| 1 |
Koozali SME Server 9.1 Beta 2 Release Announcement |
Koozali SME Server 9.1 Final Release Notes |
|
|
|
|
Koozali SME Server 9.1 Beta 2 Release Notes |
|
| 2 |
=========================================== |
=========================================== |
| 3 |
|
09 Dec 2015 |
|
25th June 2015 |
|
| 4 |
|
|
| 5 |
The Koozali SME Server (SME Server) development team is pleased to announce |
The Koozali SME Server (SME Server) development team is pleased to announce |
| 6 |
the release of SME Server 9.1 Beta 2 which is based on CentOS 6.6. |
the release of SME Server 9.1 which is based on CentOS 6.7. |
| 7 |
|
|
| 8 |
|
SME 9.1 incorporates only very minor changes from SME 9.1rc1 |
| 9 |
|
|
| 10 |
|
CentOS 6.# has an EOL of 20 Nov 2020. |
| 11 |
|
|
| 12 |
Bug reports and reports of potential bugs should be raised in the bug |
Bug reports and reports of potential bugs should be raised in the bug |
| 13 |
tracker (and only there, please); |
tracker (and only there, please); |
| 16 |
|
|
| 17 |
Download |
Download |
| 18 |
======== |
======== |
| 19 |
|
You can download SME Server 9.1 from |
| 20 |
You can download SME Server 9.1 Beta 2 from |
http://mirror.contribs.org/smeserver/releases/9.1/ |
|
http://mirror.contribs.org/smeserver/releases/testing/9.1.beta2/ |
|
| 21 |
or for other methods see http://wiki.contribs.org/SME_Server:Download |
or for other methods see http://wiki.contribs.org/SME_Server:Download |
| 22 |
|
|
| 23 |
Please note it may take up to 48 hours for mirrors to finish syncing, |
Please note it may take up to 48 hours for mirrors to finish syncing, |
| 24 |
during this time you may experience problems. |
during this time you may experience problems. |
| 25 |
|
|
|
|
|
| 26 |
About SME Server |
About SME Server |
| 27 |
================ |
================ |
|
|
|
| 28 |
SME Server is the leading Linux distribution for small and medium |
SME Server is the leading Linux distribution for small and medium |
| 29 |
enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
| 30 |
a non-profit corporation that exists to provide marketing and legal support |
a non-profit corporation that exists to provide marketing and legal support |
| 32 |
|
|
| 33 |
SME Server is freely available under the GNU General Public License and |
SME Server is freely available under the GNU General Public License and |
| 34 |
is only possible through the efforts of the SME Server community. |
is only possible through the efforts of the SME Server community. |
| 35 |
|
|
| 36 |
However, the availability and quality of SME Server is dependent on |
However, the availability and quality of SME Server is dependent on |
| 37 |
meeting our expenses, such as hosting costs, server hardware, etc. |
meeting our expenses, such as hosting costs, server hardware, etc. |
| 38 |
|
|
| 53 |
Koozali Inc is happy to supply an invoice for any donations received, |
Koozali Inc is happy to supply an invoice for any donations received, |
| 54 |
simply email treasurer@koozali.org |
simply email treasurer@koozali.org |
| 55 |
|
|
|
|
|
| 56 |
Notes |
Notes |
| 57 |
===== |
===== |
|
|
|
| 58 |
In-place upgrades are not supported. It is necessary to backup and then restore. |
In-place upgrades are not supported. It is necessary to backup and then restore. |
| 59 |
/boot partition is always RAID 1. |
/boot partition is always RAID 1. |
| 60 |
|
|
| 61 |
The spare handling for RAID arrays is not implemented. |
The spare handling for RAID arrays is not implemented. |
| 62 |
|
|
| 63 |
USB installs are now supported, see: |
USB installs are now supported, see: |
| 64 |
http://wiki.contribs.org/Install_From_USB#SME_Server_9 |
http://wiki.contribs.org/Install_From_USB#SME_Server_9 |
| 65 |
|
|
| 66 |
|
Minimal changes have been made from SME9.1rc1 |
| 67 |
|
|
| 68 |
|
Major changes in this release |
| 69 |
|
============================= |
| 70 |
|
Added functionality to use a Dummy NIC for the internal interface. |
| 71 |
|
Set the check update frequency of smecontribs through the server-manager. |
| 72 |
|
Disable SSLv3. |
| 73 |
|
Added Windows 10 support for SME Domain. |
| 74 |
|
|
| 75 |
Changes in this release |
Changes in this release |
| 76 |
======================= |
======================= |
|
|
|
| 77 |
Only the changes since SME Server 9.0 are listed, mainly |
Only the changes since SME Server 9.0 are listed, mainly |
| 78 |
autogenerated from the changelogs. |
autogenerated from the changelogs. |
| 79 |
|
|
| 80 |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
| 81 |
not included. |
not included. |
| 82 |
|
|
|
|
|
| 83 |
Backups |
Backups |
| 84 |
------- |
------- |
| 85 |
- dar new upstream version |
- dar new upstream version |
| 86 |
- dar add pkgconfig |
- dar add pkgconfig |
| 87 |
|
- The mountpoint is tested before attempting the console backup |
| 88 |
- Workstation Backup, do not fail backup for mtime/ctime mismatch |
- Workstation Backup, do not fail backup for mtime/ctime mismatch |
| 89 |
- Change the sub checkMount() to findmnt Ian Wells <esmith@wellsi.com> |
- Change the sub checkMount() to findmnt Ian Wells <esmith@wellsi.com> |
| 90 |
- Add requires nfs-utils |
- Add requires nfs-utils |
| 91 |
- The nfs service is neither started or allowed to start |
- The nfs service is neither started or allowed to start |
| 92 |
- Don't remove the apache group during restore |
- Don't remove the apache group during restore |
| 93 |
|
|
| 94 |
|
File Server |
| 95 |
|
----------- |
| 96 |
|
- The samba performance registry is now added in the win10samba.reg |
| 97 |
|
- Fix samba audit parameters |
| 98 |
|
Patch from Jorge Gonzalez |
| 99 |
|
Replace syslog template to rsyslog so samba audits are logged in the correct |
| 100 |
|
file |
| 101 |
|
- The samba performance registry is now added in the win10samba.reg |
| 102 |
|
Corrected typo in patch of bad character '“', relative to roaming profile |
| 103 |
|
e-smith-samba-2.4.0.bz9038.W10_registry.patch |
| 104 |
|
Roaming profiles follow Windows version (.V2,.V3,.V4,.V5) |
| 105 |
|
added W10 support to SME Domain |
| 106 |
|
e-smith-samba-2.4.0.bz9038.W10_registry.patch |
| 107 |
|
- Added e-smith-samba-2.4.0.bz9048.RoamingProfileForW8.patch |
| 108 |
|
Modified the registry file for roaming profile with W8 |
| 109 |
|
Roaming profiles follow Windows version (.V2,.V3,.V4,.V5) |
| 110 |
|
- Add dependency on perl(Crypt::Cracklib), needed for ftpasswd --use-cracklib |
| 111 |
|
Add -utils subpackage for support tools (#1258440), using a sub-package to |
| 112 |
|
ensure that the main package does not require perl |
| 113 |
|
Update ftpasswd to version from proftpd 1.3.5a for additional functionality |
| 114 |
|
(SHA passwords, locking and unlocking of accounts) |
| 115 |
|
|
| 116 |
|
|
| 117 |
LDAP |
LDAP |
| 118 |
---- |
---- |
| 130 |
|
|
| 131 |
Localisation |
Localisation |
| 132 |
------------ |
------------ |
| 133 |
|
- apply locale smeserver-locale-2.4.0-locale-2015-07-12.patch |
| 134 |
|
- apply locale smeserver-locale-2.4.0-locale-2015-07-01.patch |
| 135 |
- apply locale 2015-03-14 patch from pootle |
- apply locale 2015-03-14 patch from pootle |
| 136 |
- apply locale 2014-12-25 patch from pootle |
- apply locale 2014-12-25 patch from pootle |
| 137 |
|
|
| 159 |
|
|
| 160 |
Server manager |
Server manager |
| 161 |
-------------- |
-------------- |
| 162 |
|
- fix gzfile accept paths with NUL character #1213407 |
| 163 |
|
- fix patch for CVE-2015-4024 |
| 164 |
|
- fix more functions accept paths with NUL character #1213407 |
| 165 |
|
- soap: missing fix for #1222538 and #1204868 |
| 166 |
|
- core: fix multipart/form-data request can use excessive |
| 167 |
|
amount of CPU usage CVE-2015-4024 |
| 168 |
|
- fix various functions accept paths with NUL character |
| 169 |
|
CVE-2015-4026, #1213407 |
| 170 |
|
- ftp: fix integer overflow leading to heap overflow when |
| 171 |
|
reading FTP file listing CVE-2015-4022 |
| 172 |
|
- phar: fix buffer over-read in metadata parsing CVE-2015-2783 |
| 173 |
|
- phar: invalid pointer free() in phar_tar_process_metadata() |
| 174 |
|
CVE-2015-3307 |
| 175 |
|
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329 |
| 176 |
|
- phar: fix memory corruption in phar_parse_tarfile caused by |
| 177 |
|
empty entry file name CVE-2015-4021 |
| 178 |
|
- soap: more fix type confusion through unserialize #1222538 |
| 179 |
|
- soap: more fix type confusion through unserialize #1204868 |
| 180 |
|
- core: fix double in zend_ts_hash_graceful_destroy CVE-2014-9425 |
| 181 |
|
- core: fix use-after-free in unserialize CVE-2015-2787 |
| 182 |
|
- exif: fix free on unitialized pointer CVE-2015-0232 |
| 183 |
|
- gd: fix buffer read overflow in gd_gif.c CVE-2014-9709 |
| 184 |
|
- date: fix use after free vulnerability in unserialize CVE-2015-0273 |
| 185 |
|
- enchant: fix heap buffer overflow in enchant_broker_request_dict |
| 186 |
|
CVE-2014-9705 |
| 187 |
|
- phar: use after free in phar_object.c CVE-2015-2301 |
| 188 |
|
- soap: fix type confusion through unserialize |
| 189 |
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 |
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 |
| 190 |
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668 |
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668 |
| 191 |
- core: fix integer overflow in unserialize() CVE-2014-3669 |
- core: fix integer overflow in unserialize() CVE-2014-3669 |
| 239 |
|
|
| 240 |
Other fixes and updates |
Other fixes and updates |
| 241 |
----------------------- |
----------------------- |
| 242 |
|
- Update /etc/mime.types templates |
| 243 |
|
- Use sha256 algorithm for signature of SSL cert. |
| 244 |
|
- Added new createlinks function event_templates event_actions event_services |
| 245 |
|
- Don't claim to own /sbin and /sbin/e-smith |
| 246 |
|
- display variable name in the server-manager $domainName, $domainDesc $domain |
| 247 |
|
- Revert the upload_tmp_folder patch as it needs some more work |
| 248 |
- Add dummy NIC support as InternalInterface |
- Add dummy NIC support as InternalInterface |
| 249 |
- Only fire the ip-change event when IP is assigned to WAN nic |
- Only fire the ip-change event when IP is assigned to WAN nic |
| 250 |
(Code by Charlie Brady and John Crisp) |
(Code by Charlie Brady and John Crisp) |
| 251 |
- Only reset service access when switching to or from private server mode |
- Only reset service access when switching to or from private server mode |
| 252 |
(Code by Charlie Brady) |
(Code by Charlie Brady) |
| 253 |
- When quiting the console app with unsaved changes set the default selected |
- When quiting the console app with unsaved changes set the default selected |
| 254 |
answer to NO |
answer to NO |
| 255 |
- Added a comment to specify the real configuration file of dhcpd |
- Added a comment to specify the real configuration file of dhcpd |
| 316 |
- Added a check-update for the smecontribs repository |
- Added a check-update for the smecontribs repository |
| 317 |
- Move protected package list to the correct location |
- Move protected package list to the correct location |
| 318 |
|
|
|
|
|
| 319 |
General features |
General features |
| 320 |
================ |
================ |
| 321 |
|
- Based on CentOS 6.7 and all available updates |
|
- Based on CentOS 6.6 and all available updates |
|
|
|
|
| 322 |
|
|
| 323 |
Terry Fage |
Terry Fage |
| 324 |
On behalf of the SME Server development team |
On behalf of the SME Server development team |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch
