1,644
edits
Changes
From SME Server
Jump to navigationJump to searchSME Server:10.0Alpha5 (view source)
Revision as of 20:20, 19 February 2019
, 20:20, 19 February 2019→Changes in this release: Update Release Notes URL
Line 72:
Line 72:
see above+================
−
−Detailed changes in this release
−=======================
−Only the changes since SME Server 10 Alpha3 are listed, mainly
−autogenerated from the changelogs.
−
−Packages altered by Centos, Redhat, and Fedora-associated developers are
−not included.
−
−Backups
−
−# e-smith-backup updated from 2.6.0-11.el7.sme to 2.6.0-12.el7.sme
−- added patch for workstation backup lock [SME: 9127]
−- code from Stefano Zamboni <zamboni at mind-at-work.it>
−
−File Server
−
−# e-smith-samba updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
−- fix typo in /server-resources/regedit/win10samba.reg [SME: 10515]
−# samba updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-common updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-common-tools updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-python updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-client-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-client updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-winbind-krb5-locator updated from 4.4.4-14.6.el7.sme to
−4.6.2-12.4.el7.sme
−# samba-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-dc updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-winbind-modules updated from 4.4.4-14.6.el7.sme to
−4.6.2-12.4.el7.sme
−# samba-dc-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-winbind-clients updated from 4.4.4-14.6.el7.sme to
−4.6.2-12.4.el7.sme
−# libwbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-common-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# libsmbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−# samba-winbind updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme
−- import 4.6.2-12 [SME: 10429]
−- change gnutls-devel >= 3.4.7 to gnutls-devel to allow build
−- import to SME the two last upstream releases [SME: 10326]
−- resolves: #1514314 - Fix CVE-2017-14746 and CVE-2017-15275
−- resolves: #1491213 - CVE-2017-12150 CVE-2017-12151 CVE-2017-12163
−- resolves: #1484423 - Require at least krb5 version 1.15.1
−- resolves: #1484713 - Fix password changes for users via smbpasswd
−- resolves: #1484723 - Be more graceful on FSCTL_VALIDATE_NEGOTIATE_INFO
−- resolves: #1481188 - Fix 'net ads changetrustpw'
−- resolves: #1459936 - Fix regression with "follow symlinks = no"
−- resolves: #1461336 - Fix smbclient username parsing
−- resolves: #1460937 - Fix username normalization with winbind
−- resolves: #1459179 - Fix smbclient session setup printing
−- related: #1277999 - Add missing patchset
−- resolves: #1431986 - Fix expand_msdfs VFS module
−
−LDAP
−
−Localisation
−
−# smeserver-locale updated from 2.6.0-9.el7.sme to 2.6.0-11.el7.sme
−- apply locale 2018-12-14 patch
−- apply locale 2017-12-02 patch
−
−Mail Server
−
−# clamav updated from 0.99.2-1.el7.sme to 0.100.2-1.el7.sme
−- Update to 0.100.2 [SME: 10578]
−
−# e-smith-pop3 updated from 2.6.0-2.el7.sme to 2.6.0-3.el7.sme
−- fix undefined fqdn for pop3 [SME: 10257]
−
−# qpsmtpd updated from 0.96-18.el7.sme to 0.96-19.el7.sme
−- add support to force spamcheck on specific IP for fetchmail [SME: 10290]
−
−# smeserver-qpsmtpd updated from 2.6.0-30.el7.sme to 2.6.0-32.el7.sme
−- add forcespamcheck support for fetchmail [SME: 10290]
−- Log DMARC reporting in syslog instead of sending email to the admin.
−- Also suppress SSL connection failed warnings [SME: 10298]
−
−# djbdns updated from 1.05-8.el7.sme to 1.05-10.el7.sme
−- improve short ttl cname resolution and glueless answer from akadns
−[SME: 8362]
−- 500-cutom-dnscache-maxloop.patch: increase QUERY_MAXLEVEL 5->10 , set
−QUERY_MAXLOOP 160
−--import patches from openwrt and rename already applied patches
−--fix security issues [SME: 10374]
−- 020-dnsroots-update.patch: update list of root DNS servers
−- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch
−dns_transmit-bug.patch
−- 080-dnscache-cache-negatives.patch: rfc2308 ?
−- 210-dnscache-strict-forwardonly.patch: rename previous patch
−dnscache-strict-forwardonly.patch
−- 240-tinydns-alias-chain-truncation.patch: rename previous patch
−tinydns-alias-chain-truncation.patch
−- 270-dnscache-sigpipe-fix.patch: SIGPIPE
−- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
−- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
−- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
−- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191
−http://marc.info/?l=djbdns&m=134190748729079&w=2
−--bug fixes [SME: 10374]
−- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512
−bytes UDP packets
−- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid
−publishing false dns records
−--fix issue with short ttl cname like akamaid [SME: 8362]
−- 200-dnscache-cname-handling.patch: rename previous patch
−dnscache-cname-handling.patch
−- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
−- 500-cutom-dnscache-maxloop.patch: set max loop to 200
−--needed for previous patches to apply cleanly
−- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get
−decompose SRC and PTR records (for 230-*.patch)
−- 050-tinydns-mmap-leak.patch: report cdb leak
−- 080-dnscache-cache-negatives.patch: rfc2308 ?
−- 090-tinydns-one-second.patch: improve tinydns with 8 or more
−concurent connections (for 240-*.patch)
−- 120-compiler-temporary-filename.patch: change tmp filename to avoid
−conflicts (for 230-*.patch)
−
−# smeserver-spamassassin updated from 2.6.0-7.el7.sme to 2.6.0-8.el7.sme
−- disable auto_learn by default when enabling Bayes [SME: 8160]
−- added properties UseBayesAutoLearn, BayesAutoLearnThresholdSpam and
−BayesAutoLearnThresholdNonSpam
−
−# e-smith-qmail updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme
−- Update aliases files for every groups passed as argument [SME: 10386]
−
−Server manager
−
−php
−- load openssl configuration file on startup #1408301
−- gd: fix buffer over-read into uninitialized memory CVE-2017-7890
−- fix php should provide php(httpd) #1215429
−- fpm: backport PHP-FPM's clear_env option from 5.4.27 #1410010
−default value is "yes", preserving previous behaviour
−- openssl: fix default_socket_timeout does not work with SSL #1378196
−- gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167
−- gd: Signed Integer Overflow gd_io.c CVE-2016-10168
−
−Webmail and Groupware
−
−Web Server
−
−Other fixes and updates
−
−# e-smith-base updated from 5.8.0-35.el7.sme to 5.8.0-38.el7.sme
−- icleaning xinetd.conf fragment out of the package [SME: 10219]
−- revert previous change - wrong package
−- added post transaction rule for ntp [SME: 10190]
−- thank you to Stefano Zamboni for this work
−
−# smeserver-yum updated from 2.6.0-16.el7.sme to 2.6.0-17.el7.sme
−- add yum-plugin-post-transaction-actions as requirement [SME: 1100]
−
−# e-smith-devtools updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
−- ease update of e-smith-devtools on non SME builders [SME: 10536]
−
−# smeserver-support updated from 2.8.0-12.el7.sme to 2.8.0-15.el7.sme
−- exclude libtevent,python-tevent from base and updates to avoid
−conflict with localy build version of samba [SME: 10573]
−- add back perl(LWP::Protocol::https) support [SME: 10516]
−- upstream samba packages were not all excluded [SME: 10428]
−
−# e-smith-ntp updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme
−- added post transaction rule for ntp [SME: 10190]
−- thank you to Stefano Zamboni for this work
−
−# e-smith-lib updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme
−- Skip tap_soft interfaces (eg SoftEther, code from Hsing-Foo Wang)
−[SME: 10445]
===Changes in this release===
===Changes in this release===
−See full Release Notes - [https://lists.contribs.org/pipermail/updatesannounce/2019-January/000470.html Release Notes Koozali SME10 Alpha 4]
−General features
+General features - Based on CentOS 7.2.1511 and all available updates
−- Based on CentOS 7.6.1810 and all available updates
−On behalf of the Koozali SME Server development team
On behalf of the Koozali SME Server development team
