Igaware Version 13.2.10 released #Igaware #linuxsbs

Posted on February 27, 2017 by tim

New in Version 13.2.10 [ Feb 23 2017]
======================================

* New Features and Improvements *

  • Updated the kernel to version 4.4.36-64
  • Installed fail2ban to block remote access from persistent “script kiddies”.
  • Updated the Zarafa system to the latest version of 7.2.5. This fixes a memory leak that slowed the server down over several weeks.
  • Re-compiled Zarafa 7.2 with new Gsoap, tcmalloc and vmime libraries. This removes a memory leak.
  • Major update for PHP software to v5.5 from v5.3
  • Added “Don’t allow insecure plain-text login for POP or IMAP” option for Zarafa IMAP/ POP.
  • Added a “RELAY:” option to the “SMTP Relay” page for the user entered domain list. The “Relay” host will be able to relay through the mail server. This will never normally be required.
  • Updated the tcpdump program ( network packet tracing) to the latest version.
  • Updated the libpcap network libraries.
  • Added a charset alias for glibc iconv. /usr/lib/gconv/gconv-modules – added “alias KS_C_5601-1987// EUC-KR//”. This is to handle Korean character sets in MIME Email.
  • Removed the libiconv libraries. Was causing confusion and is not required – support is in glibc.
  • Recompiled all binaries relying on the old libiconv libraries – rsync,
    clamav, lm_sensors, Zarafa.
  • Updated the hard disk untility program – hdparm – to the latest version.
  • Re-compiled gperf-tools ( tcmalloc) to create new .la ( libtool linker) files. To reference new compiler libstd++ file location
  • Added a “within subnet” sanity check to the WAN gateway address.
  • Updated the “checkin” web page with the real hardware product data, up-time and RAM information.
  • Updated the hardware sensors ( for temperature and fan speed). Installed IPMITOOLS for sensors.
  • Updated Zarafa Search with a new configuration file.
  • Modified “default email domain” in Email=> General to include forwarded domains.
  • Installed new self-signed SSL certificates for sendmail . You should use the letsencrypt certificates, if possible.
  • Updated the FTP server software.
  • Updated the IMAP/POP email server software.
  • Updated the Fing network scanning software to v3.0
  • Update the Z-Push active-sync software to v2.3
  • Updated the cifs-utils software used to mount remote SMB shares for backup.(mount.cifs)
  • The incoming SMTP mail server now also listens on port 587.
  • Updated the Nmap network scaning software to v7.
  • Updated System_Daemon php scripts
  • Changed default dhcp lease time to 3 days from 1 month
  • Updated the DHCP server software to the latest version.
  • Removed root user access for FTP server.

* Fixes *

  • Fixed ifup-aliases. Now ignores the main WAN ip and does not duplicate it.
  • Fixed Zarafa for Korean charset display problem.
  • Patched the GSOAP libraries with Zarafa patches ( memory leak) . Compiled as shared libraries. Looks like previously it was static.
  • Fixed some console system status health scripts. Now stores time of last fail. Reboot status now shows all reboots in history.
  • Brain-dead Zarafa servers issue a kill(0,) which sends a kill to all process group members. Kills init.d script and affects console_health. Added trap ”SIGTERM to init.d script for Zarafa.
  • Removed the loading of SIP VOIP helper modules on all machines. (rmmod siphelper modules in rsyncittemp)
  • Fixed the email alias user list for file share access. For ADS users use the sAMAccountName as the key for write-read access list.
  • Changed the sendmail MTA CA certificate bundle to ca-bundle ( STARTLS can now verify incoming SSL connections)
  • NOTE: ASMedia Technology Inc. ASM1083/1085 PCIe to PCI Bridge causes lost interrupt and poll mode for bad performance !!!
  • Make sure that the Realtek r8168 driver is installed if the card is a 8168
    chipset. The Linux default r8169 will not work at gigabit speeds !!
  • DHCP server config – don’t allow “/” in machine names.
  • Fixed display issues with “Lan Devices” pages. Did not remember interfaces
    option and defaulted back to LAN if LAN2 was selected.
  • Enabled LOOSE_PROVISIONING for Z-push ( active-sync). Android update requires it.
  • Permissions and owner of mail spool file are now checked and set for users.
  • Fixed a problem with Zarafa Out of Office.

New in Version 13.2.10-pre20 [ Jan 21 2017]
============================================

* New Features and Improvements *

  • Updated the “Powered Off” System Status monitor. All reboots are now recorded properly and available on the System Status and System Check-in Pages.
  • Added an option to the IPSec connection screen to allow the definition of the Source WAN IP address.
  • Updated the iSCSI SCST mods and progs to latest version to support kernel version 4.
  • Updated the hardware sensors config files.
  • All devices will update to the new Linux Kernel version on next reboot.
  • Installed the latest CA SSL certificates.
  • Added a menu option to create free SSL certificates from letsencrypt.org for the Igaware server. This will automatically create and install trusted SSL certificates for HTTP, IMAP/POP, SMTP STARTLS and Zarafa IMAP/POP. Menu option is at System => SSL Certificates. This is BETA.
  • Added Explicit Congestion Notification (ECN) for TCP network connections when requested by incoming connections.
  • Email Filtering – Blocked WordPress email exploits.
  • Installed the latest version of irqbalance. This distributes interrupt requests between processors.
  • The “Scan LAN Network” device discovery feature has been completely re-written. Five different methods are now used to discover devices on the network. New options are provided to deal with network discoveries. Give it a whirl.
  • The DHCP server now makes sure that static DHCP leases – those devices listed on the “LAN Devices” pageare not handed out to other devices. Previously, if a device did not respond to a PING echo request, then it’s lease could be handed out to another device. This can not happen now. Also, if a device is deleted from the “LAN Devices” page, the DHCP lease is removed from the lease file.

* Fixes *

  • The ISCSI subsystem was not shuting down on reboot.
  • IP alias now ignores the main WAN IP address and does not duplicate it.
  • Fixed a problem with email routing based on sender address( smarttable)
  • Fixed a problem with the Zarafa IMAP SSL certificates.
  • Fixed some bugs with the new letsencrypt.org SSL certificate install.
  • Fixed permission issues with SSL certificate install.
  • Several USB disks were not detected properly with the new kernel running. Loaded the UAS ( USB Attached storage) kernel module.
  • Installed a new Linux kernel version 4.4.36. This fixes a rare CPU lockup problem.
  • Small bug fixes with letsencrypt SSL certificates for sendmail.
  • Added fullchain SSL certificate to mail server.
  • Various small bug fixes.

New in Version 13.2.9 [ Nov 16 2016]
=====================================

* New Features and Improvements *

  • Added an option to change the destination port to 2525 for Email Recipient Address Verification. Microsoft Exchange > 2013 requires this. Please read the on-line help for this option to explain how to set up MS Exchange for this.
  • Updated the libboost libraries to v1.49 for Zarafa.
  • Loaded new CPU microcode for buggy Intel processors.
  • Updated identiy files for PCI and USB devices.
  • Installed a new version of cifs-utils. This allows mounting of remote Windows Shares. ( mount.cifs)

* Fixes *

  • The Anti-Virus daemon is now not reloaded if there have been no changes to the AV signature database. This caused problems if the database reload took too long.
  • Removed a race condition if the AV database was reloaded and the Mail Scanner detected that the AV server was not responding in time.
  • Removed the Samba winbind seperator from smb.conf. Did not work – removing the definition does work and gives ‘\’ as the seperator.
  • Fixed the username authentication for the SSL VPN server. ( patch has been temporarily removed)
  • Patched kernel to stop a spinlock problem. ( in af_unix.c)
  • Fixed a problem with the DHCP server config file. Machine names with a : character would stop the DHCP server. (dhcpd.conf. Removed : & ) from machine names)

New in Version 13.2.8 [ Oct 13 2016]
=====================================

* New Features and Improvements *

  • Added several new Anti-Spam rules to filter out the new Porn related Spam.
  • The Desktop vacation shortcut now authenticates with AD users.
  • Fileserver shares can now easily be moved to a different RAID disk pair. Previously, this was difficult to implement.
  • Installed the latest RAID disk untility – mdadm v3.4
  • The Zarafa Server memory cache is now perioicaly cleared down to improve performance.

* Fixes *

  • New Zarafa libraries caused the web server to stop responding.
  • Fixed location of netlogon and sysvol shares for the AD Server.
  • Squashed bugs in the Email “vacation” desktop shortcut.
  • Fixed the email vacation “reply to” address when the recipient user is an AD user.
  • Fixed the backup catalog listing. The /home/zarafa/ directory was being traversed for no reason.
This entry was posted in Linux Small Business Server, System Updates. Bookmark the permalink.

Leave a Reply