| 1 |
SME Server 9.0 Release Candidate 1 Release Notes |
Koozali SME Server 9.1 Beta 2 Release Announcement |
|
================================================ |
|
| 2 |
|
|
| 3 |
12th May 2014 |
Koozali SME Server 9.1 Beta 2 Release Notes |
| 4 |
|
=========================================== |
| 5 |
|
|
| 6 |
The SME Server development team is pleased to announce the release of |
25th June 2015 |
| 7 |
SME Server 9.0 Release Candidate 1 which is based on CentOS 6.5. |
|
| 8 |
|
The Koozali SME Server (SME Server) development team is pleased to announce |
| 9 |
|
the release of SME Server 9.1 Beta 2 which is based on CentOS 6.6. |
| 10 |
|
|
| 11 |
Bug reports and reports of potential bugs should be raised in the bug |
Bug reports and reports of potential bugs should be raised in the bug |
| 12 |
tracker (and only there, please); |
tracker (and only there, please); |
| 13 |
|
|
| 14 |
http://bugs.contribs.org/ |
http://bugs.contribs.org/ |
| 15 |
|
|
|
|
|
| 16 |
Download |
Download |
| 17 |
======== |
======== |
| 18 |
|
|
| 19 |
You can download SME Server 9.0 RC 1 from |
You can download SME Server 9.1 Beta 2 from |
| 20 |
http://mirror.contribs.org/smeserver/releases/testing/9.0rc1/iso/x86_64/ |
http://mirror.contribs.org/smeserver/releases/testing/9.1.beta2/ |
| 21 |
or for other methods see http://wiki.contribs.org/SME_Server:Download |
or for other methods see http://wiki.contribs.org/SME_Server:Download |
| 22 |
|
|
| 23 |
Please note it may take up to 48 hours for mirrors to finish syncing, |
Please note it may take up to 48 hours for mirrors to finish syncing, |
| 24 |
during this time you may experience problems. |
during this time you may experience problems. |
| 25 |
|
|
| 38 |
meeting our expenses, such as hosting costs, server hardware, etc. |
meeting our expenses, such as hosting costs, server hardware, etc. |
| 39 |
|
|
| 40 |
As such, we ask for a donation to offset costs and fund further development. |
As such, we ask for a donation to offset costs and fund further development. |
| 41 |
|
|
| 42 |
a) If you are a school, a church, a non-profit organisation or an individual |
a) If you are a school, a church, a non-profit organisation or an individual |
| 43 |
using SME Server for private purposes, we would appreciate you to contribute |
using SME Server for private purposes, we would appreciate you to contribute |
| 44 |
within your means toward the costs associated with hosting, maintenance and |
within your means toward the costs associated with hosting, maintenance and |
| 45 |
development. |
development. |
| 46 |
|
|
| 47 |
b) If you are a company or an integrator and you are deploying SME Server in |
b) If you are a company or an integrator and you are deploying SME Server in |
| 48 |
the course of your work to generate revenue, we expect you to make a donation |
the course of your work to generate revenue, we expect you to make a donation |
| 49 |
commensurate with the level of revenue you generate and the number of servers |
commensurate with the level of revenue you generate and the number of servers |
| 55 |
simply email treasurer@koozali.org |
simply email treasurer@koozali.org |
| 56 |
|
|
| 57 |
|
|
|
Thanks |
|
|
====== |
|
|
|
|
|
The development team would like to thank all of those who have involved |
|
|
themselves with this release. |
|
|
|
|
|
|
|
| 58 |
Notes |
Notes |
| 59 |
===== |
===== |
| 60 |
|
|
| 61 |
|
In-place upgrades are not supported. It is necessary to backup and then restore. |
| 62 |
/boot partition is always RAID 1. |
/boot partition is always RAID 1. |
| 63 |
The spare handling for RAID arrays is not implemented. |
The spare handling for RAID arrays is not implemented. |
| 64 |
|
|
| 65 |
Major changes in this release |
USB installs are now supported, see: |
| 66 |
============================= |
http://wiki.contribs.org/Install_From_USB#SME_Server_9 |
|
|
|
|
This section will be further updated in a later release. |
|
| 67 |
|
|
|
Allow workstation backup to mounted drive. |
|
| 68 |
|
|
| 69 |
Changes in this release |
Changes in this release |
| 70 |
======================= |
======================= |
| 71 |
|
|
| 72 |
This section will be further updated in a later release. |
Only the changes since SME Server 9.0 are listed, mainly |
| 73 |
Currently this only shows changes since SME Server 9.0 Alpha 3 and it is |
autogenerated from the changelogs. |
|
autogenerated from the changelogs. A more human readable version will be |
|
|
written. |
|
|
|
|
| 74 |
|
|
| 75 |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
| 76 |
not included. |
not included. |
| 78 |
|
|
| 79 |
Backups |
Backups |
| 80 |
------- |
------- |
| 81 |
- Workstation Backup, do not exclude dar files by default |
- dar new upstream version |
| 82 |
in line with console backup. |
- dar add pkgconfig |
| 83 |
- Workstation Backup, fix selective restore by requesting array |
- Workstation Backup, do not fail backup for mtime/ctime mismatch |
| 84 |
of results from CGI.pm. |
- Change the sub checkMount() to findmnt Ian Wells <esmith@wellsi.com> |
| 85 |
- Workstation Backup, new method to show files being restored is needed |
- Add requires nfs-utils |
| 86 |
when using dar 2.4. |
- The nfs service is neither started or allowed to start |
| 87 |
- Simplify the workstation backup report. |
- Don't remove the apache group during restore |
|
- Workstation Backup, count backup sets from 1. |
|
|
- Update the text in the Backup panel. |
|
|
- Allow more time for cifs mounts before reporting errors. |
|
|
- Dar updated to 2.4.10. |
|
|
- Workstation Backup, add a choice to delete old backup before or after |
|
|
backup. |
|
|
- Workstation Backup, remove temporary directory on success. |
|
|
- Refactor directory tree creation and removal. |
|
|
- Workstation Backup, inconsistent formatting of host share name in messages. |
|
|
- Workstation Backup, more reliable catalog creation. |
|
|
- Workstation Backup, report cifs mount errors. |
|
|
- Workstation Backup, do not access /proc/mounts |
|
|
- Incremental backup fix. |
|
|
- Workstation Backup, allow spaces in the backup destination. |
|
|
Includes fix for disk usage broken with spaces. |
|
|
- Desktop Backup, allow user setting of compression level. |
|
|
- Use Wake on LAN before starting Backup with DAR. |
|
|
- NFS syntax is deprecated for CIFS mount. |
|
|
- Require cifs-utils and use UNC paths for cifs mount. |
|
|
- Improve text in console backup for success and failure. |
|
|
- Console USB Backup, allow user setting of compression level. |
|
|
Compression level of the console backup is now -6 by default. |
|
|
- Patch to exclude trying to backup aquota.* files so that backups to tape |
|
|
will succeed. |
|
|
- Update to the latest version of console restore. |
|
|
- Boostrap console should only offer restore if no password set. |
|
|
- Delete items from dar catalog in descending order |
|
|
- Minor non-functional updates based on PerlCritic and review comments |
|
|
- Move console backup to e-smith-backup |
|
|
- Workstation Backup, selective restore of deleted files |
|
|
- Remove migrate fragment 30vfstype |
|
|
- Workstation Backup, Don't delete old sets, only empty them. |
|
|
- Workstation Backup, Mail and WOL now subroutines |
|
|
- Workstation Backup, remove the need for a temporary directory, updated. |
|
|
- Workstation Backup, backupname includes seconds. |
|
|
- Simplification of the time routines. |
|
|
- Workstation Backup, remove the need for a temporary directory. |
|
|
- Allow configuration of workstation backup if no removable disk present |
|
|
- Create simplified function for updating the DarCatalog |
|
|
- Workstation Backup, do not create folder in / |
|
|
- Workstation Backup, suppress ctime error message on incremental backups |
|
| 88 |
|
|
| 89 |
|
|
| 90 |
File Server |
LDAP |
|
----------- |
|
|
- Also remove the empty template-begin file in pam.d/proftpd templates. |
|
|
- Remove unused pam templates. |
|
|
- Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
|
|
- Add template for wide links. |
|
|
- Add templates for max protocol. |
|
|
- Add support for Windows 8 domain joining & user login. |
|
|
- Add windows network performance enhancements registry file. |
|
|
- Update default ServerName in 30smbServerName |
|
|
- Add ability to configure waiting for network Win7 registry option. |
|
|
- Change default Workgroup and Domain to sme-server. |
|
|
- Fix mod_sftp/mod_sftp_pam invalid pool allocation during kbdint |
|
|
authentication. |
|
|
- Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
|
|
- Remove 20smb as migrating from pre-SME7 is not supported |
|
|
|
|
|
LDAP (Optional in SME 9.0, and considered experimental) |
|
| 91 |
---- |
---- |
| 92 |
- Adjust slapd ACL to change dn.subtree to dn.children. |
- Remove size limit for search result |
| 93 |
|
- Make pdbedit output independent from locale and timezone so it can be |
| 94 |
|
parsed |
| 95 |
|
- Symlink /etc/init.d/ldap to /usr/bin/sv |
| 96 |
|
- Chown all DB files to ldap before staring slapd |
| 97 |
|
- Set checkpoint in slapd.conf instead of DB_CONFIG |
| 98 |
|
- Stop ldap on shutdown (rc0 and rc6) |
| 99 |
|
- Don't overwrite the ldif dump if slapcat's output is empty |
| 100 |
|
(code from Charlie Brady) |
| 101 |
|
- Run db_recover on startup |
| 102 |
|
- Don't wipe LDAP DB when the ldif dump is empty |
| 103 |
|
|
| 104 |
Localisation |
Localisation |
| 105 |
------------ |
------------ |
| 106 |
- Latest translations included. |
- apply locale 2015-03-14 patch from pootle |
| 107 |
|
- apply locale 2014-12-25 patch from pootle |
| 108 |
|
|
| 109 |
Mail Server |
Mail Server |
| 110 |
----------- |
----------- |
| 111 |
- Only present one auth method at a time, in order, to NET::SMTP. |
- ClamAV Updated to release 0.98.7 |
| 112 |
- Remove limit properties from the imaps DB entry. |
- Remove the patch e-smith-email-5.4.0-UEsDBBQDAAAIA-new-signature.patch |
| 113 |
- Apply process limits to dovecot. |
- Add new zip file signatures to default mailpatterns database : UEsDBBQDAAAIA |
| 114 |
- Include /usr/bin/refreshclam |
- Add new zip file signatures to default mailpatterns database : ZIPVOSX & ZIPV3 |
| 115 |
- Allow webmail-only-local-network. |
- Disable fips mode on stunnel |
| 116 |
- Fix handling of messages with no body and no trailing \n after |
- Use stunnel instead of sslio to support TLS |
| 117 |
headers (eq was used in attempted assignment). |
- Revert forcing TLSv1 patch as it breaks some inbound delivery |
| 118 |
- Fetchmail multidrop mode follows TCPPort setting. |
- Revert whitelist_soft dnsbl as it hasn't been verified yet and we need to |
| 119 |
- Always enable imap, listen on loopback is disabled. |
push the fix for TLSv1 |
| 120 |
- Avoid use of unitialised variables in smtp migrate fragments. |
- Modify whitelist_soft transaction to interact with dnsbl filter |
| 121 |
- Simplify qmail concurrency templates. |
by John Crisp <jcrisp@safeandsoundit.co.uk> |
| 122 |
- Modify domain style pseudonym pointing to user with dot in name. |
- Force usage of TLSv1 |
| 123 |
- Accept messages with no body and no trailing \n after headers. |
- Increase MemLimit to 700M for clamav-0.98 |
| 124 |
- Fix Net::DNS update breaks qpsmtpd. |
- Allow custom passdb args |
| 125 |
- allows the spamassassin plugin to read the size limit from its |
- allow IP relayclient stored by DB |
| 126 |
arguments |
Code from Stefano ZAmboni <zamboni@mind-at-work.it> |
| 127 |
- Move clamscan scheduling to complete before 99-raid-check. |
& Charlie Brady <charlieb-contribs-bugzilla@budge.apana.org.au> |
| 128 |
- Listen on loopback if disabled. |
- allow IP relayclient stored by DB |
| 129 |
- Fix permissions on imapd.pem as it's used by pop3s. |
Code from Stefano ZAmboni <zamboni@mind-at-work.it> |
|
- Do not obsolete bglibs, it's required for cvm. |
|
|
- Allow plaintext (unless explicitly disabled). |
|
|
- Do not obsolete cvm, it's still needed for qpsmtpd. |
|
|
- Fix size_limit initialization. |
|
|
- reads MaxMessageSize prop of spamassassin and adds it |
|
|
to the arguments of the plugin if defined. |
|
|
- Requires e-smith-cvm-unix-local. |
|
|
- Load TextCat plugin if ok_languages is enabled. |
|
|
- Fix how qpsmtpd tags spam email. |
|
|
- Remove Packager and Vendor from spec file. |
|
|
- Revert last change. |
|
|
- Sources are local, do not download them. |
|
|
- Updates to release 0.98.1 |
|
|
- Handle exceptions during attempted SASL auth. Add more debug tracing. |
|
|
- Remove DENYSOFT on SPF softfail |
|
|
- Remove insecure ciphers |
|
|
- Remove workarounds for how qpsmtpd tags spam email |
|
|
- Fix whitespace in 10required_score |
|
|
- Update SBL and RBL Lists |
|
| 130 |
|
|
| 131 |
Server manager |
Server manager |
| 132 |
-------------- |
-------------- |
| 133 |
- Renew donation text in server-manager. |
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 |
| 134 |
- Do not load mod_ssl. |
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668 |
| 135 |
- Remove log noise from Create starter web site panel. |
- core: fix integer overflow in unserialize() CVE-2014-3669 |
| 136 |
- Add security fix for CVE-2013-4113. |
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670 |
| 137 |
- Renew donation text and graphic in server-manager. |
- spl: fix use-after-free in ArrayIterator due to object |
| 138 |
- Update footer copyright and renew full copyright text. |
change during sorting. CVE-2014-4698 |
| 139 |
- Change wording of Software Update button. |
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670 |
| 140 |
- Roll new stream to remove obsolete images |
- gd: fix NULL pointer dereference in gdImageCreateFromXpm. |
| 141 |
- Remove references to obsolete images, by Stephane de Labrusse |
CVE-2014-2497 |
| 142 |
- Fix new starter website. |
- fileinfo: fix incomplete fix for CVE-2012-1571 in |
| 143 |
- Update location of Primary index.html. |
cdf_read_property_info. CVE-2014-3587 |
| 144 |
|
- core: fix incomplete fix for CVE-2014-4049 DNS TXT |
| 145 |
Webmail and Groupware |
record parsing. CVE-2014-3597 |
| 146 |
--------------------- |
- core: type confusion issue in phpinfo(). CVE-2014-4721 |
| 147 |
- Allow webmail-only-local-network. |
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 |
| 148 |
- Don't use SSL over loopback. |
- core: fix heap-based buffer overflow in DNS TXT record parsing. |
| 149 |
- Replace last change with a default value for horde access |
CVE-2014-4049 |
| 150 |
- Ensure initialisation of variables in webmail-only-local-network. |
- core: unserialize() SPL ArrayObject / SPLObjectStorage type |
| 151 |
|
confusion flaw. CVE-2014-3515 |
| 152 |
|
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270 |
| 153 |
|
- fileinfo: unrestricted recursion in handling of indirect type |
| 154 |
|
rules. CVE-2014-1943 |
| 155 |
|
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571 |
| 156 |
|
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479 |
| 157 |
|
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480 |
| 158 |
|
- fileinfo: cdf_unpack_summary_info() excessive looping |
| 159 |
|
DoS. CVE-2014-0237 |
| 160 |
|
- fileinfo: CDF property info parsing nelements infinite |
| 161 |
|
loop. CVE-2014-0238 |
| 162 |
|
- add php_get_module_initialized internal function (#1053301) |
| 163 |
|
- soap: fixRFC2616 transgression (#1045019) |
| 164 |
|
- fix static calling in non-static method (#953786) |
| 165 |
|
- fix autoload called from closing session (#954027) |
| 166 |
|
- drop unneeded part of CVE-2006-724.patch and fileinfo.patch |
| 167 |
|
extension not provided or git binary patches (#1064027) |
| 168 |
|
- odbc: fix incompatible pointer type (#1053982) |
| 169 |
|
- mysqli: fix possible segfault in mysqli_stmt::bind_result |
| 170 |
|
php bug 66762 (#1069167) |
| 171 |
|
- mysql: fix php_mysql_fetch_hash writes long value into int |
| 172 |
|
php bug 52636 (#1054953) |
| 173 |
|
|
| 174 |
Web Server |
Web Server |
| 175 |
---------- |
---------- |
| 176 |
- Force magic_quotes Off. |
- DIsable SSLv3 |
| 177 |
- Remove insecure ciphers |
- Revert CRIME mitigation patch, as it's not needed |
| 178 |
|
- Mitigate CVE-2012-4929 |
| 179 |
|
- Turn SSLEngine on in the SSL vhost (ProxyPassVirtualHosts) |
| 180 |
|
- Remove obsolete gpc_order setting from php.ini. |
| 181 |
|
- Add an upload_tmp_folder setting by db command |
| 182 |
|
- Thanks to Michael McCarn and Jean-philippe Pialasse |
| 183 |
|
|
| 184 |
Other fixes and updates |
Other fixes and updates |
| 185 |
----------------------- |
----------------------- |
| 186 |
- Add ssh-autoblock for external interface. |
- Add dummy NIC support as InternalInterface |
| 187 |
- Do not hardcode NIC names to eth0 and eth1. |
- Only fire the ip-change event when IP is assigned to WAN nic |
| 188 |
- Return nic names in probeAdapters so we can drop HWAddress. |
(Code by Charlie Brady and John Crisp) |
| 189 |
- Remove HWAddress prop from interfaces. |
- Only reset service access when switching to or from private server mode |
| 190 |
- Remove the "swap interface" feature. |
(Code by Charlie Brady) |
| 191 |
- Remove obsolete VLAN code. |
- When quiting the console app with unsaved changes set the default selected |
| 192 |
- Load the bonding module if NIC bonding is enabled. |
answer to NO |
| 193 |
- Define the udev-post service in the DB. |
- Added a comment to specify the real configuration file of dhcpd |
| 194 |
- Provide the ability to restrict ibay access to http. |
- Modified the patch of daniel e-smith-base-5.6.0-ensure_apache_alias_www.patch |
| 195 |
- Restart rsyslog in logrotate event. |
- Ensure www group exists and that apache is an alias of www |
| 196 |
- Set smb ServerName if unset. |
- Check where running runlevel 4, not 7 in service wrapper |
| 197 |
- Don't reload init in bootstrap-console-save and console-save. |
- Correctly update NIC configuration on single NIC systems |
| 198 |
- Fix add_new_disk_to_raid1. |
- Symlink udev-post service in rc7 |
| 199 |
- Provide the ability to force https per ibay. |
- Fix PPPoE after a post-upgrade |
| 200 |
- Add an audit for groups. |
- Remove dependency on microcode_ctl |
| 201 |
- Update the full names of users added in %pre. |
- Prevent emailing about the normal, weekly, checks of RAID arrays, by Mark Casey |
| 202 |
- Fix uid and gid to be the same for the users added in %pre. |
- Don't claim to own /sbin and /sbin/e-smith |
| 203 |
- Changed Prereq to Requires(pre) as Prereq is deprecated. |
- Add an upload_tmp_folder setting by db command |
| 204 |
- Patch to correct issue with not being able to access a password protected |
Thanks to Michael McCarn and Jean-philippe Pialasse |
| 205 |
ibay. |
- the folder /tmp is created by the event init-ibays |
| 206 |
- Update ServerName (Samba netbios name) when SystemName is updated. |
- the event ibay-modify create/chown/chmod the folder /tmp |
| 207 |
- Remove old System Name from the Hosts DB. |
- Add an upload_tmp_folder setting by db command |
| 208 |
- Fix group creation when LDAP auth is enabled. |
Thanks to Michael McCarn and Jean-philippe Pialasse |
| 209 |
- Disable IPv6 on a default install. |
- Force SSL following ibays settings to the relevant domain |
| 210 |
- Continue escaping control chars in rsyslog, just replace LF with space. |
- Perl::critic syntax modifications |
| 211 |
- Use UTF-8 in the console. |
- Add more PHP options to ibays only by db commands |
| 212 |
- Remove redundant parts of init-accounts. |
- Add SSLRequireSSL to ibays when SSL is set to enabled |
| 213 |
- Add_template_to_ssl.pem, codes by JP Pialasse. |
- Allow the admin upsd in /etc/hosts.allow |
| 214 |
- Require diald. |
- Creation Admin Privilege for use of upscmd & upsrw |
| 215 |
- Removal of rc.e-smith now functionality is in e-smith-service. |
- Remove obsolete directives {allowfrom} |
| 216 |
- Replacement of rc.e-smith by moving code into e-smith-service. |
- Access property created (default value is 'localhost') |
| 217 |
- Fix the way '.' works in bash. |
- Remove obsolete directives {ACL,ACCEPT,REJECT} and switch to LISTEN |
| 218 |
- rename /etc/ldap.conf to /etc/pam_ldap.conf (and same for .secret). |
in /etc/ups/upsd.conf |
| 219 |
- Always define InternalInterface NICBonding. |
- Allow NUT in /etc/hosts.allow and in /etc/services |
| 220 |
- In the console refer to removable media instead of USB disk. |
Code change from Daniel B.<daniel@firewall-services.com> |
| 221 |
- Fix a few more syslog => rsyslog items. |
- Revert the patch e-smith-tinydns-2.4.0_add_hostname_following_dhcpdleases_hostname.patch |
| 222 |
- Remove modprobe stuff. |
- Duplicate hostnames with different IP are not used, a warn in log is printed |
| 223 |
- Don't be as agressive on rate limiting. |
- The server hostname can not be used by a dhcp client, a warning in log is printed |
| 224 |
- Change syslog templates to rsyslog. |
- Changed the name of /tmp/dhcpd.leases to /tmp/tmpdhcpd.leases |
| 225 |
- Ensure existing_hwaddr is always initialized. |
when the dhcpd lease is modified |
| 226 |
- Change System Name from mitel-networks-server to sme-server. |
- Do template-expand of /var/service/tinydns/root/data |
| 227 |
- Patch to remove symlink to Primary ibay from /home/e-smith/files/primary. |
- Do sigus1 of dhcp-dns & dnscache |
| 228 |
- Patch to correct issue with not being able to access a password protected |
- Forked DHCPparse for parsing the end of lease and remove old entry of dnscache |
| 229 |
ibay. |
- Require perl-Text-DHCPparse removed |
| 230 |
- Correctly display accented letters in the console. |
- Timestamp added in tinydns, the entry in dnscache is cleared when the lease is over |
| 231 |
- Add e-smith as a Requires(pre) and remove adding users in %pre. |
- Add new feature 'Parse dhcpd.leases and feed to tinydns' |
| 232 |
- Fix uid and gid to be the same in create-system-user. |
- e-smith-tinydns-2.4.0_add_hostname_following_dhcpdleases_hostname.patch |
| 233 |
- Ignore mysql.event table. |
made from the solution of Stefano Zamboni |
| 234 |
- Use --single-transaction in mysql-dump-tables. |
- Make slapd service an alias for ldap |
| 235 |
- Use mysql_upgrade instead of fix_privilege_tables. |
- Switched to sysvinit from systemd (it's rhel-6) |
| 236 |
- Increase memory limit for ntp. |
- Fixed license tag Related: rhbz#632853 |
| 237 |
- Make rsyslog listen to our socket. |
- pptpd New version |
| 238 |
- Remove rc.quota_create. |
- Dropped pppd-unbundle patch (upstreamed) |
| 239 |
- the config file is radiusclient.conf, not radiusclient-ng.conf. |
- Various fixes according to Fedora review Related: rhbz#632853 |
| 240 |
- Add templates for radiusclient-ng.conf file to remove binaddr |
- Modified for Fedora Resolves: rhbz#632853 |
| 241 |
directive. |
- Update to upstream version 2.3.4, which fixes CVE-2012-3478 and CVE-2012-2252 |
| 242 |
- Add directive to options.pptpd so that radius plugin can find the |
- Updated rsync-protocol.patch to fix CVE-2012-2251, and to apply on top of the |
| 243 |
radiusclient configuration file.. |
CVE-2012-3478 and CVE-2012-2252 fixes. |
| 244 |
- Fix permissions of /etc/radiusclient-ng/servers. |
- Updated makefile.patch to preserve RPM CFLAGS. |
| 245 |
- Add hack for running rc7.d script during runlevel 4. |
- Added command-line-error.patch (from Debian), correcting error message |
| 246 |
- Apply SME Server config file changes to pwauth. |
generated when insecure command line option is used (CVE-2012-3478 fix |
| 247 |
- Fix libgomp obsoletes to not obsolete el6 version. |
regression). |
| 248 |
- Change order of mail options in check4updates. |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
| 249 |
- Fix parsing issues with "manage RAID" menu option in the console. |
- Add patch for rsync3 compat (#485946) |
| 250 |
- Remove SSH v1 legacy support. |
- Update runit to 2.1.2 |
| 251 |
- Support nolvm boot option. |
- Remove now uneeded obsolete directives |
| 252 |
- Create degraded RAID1 array with single disk install. |
- Remove openssl from the Exclude list of centos repo |
| 253 |
- nodmraid is the default for SME 9.0 installs. |
- Add a default Yum db property for check4contribsupdates |
| 254 |
- Give more time to the grub menu. |
- Added a check-update for the smecontribs repository |
| 255 |
- Update installer hard drive warning. |
- Move protected package list to the correct location |
| 256 |
- Customize confirmation dialogs during fresh install. |
|
|
- Run installer in 'text' mode. |
|
|
- Roll new stream to really remove obsolete images |
|
|
- Roll new stream to remove obsolete images |
|
|
- Move console backup to e-smith-backup |
|
|
- Remove support.pl from e-smith-base and move to smeserver-support |
|
|
- Console restore should reboot |
|
|
- Boostrap console should only offer restore if no password set |
|
|
- Add restore backup as a console item for freshly installed servers |
|
|
- Non-code changes to perform_restore.pm |
|
|
- Refer to removable media not CDROM in console restore |
|
|
- Remove insecure SSL ciphers |
|
|
- Add more PHP options to ibays only by db commands |
|
|
- Add SSLRequireSSL to ibays when SSL is set to enabled |
|
|
- Force https per ibay should not be the default for existing ibays |
|
|
- Add textbox() to console.pm, getLicenseFile to util.pm |
|
|
- Update frame header and footer |
|
|
- Use mysql_upgrade in 00_restore_dumped_dbs, by Terje Edseth |
|
|
- Use mysql_upgrade --force due to upgrade to MySQL 5.1 |
|
|
- Prevent server being used in NTP amplification attacks. |
|
|
- Code by Jesper Holck |
|
|
- Modify template to allow Squid proxy https access to ports other than |
|
|
443,563 using db command |
|
|
- Codes by Ray Mitchell and Ian Wells |
|
|
- Add -n 1 to the dmesg line in rc.sysinit to prevent unwanted messages |
|
|
appearing on the console |
|
|
- Correct offest in runlevel7 patch to avoid .orig file |
|
|
- Remove CentOS Branding patch |
|
|
- Add logcheck to help analyse errors in the log files |
|
|
- Roll new stream to remove obsolete images |
|
|
- Move support.pl from e-smith-base to smeserver-support |
|
|
- The console license page now uses dialog's textbox. |
|
|
- Ensure console is run with taint checking. |
|
|
- Add a verification in the console of number of pptp clients against ip allowed in dhcpd |
|
|
- Add a verification in remoteaccess panel of number of pptp clients against ip allowed in dhcpd |
|
|
- Display a warning with the domain name before to remove it [SME : 8333] |
|
|
- Move mysql logging to multilog |
|
|
- Remove the information_schema |
|
|
- Fix error with flush of xt_recent SSH connections. |
|
|
- Add option to tcpsvd to set socket keepalive. |
|
| 257 |
|
|
| 258 |
General features |
General features |
| 259 |
================ |
================ |
| 260 |
|
|
| 261 |
- Based on CentOS 6.5 and all available updates |
- Based on CentOS 6.6 and all available updates |
|
|
|
| 262 |
|
|
|
Ian Wells |
|
| 263 |
|
|
| 264 |
|
Terry Fage |
| 265 |
On behalf of the SME Server development team |
On behalf of the SME Server development team |
|
$Id: README.txt,v 1.10 2014/04/12 03:42:07 wellsi Exp $ |
|
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch
