/[smeserver]/cdrom.image/sme8/README.txt
ViewVC logotype

Diff of /cdrom.image/sme8/README.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.4 by wellsi, Fri Mar 5 22:02:58 2010 UTC Revision 1.33 by vip-ire, Fri Mar 27 08:26:14 2015 UTC
# Line 1  Line 1 
1  SME Server 8.0 Beta 5 Release Notes  Koozali SME Server 8.2 Release Notes
2  ===================================  ====================================
3    
4  March 7 2010  18 March 2015
5    
6  The SME Server development team is pleased to announce the release of  The Koozali SME Server (SME Server) development team is pleased to announce
7  SME Server 8.0beta5 which is based on CentOS 5.4 and will be the next  the release of SME Server 8.2 beta2 which is based on CentOS 5.11
 major release of SME Server.  
   
 ***************************  
 SME Server users should not upgrade production servers to this release  
 but those who can are encouraged to load the beta to a dedicated test  
 machine and take part in the testing phase.  
 ***************************  
8    
9  Bug reports and reports of potential bugs should be raised in the bug  Bug reports and reports of potential bugs should be raised in the bug
10  tracker (and only there, please);  tracker (and only there, please);
11    
12      http://bugs.contribs.org/      http://bugs.contribs.org/
13    
14  ***************************  Download
15  Testers Please Note the following...  ========
16    
17  1. CentOS 5 has dropped support for i586 and therefore SME Server 8  You can download SME Server 8.2 beta2 from
18     will not work on i586 hardware. [See bugzilla:2845]. i586 hardware  http://mirror.contribs.org/smeserver/releases/testing/8.2.beta2/
19     means processors before and including Intel Pentium, Pentium MMX;  or for other methods see http://wiki.contribs.org/SME_Server:Download
    AMD K5, K6, K6-II, K6-III and Via C3. i686 architecture processors  
    are Intel Pentium Pro, Pentium II, Pentium III; AMD Athlon,  
    Athlon XP and later.  
   
 2. Upgrading from previous releases should only be done on clean  
    machines without contribs or other modifications. Issues with  
    upgrading from clean SME machines can be reported in the bug  
    tracker, but detailed reviews of upgrading paths will not start  
    until Release Candidate versions are made available.  
   
    Some notes on upgrading from Release 7.4 and release 7.0, 7.1, and  
    7.2 versions can be found at http://wiki.contribs.org/SME_Server_8  
20    
21     You can download SME8.0 Beta 5 from  Please note it may take up to 48 hours for mirrors to finish syncing,
22     http://mirror.contribs.org/smeserver/releases/testing/8/iso/i386/  during this time you may experience problems.
23    
 ***************************  
24    
25  About SME Server  About SME Server
26  ================  ================
27    
28  SME Server is the leading Linux distribution for small and medium  SME Server is the leading Linux distribution for small and medium
29  enterprises.  enterprises. SME Server is brought to you by Koozali Foundation, Inc.,
30    a non-profit corporation that exists to provide marketing and legal support
31    for SME Server.
32    
33  SME Server is freely available under the GNU General Public License  
34  and is only possible through the efforts of the SME Server community.  SME Server is freely available under the GNU General Public License and
35    is only possible through the efforts of the SME Server community.
36  However, the availability and quality of SME Server is dependent on  However, the availability and quality of SME Server is dependent on
37  meeting our expenses, such as hosting costs, server hardware, etc.  meeting our expenses, such as hosting costs, server hardware, etc.
38    
39  As such, we ask for a small donation to offset costs and fund further  As such, we ask for a donation to offset costs and fund further development.
40    
41    a) If you are a school, a church, a non-profit organisation or an individual
42    using SME Server for private purposes, we would appreciate you to contribute
43    within your means toward the costs associated with hosting, maintenance and
44  development.  development.
45    
46    b) If you are a company or an integrator and you are deploying SME Server in
47    the course of your work to generate revenue, we expect you to make a donation
48    commensurate with the level of revenue you generate and the number of servers
49    your have in the field. Please, help the project
50    
51  Please visit http://wiki.contribs.org/Donate to donate.  Please visit http://wiki.contribs.org/Donate to donate.
52    
53    Koozali Inc is happy to supply an invoice for any donations received,
54    simply email treasurer@koozali.org
55    
56  Thanks and a plea for help  
57  ==========================  Thanks
58    ======
59    
60  The development team would like to thank all of those who have involved  The development team would like to thank all of those who have involved
61  themselves with this beta release. At this stage in development the role  themselves with this release.
62  of testers is vital; the final release date and the stability and quality  
63  of the new version depend on full and thorough testing by all levels of  
64  users, right from beginners who may be confused by, and draw the developers  Notes
65  attention to, insufficiently transparent system design, up to seasoned  =====
66  and skilled users who can probe the system deeply. Bug triage and  
67  verification testing needs lots of community involvement; please try to  1. CentOS 5 has dropped support for i586 and therefore SME Server 8.2
68  spare some time to this vital aspect of our community's future.     will not work on i586 hardware. [See bugzilla:2845]. i586 hardware
69       means processors before and including Intel Pentium, Pentium MMX;
70  This release, which is based on a major update of the Centos Core, contains     AMD K5, K6, K6-II, K6-III and Via C3. i686 architecture processors
71  many new features. Please run Software Installer in Server Manager     are Intel Pentium Pro, Pentium II, Pentium III; AMD Athlon,
72  regularly during testing to be sure your system reflects the latest stage     Athlon XP and later.
73  of development.  
74    
75    2. Some notes on SME Server 8.2 including help on upgrades can be found at
76       http://wiki.contribs.org/SME_Server_8
77    
78    
79    3. Please note Upstream policy on Production Phase 3 for EL5. Only those
80       security updates deemed crucial are now being released upstream for EL5
81       (so also for SME8) The Koozali team recommends that you start moving
82       workloads from SME Server 8 to SME Server 9.
83       Planned EOL for CentOS 5 is Mar 31 2017
84    
85    
86    4. Please note it may take up to 48 hours for mirrors to finish syncing,
87       during this time you may experience problems.
88       You can download SME Server 8.2 from
89       http://mirror.contribs.org/smeserver/releases/8.2/iso/i386/
90       or for other methods see http://wiki.contribs.org/SME_Server_8
91    
 Major changes in beta 5  
 =======================  
 The policy is to stick with upstream updates unless there are compelling reasons  
 not to. The number of customers unable to run the software they want because of  
 the Samba and PHP versions constituted a compelling reason.  
   
 Samba 3.4.3: has been updated from sources provided by ClearOS.  
 This version of samba provides support for Windows 7 domain logins.  
   
 PHP 5.2.10: is provided by the Red Hat Application Stack v2.  
 5.2 is needed by recent web applications such as OScommerce.  
   
 LDAP authentication: third party applications can authenticate against  
 SME Users passwords. LDAP is still read only, built automatically  
 from SME databases.  
92    
93  Changes in this release  Changes in this release
94  =======================  =======================
95    
96  This section of this README file lists all package changes carried out by  Packages altered by Centos, Redhat, and Fedora-associated developers are
97  SME-associated developers in 2009 and 2010 where the most recent changes  not included.
98  to the package are dated after February 2010. The package changelogs often  
99  included earlier changes and changes carried out by non-SME-associated  Backups
100  developers; these were removed to shorten the list. Packages recently  -------
101  altered by Centos, Redhat, and Fedora-associated developers are not   - Add pkgconfig dar
102  included.   - New Upstream Version dar
103     - Add requires nfs-utils
104  e-smith-backup   - The nfs service is neither started or allowed to start
105  - Improved upgrade compatibility, remove .orig [SME: 4809]   - Workstation Backup, do not create folder in /
106  - fix mount point for verify [SME: 5765]  
107  - create mount point for verify [SME: 5765]  
108  - remove comment re smbpasswd being last [SME: 5600]  LDAP
109  - Fix mounting usb disks [SME: 4809]  ----
110  - Don't backup more than once per day [SME: 5445]   - Make pdbedit output independent from locale and timezone so it can be
111  - Fix full backup on Sunday diplayed as Everyday [SME: 5623]     parsed
112  - Add more excludes for compressed filetypes [SME: 4765]  
113  - Porting Jean-Paul Leclere changes in the SME Server 7 tree to SME Server 8:  
114  - using credentials file for cifs mount [SME: 5442]  Localisation
115  - workstation backup: add cifs credentials expand to bootstrap-console-save [SME: 5442]  ------------
116  - workstation backup: allow many backups in the same day [SME: 5411]   - apply locale 2015-03-14 patch from pootle
117  - workstation restore: all needed backups must be available before restore [SME: 5397]   - apply locale 2014-12-25 patch from pootle
118  - workstation verify: add option to check integrity of backups needed in a full restore [SME: 5405]   - apply locale 2014-03-08 patch from pootle
119  - minor fix in translation [SME: 5407]  
120    
121  e-smith-base  Mail Server
122  - Restate smartd dependency. [SME: 5814]  -----------
123  - Fix gettext errors in WAN/LAN subnet error message [SME: 5501]   - Updated to ClamAV release 0.98.6
124  - Really fix template expansion error [SME: 4528]   - Add BuildRequires for openssl-devel and libxml2-devel
125  - Fix template expansion error [SME: 4528]   - Remove Packager and Vendor from ClamAV spec file.
126  - Improve security by using SHA1 algorithm for certificate signing [SME: 5737]   - Add new zip file signatures to default mailpatterns database : ZIPVOSX &
127  - Fix eth? swapping [SME: 4528]     ZIPV3
128  - Fix console backup from removable media [SME: 4809]   - Fix stunnel path
129  - Bump certificate encryption from 1024 bits to 2048 bits [SME: 5735]   - Use stunnel instead of sslio to support TLS
130  - Fix console restore from removable media (Federico Simoncelli) [SME: 4809]   - Modify whitelist_soft transaction to interact with dnsbl filter
131  - Add a dummy call so xgettext can pull translated $ifName in console configuration pages. [SME: 5571]     by John Crisp <jcrisp@safeandsoundit.co.uk>
132  - Translate $ifName in console configuration pages [SME: 5571]   - Remove DENYSOFT on SPF softfail qpsmtpd
133  - Prevent IP conflicts between local and external interface in server gateway mode [SME: 5501]   - Increase MemLimit to 700M for clamav-0.98
134  - Clean up: remove unused nonetworkdrivers [SME: 5521]   - Remove dnsbl.ahbl.org RBL List
135    
136  e-smith-devtools  
137  - Fix previous patch [SME: 5538]  PHP
138  - Add compiled python files to the packaged files list [SME: 5538]  --------------
139     - Resync with upstream php53, which include
140  e-smith-email      fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
141  - Use HeloHost (if present) in smtp-auth-proxy.pl [SME: 5680]      xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
142  - Allow for changing SPAM subject tag through server-manager      core: fix integer overflow in unserialize() CVE-2014-3669
143        exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670
144  e-smith-formmagick   - Resync with upstream php53, which include
145  - Update path for 64-bit compatibility [SME: 5756]      spl: fix use-after-free in ArrayIterator due to object
146        change during sorting. CVE-2014-4698
147  e-smith-grub      spl: fix use-after-free in SPL Iterators. CVE-2014-4670
148  - Remove hiddenmenu entry from grub.conf [SME: 5546]      gd: fix NULL pointer dereference in gdImageCreateFromXpm.
149        CVE-2014-2497
150  e-smith-horde      fileinfo: fix incomplete fix for CVE-2012-1571 in
151  - Patch to change horde's templated mime_drivers.php file so some additional      cdf_read_property_info. CVE-2014-3587
152  settings can be customized [SME: 5224]      core: fix incomplete fix for CVE-2014-4049 DNS TXT
153  - config setprop horde inlineMSWord true|false <-- default is false      record parsing. CVE-2014-3597
154  - config setprop horde inlineMSExcel true|false <-- default is false   - Resync with upstream php53, which include
155  - config setprop horde inlineMSPowerpoint true|false <-- default is false      core: type confusion issue in phpinfo(). CVE-2014-4721
156  - config setprop horde inlineWordperfect true|false <-- default is false      date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
157  - config setprop horde inlineAudio true|false <-- default is true      core: fix heap-based buffer overflow in DNS TXT record parsing.
158  - Patch to make sure username is always saved in lowercase to horde db's [SME:5775]      CVE-2014-4049
159  - Upgrade horde templates to reflect changes in Horde 3.3.6 [SME: 5774]      core: unserialize() SPL ArrayObject / SPLObjectStorage type
160  - Really apply patch from previous attempt [SME: 5509]      confusion flaw. CVE-2014-3515
161  - Upgrade horde templates to reflect changes in Horde 3.3.5 [SME: 5509]      fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
162  - Upgrade to horde templates to reflect changes in Horde 3.3.4 [SME: 5372]      fileinfo: unrestricted recursion in handling of indirect type
163        rules. CVE-2014-1943
164  e-smith-imp      fileinfo: out of bounds read in CDF parser. CVE-2012-1571
165  - Patch to template imp's mime_drivers.php file so some settings can be customized [SME: 5224]      fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
166  - config setprop horde Limitinlinesize <--default is 1048576      fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
167  - config setprop horde inlineHTML true|false <--default is true      fileinfo: cdf_unpack_summary_info() excessive looping
168  - config setprop horde inlineImages true|false <--default is true      DoS. CVE-2014-0237
169  - Updated templates to reflect changes in imp 4.3.6 [SME: 5776]      fileinfo: CDF property info parsing nelements infinite
170  - Updated templates to reflect changes in imp 4.3.5 [SME: 5510]      loop. CVE-2014-0238
171  - Updated templates to reflect changes in imp 4.3.4 [SME: 5371]  
172    
173  e-smith-ingo  Web Server
174  - Update e-smith-ingo templates to reflect changes in Ingo 1.2.3 [SME: 5777]  ----------
175  - Update e-smith-ingo templates to reflect changes in Ingo 1.2.2 [SME: 5511]   - Disable SSLv3
176    
177  e-smith-ldap  
178  - Fix bug reference in spec file  Other fixes and updates
179  - Fix admin user password change (Daniel B.) [SME: 5810]  -----------------------
180  - Init database if the ldif dump is empty (ie from sme8b) [SME: 5747]   - When quiting the console app with unsaved changes set the default selected
181  - revert re-init database [SME:5747]     answer to NO
182  - re-init readonly database on post-upgrade [SME:5747]   - Add a verification in the console of number of pptp clients against ip
183  - Force SSL/TLS for remote authentication [SME: 5748]     allowed in dhcpd
184  - reuse users_groups_ous.patch2 [SME: 5743]   - Add a verification in remoteaccess panel of number of pptp clients against
185  - Separate groups and users with mailboxRelatedObject [SME:5749]     ip allowed in dhcpd
186  - Set readonly access [SME:5752]   - Reset primary ibay default type
187  - Fix ldap-update action script to user-lock event [SME: 5720]   - Add a migrate fragment to sanitize the host comment for illegal characters
188  - Fix Groups entries [SME: 5743]     in the server-manager.
189  - Add Groups entries [SME: 5743]     Sanitize existing hostname records, Add a validator for the comment in the
190  - Add admin user as a standard user [SME: 5742]     hostname field
191  - Add ldap-update action script to user-lock event [SME: 5720]     Code done by Charlie Brady <charlieb-contribs-bugzilla@budge.apana.org.au>
192  - Add ldap authentication and tls support [SME: 5720]     and Huib <sme@artixdesign.com>
193  - Update schema for newer openldap and remove calFBurl [SME: 5159]   - Force SSL following ibays settings to the relevant domain
194  - Convert ldif dump [SME: 5446]   - Move mysql logging to multilog
195     - Allow ntp status queries from localhost.
196  e-smith-lib   - Avoid uninitialized variable warning from last update.
197  - adds the hwaddr parameter to probeAdapters() [SME: 4528]   - Add ssh-autoblock for external interface - patch by Chris Maltby
198  - Update path for 64-bit compatibility [SME: 5756]   - Update to upstream version 2.3.4, which fixes CVE-2012-3478 and
199  - Really apply previous patch in the spec file. [SME: 5659]     CVE-2012-2252
200  - Add patch (Federico Simoncelli) to prevent re-use of uids. [SME: 5659]   - Updated rsync-protocol.patch to fix CVE-2012-2251, and to apply on top of
201       the
202  e-smith-manager     CVE-2012-3478 and CVE-2012-2252 fixes.
203  - Only display error messages intended for admin in server-manager [SME: 5700]   - Updated makefile.patch to preserve RPM CFLAGS.
204  - Fix css validation errors. [SME: 5656]   - Added command-line-error.patch (from Debian), correcting error message
205  - display reconfigure warning once if UnsavedChanges=yes [SME: 5475]     generated when insecure command line option is used (CVE-2012-3478 fix
206  - display reconfigure warning if UnsavedChanges=yes [SME: 5475]     regression).
207     - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
208  e-smith-portforwarding   - Add patch for rsync3 compat (#485946)
209  - Enable port forwards to localhost if mode is serveronly [SME: 1003]   - Update smeserver-release for beta1 of SME Server 8.2
210  - Adjust xml entry in locale [SME: 2379]   - Set the check update frequency of smecontribs through the server-manager
211  - Add option to limit port forwards from source ip [SME: 2379]   - Add a default Yum db property for check4contribsupdates
212     - Added a check-update for the smecontribs repository
 e-smith-qmail  
 - SMTPSmartHost template incorrectly uses brackets to avoid MX lookups. [SME: 5456]  
   
 e-smith-samba  
 - Create/remove V2 profile directories [SME: 3666]  
 - Enable bindinterfaces by default [SME: 3325]  
 - Set recyle bin permissions [SME: 1734]  
 - Add registry file to server-resources to allow windows 7 to  
 join Samba 3.x domains [SME: 5425]  
   
 e-smith-turba  
 - Update to fix turbatype error when using turba LDAP address search [SME: 5772]  
 - Update LDAP for changed scope [SME: 2939]  
 - Updated template files to reflect changes in Turba 2.3.3 [SME: 5778]  
 - Remove previous patch. Will add new partial patch for bug 2939  
 - Update LDAP for changed schema [SME: 2939]  
 - Updated template files to reflect changes in Turba 2.3.2 [SME: 5512]  
   
 horde  
 - Updated to Horde 3.3.6 [SME: 5774]  
 - Updated to Horde 3.3.5 [SME: 5509]  
 - Updated to Horde 3.3.4 [SME: 5372]  
   
 imp-h3  
 - Updated to imp 4.3.6 [SME: 5776]  
 - Updated to Imp 4.3.5 [SME: 5510]  
 - Updated to Imp 4.3.4 [SME: 5371]  
   
 ingo-h3  
 - Update to Ingo 1.2.3 [SME: 5777]  
 - Update to Ingo 1.2.2 [SME: 5511]  
   
 initscripts  
 - Fix typo in /sbin/service patch (Federico Simoncelli) [SME: 5674]  
 - Exit with zero exit status for services not listed in configuration  
 database to avoid failures in post scriptlets [SME: 1653]  
 - Merge in SME Server /sbin/e-smith/service wrapper so that only  
 initscripts which exist in run-level 7 can be run. This ensures  
 that the supervised service is run, if one exists, and protects  
 against running "service httpd restart" [SME: 61, 1495]  
   
 perl-CGI-FormMagick  
 - Fix year in previous changelog entry [SME: 3144]  
 - Fix unitialized value errors in HTML.pm [SME: 3144]  
   
 php  
 - update to 5.2.10  
   
 qpsmtpd  
 - Remove spool and log dir from package (in smeserver-qpsmtpd)  
 - Don't create smtpd user (unused in sme) [SME: 5815]  
 - Apply qpsmtpd git changesets to implement custom SPAM  
 subject prefix [SME: 5031]  
 - Update pre requires so scripts don't fail on install [SME: 5558]  
 - Rebase bad_rcptto patch to remove orig file [SME: 5548]  
 - Change logging in tls init to prevent warnings [SME: 5551]  
 - Only run/initialize plugins once [SME: 5533]  
 - Change spool dir permissions and owner to qpsmtpd:clamav  
 - Change log dir permissions and owner to smelog:smelog  
 - add sme specific patches  
 - Update to 0.83  
 - Update to latest release  
 - don't add qpsmtpd to start-up by default  
 - add apache config file to qpsmtpd-apache package  
 - remove all patches  
 - use rpm macros for dirs  
 - use a filelist for main package instead of a long list of files  
   
 smeserver-audittools  
 - Fix regular expression to actually replace the colon with a dot [SME: 5572]  
 - Remove the leading path for yum in newrpms [SME: 5562]  
   
 smeserver-clamav  
 - Setup logrotate for /var/log/clamd/clamscan.log [SME: 5570]  
 - Remove create option from logrotate configuration [SME: 5570]  
 - Fix version number in previous changelog entry  
 - Setup logrotate for /var/log/clamd/smeserver-clamscan.log [SME: 5570]  
 - Minor changelog fixes in version number  
 - Change default value for HeuristicScanPrecedence to yes [SME: 5204]  
   
 smeserver-locale  
 - Revert previous patch to resync with generated patches based on SME Server 7 [SME: 5803]  
 - Correct previous changelog entry  
 - Apply locale 2010-02-27 patch  
 - apply locale 2010-02-25 patch  
 - apply locale 2009-10-27 patch  
 - Add Thai language [SME: 5466]  
 - apply locale 2009-08-24 patch  
 - Add Polish language [SME: 5437]  
   
 smeserver-qpsmtpd  
 - Enable qpsmtpd RequireResolvableFromHost plugin by default, remove  
 database entry and the database default value [SME: 5617]  
 - Tie template fragment into event system to have it expanded [SME: 5031]  
 - Add qpsmtpd template fragment for custom SPAM subject prefix [SME: 5031]  
   
 smeserver-spamassassin  
 - Requires SpamAssassin 3.3.0 [SME: 5741]  
 - Remove FuzzyOcr [SME: 5771]  
 - Use ATrpm package (partially remove previous patch)  
 - Requires SpamAssassin 3.3.0 [SME: 5741]  
 - Remove FuzzyOcr [SME: 5771]  
 - Run sa-update every two hours and check restart every hour  
 - Redirect cron job output to logfile to avoid mail noise  
 - Fix invalid service name in sa-update [SME: 3304]  
   
 smeserver-support  
 - Fix css validation errors. [SME: 5656]  
 - Add support for Polish (pl). [SME: 5434]  
 - Add support for Thai (th). [SME: 5466]  
 - obsoletes fonts-xorg-base to prevent dragging in unneeded  
 packages [SME: 5535]  
 - add VFlib2 to obsoletes list so upgrades work [SME: 5532]  
 - Add Obsoletes for kernel modules. [SME: 5386]  
   
 smeserver-yum  
 - only unlink file if we created it [SME: 5476]  
 - Import only keys not already imported [SME: 5507]  
 - set unsaved changes in yum event [SME: 5475]  
 - move yum warming to sme yum plugin [SME: 5474]  
 - ensure file exists before unlinking [SME: 5476]  
 - remove semicolons from yum plugin  
 - Add frequency of updates toggle [SME: 3764]  
 - remove stray file  
   
 smolt  
 - Apply patches so smolt will run under el5  
 - Apply sme specific patches  
   
 turba-h3  
 - Updated to Turba 2.3.3 [SME: 5778]  
 - Updated to Turba 2.3.2 [SME: 5512]  
213    
214    
215  General features  General features
216  ================  ================
217    
218  - Based on CentOS 5.4 and all available updates  - Based on CentOS 5.11 and all available updates
219    
220    
221  $Id: README.txt,v 1.3 2009/06/16 07:29:58 wellsi Exp $  Terry Fage
222    On behalf of the SME Server development team

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed