the same way supervised were in adjust-services
468  - fix broken link /etc/init.d/supervise/mariadb [SME: 9686]  - create e-smith-lib-event [SME: 11141]
469  - Remove Dummy database from backup and restoration [SME: 9671]  - add support for systemctl reload-or-restart, try-restart, enable -now [SME: 10848]
470  - Added e-smith-mysql-2.6.0.bz9671.RemoveDummyMysqlDatabase.patch  
471  - fix forgotten mysqld variables in various scripts [SME: 9438]  e-smith-nutUPS
472  - e-smith-mysql-2.6.0-mariadb_forgotten_var.patch  - fix start ordering nut.service [SME: 11488]
473  e-smith-ntp  - fix ExecStartPre path for /usr/lib/tmpfiles.d/nut-run.conf [SME: 11488]
474  - fix wrong link to restart rsyslog [SME: 9690]  - fix ExecStartPre path for nut.service [SME: 11488]
475  e-smith-proxy  - fix template path for monitor [SME: 9423]
476  - fix disabling smtp proxy via SM doesn't work [SME: 9639]  - Fix preset line endings in 49-koozali.preset [SME: 11215]
477  - redirect squid syslog messages to /var/log/squid/squid.log [SME: 79]  - add update event to avoid reboot [SME: 11146]
478  - Allow custom file descriptor limit, and set default to 4096 [SME: 9912]  - adapt nut UPS for systemd [SME: 9423]
479  e-smith-quota  
480  - enable quota for groups and users with XFS [SME: 10211]  e-smith-packetfilter
481  e-smith-runit  - fix dropin file not expanded on initial installation [SME: 11528]
482  - add systemd skip redirect [SME: 9688]  - fix noise on logrotate, doing a restart instead of reload [SME: 11451]
483  e-smith-test  - move ulogd to systemd [SME: 11426]
484  - remove reference to smtpd [SME: 9478]  - require ulogd 2 [SME: 11426]
485  - fix servicename syslog to rsyslog [SME: 9691]  - remove pptpd last references [SME: 11420]
486  - fix mysqld to mariadb [SME: 9438]  - remove /usr/lib/systemd/system-preset/80-koozali-packetfilter.preset [SME: 10958]
487  initscripts  - drop pptpd support [SME: 11251]
488  - use DBUS calls directly instead of calling nmcli (bug #1422820)  - launch masq using systemd unit [SME: 11089]
489  - rhel-import-state: fix broken order of parameters  - create event to avoid reboot on update [SME: 11122]
490  - import-state: copy just some attributes  
491  - functions: systemctl show now returns an error when unit does not exist  e-smith-radiusd
492  - import-state: restore also sensitivity part of SELinux context  - remove services2adjust in bootstrap-console-save event, this put systemd in a loop [SME: 11602]
493  - network: run after network-pre.target  - ssl pem using template in place of copy [SME: 11602]
494  - ifup-eth: fix setting preferred_lft and valid_lft  - radiusd needs ldap started before [SME: 11302]
495  - ipv6: wait for all global IPv6 addresses to leave the "tentative" state  - add Restart=always [SME: 11113]
496  - source_config: tell NetworkManger to load ifcfg file even for NM_CONTROLLED=no    change group of pem file to radiusd
497  - ifup-aliases: inherit ARPCHECK from parent device  - create -update event [SME: 11155]
498  - rhel-dmesg: don't start in containers  - move radiusd to systemd {SME: 11113]
499  - ifup-eth: fix typo in error message (#1038776)    remove noise from spec file
500  - sysctl.conf: steal comments about /usr,/etc,... from fedora's sysctl.conf  - fix server restartting with virtual_server error [SME: 10853]
501  - rwtab: /var/lib/nfs needs to copy the files  
 - functions: improve killing loops  
 - ipcalc: detect invalid mask  
 - ifup: set valid_lft and preferred_lft to forever for static ip  
 - service: use systemd mangle for given service  
 - ifup-post: check resolve.conf also with DNS2  
 - ifdown-post: remove resolv.conf only in specific cases  
 - spec: ghost /var/log/dmesg  
 - network-functions: is_available_wait should wait even in the case that is_available returns 2  
 - autorelabel: turn quota off before relabeling  
 - autorelabel: call dracut-initramfs-restore before forced reboot  
 mod_auth_tkt  
 - fix redirection when proxy ssl [SME: 8825] [SME: 9583]  
502  smeserver-release  smeserver-release
503  - Bump new rpm for sme10 alpha2  - Bump new rpm for sme 10.0 final
504  - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  - Bump new rpm for sme10 release candidate 1
505    - updating release number everywhere [SME: 11366]
506    - Bump release to 1 as buildsys believe 1.alpha5 is newer than 0.beta1 [SME: 11317]
507    - Bump new rpm for sme10 beta1 [SME: 11317]
508    - add update event [SME: 11165]
509    - Bump new rpm for sme10 alpha5
510    
511  smeserver-support  smeserver-support
512  - exclude samba from centos repo as we have our own with DC support [SME: 10155]  - fix copyright date and make it easier to update from spec file [SME: 11568]
513  - improving link to donation [SME: 9598]  - fix typo and wording [SME: 11535]
514  - fix hover color [SME: 9676]  - add update event [SME: 11167]
515  - Koozali branding of manager [SME: 9676]  - revert update of samba using upstream CentOS repo [SME: 11196]
516  - new images in archive; removed old images from cvs  - obsoletes e-smith-starterwebsite [SME: 8903]
517  - updated some css smeserver-support-2.8.0-koozali_manager.patch  
 - reverting partly the changes in last patch [SME: 9598]  
 - wrong catch of proxy related url with the http to https changes  
 - thank to Charlie Brady for reporting  
 - Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,  
 - update links to koozali.org [SME: 9598]  
 - Template of os-release [SME: 9580]  
518  smeserver-yum  smeserver-yum
519  - add rpmfusion free el7 RPM GPG KEY [SME: 10263]  - no reboot needed for systemd-python [SME: 11609]
520  - avoid reboot for smeserver-locale upgrade [SME: 8705]  - fix services stop on removal [SME: 11510]
521  - code by stefano zamboni <zamboni@mind-at-work.it>  - run navigation-conf when a panel is installed [SME: 11507]
522  - correct service names with plugin to avoid reboot [SME: 8705]  - migrate back to normal CentOS mirrors after el6 EOL [SME: 11477]
523  - code by stefano zamboni <zamboni@mind-at-work.it>  - version 2 with
524  - fix KeyError with plugin to avoid reboot [SME: 8705]    deleting yum{eolversion} if for previous release or not yet eol
525  - code by stefano zamboni <zamboni@mind-at-work.it>    better handling of conditions
526  - remove centos contrib repo [SME: 10156]  - avoid reboot on removal of smeserver-* rpms [SME: 11458]
527  - added centos SCLo SIG gpg rpm signing key [SME: 10119]  - navigation-conf when a panel is installed
528  - will allow to install SCL packages directly from smecontribs  - fix wrong path for rsyslog.conf [SME: 11364]
529  - Added smeserver-yum-2.6.0.bz8705.avoidReboot.patch [SME: 8705]  - remove noise in yum process "overriding all signals, forcing restart" [SME: 11372]
530  - code by stefano zamboni <zamboni@mind-at-work.it>  - packages installed logged both in yum.log and message [SME: 11364]
531  - Avoid to reboot after the installation of a smeserver-* package  - set priority to 10 for remi-safe [SME: 11360]
532  - add Remi Collet RPM GPG KEY [SME: 9903]  - fix poor handling of service adjusting and action order [SME: 11300]
533  - Rpm updates can be downloaded during the night [SME: 1502]    now a temp event is created
534  - Added smeserver-yum-2.6.0.bz1502.DownloadOnly.patch    also better logging, better handling of update vs removal
535  - Deltarpm is now a setting in the yum panel (disabled by default)  - make yum dbs service fork [SME: 11243]
536  - Added smeserver-yum-2.6.0.bz8834.DeltaRpm.patch [SME: 8834]    now smeserver.py plugin call the service
537      yum-modify can use the service restart
538      yum.service is its own service, not called by local.service
539    - move yum upate db service to systemd [SME: 11180]
540    - fix -update events not runt on package upgrade [SME: 11184]
541      lower noise on forced restart
542    - fix switch to vault BaseURL for CentOS [SME: 11227]
543    - add remi-safe as base repo [SME: 11179]
544    - smeserver-yum-update event created [SME: 11168]
545    - fix separate action before template, and after service [SME: 11175]
546      run all actions with post-upgrade as default event
547    - fix some templates not expanded [SME: 11121]
548    - fix smeserver.py not executing action because of wrong path [SME: 11047]
549    - fix error when key absent of a dict of smeserver plugin at clean stage [SME: 10931]
550    - avoid missing template error after removal of a rpm [SME: 10846]
551    - restart php-fpm services when needed [SME: 10873]
552    - applying patch [SME: 10690]
553    - fix NameError: global name 'yum_update_dbs' is not defined [SME: 6940]
554    - use yum-cron with autoupdate feature [SME: 10690]
555    
556    These are either not SME modified Packages, or are kernel mods.
557    clamav
558    libprelude
559    sendmail
560    
561    The changelogs are written per package On behalf of the Koozali SME Server development team
562    - Compilation of release data is thanks to scripts developed by Ian Wells and substantially improved by Jean Phillipe Pialasse
563    
564  On behalf of the Koozali SME Server development team  Terry Fage


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed