New in Version 13.2.11-1 [ Mar 31 2017]
* New Features and Improvements *
- Updated the cryptography libraries ( openssl) to the lastest version for security reasons.
- Updated the Zarafa supporting libraries. This provides speed improvements.
- Added HTTP v2 support to the Apache web server. This provides bandwidth reduction and speed improvements.
- Improved the speed of the Apache web server. Moved the scoreboard file to shared memory.
- Added HTTP v2 support to the Apache web server.
- Updated Nmap to version 7.40. Nmap is a utility for network exploration and security auditing.
- The FTP server now has a built-in ls command. This allows directory listings for Shares.
- Updated the XML library (libxml2) to version 2.9.
- Updated NTFS related programs to the latest version. Mainly used for NTFS filesystem backups.
- Added the option – “Force use of high security SSL ciphers” – for the Zarafa (POP/ IMAP) gateway.
- Disabled the “ADS Realm” field if the Igaware server is already provisioned as an Active Directory server.
* Fixes *
- Squashed a bug with the new version of Zarafa. When sending to a mal-formed email address the bounce message would contain foreign characters for the failed recipient.
- SSL VPN. Fixed a typo in the config file.
- Added a one-off call to z-push-admin -a fixstate. This is to fix and/or upgrade the z-push ( active-sync) profiles.
- Allow selected boxes to use an older version of PHP. This is until Horde is upgraded.
- Failed local email delivery will now be queued instead of being delivered to the users default mail folder.
- Set backend for z-push to BackendZarafa if Kopano is not being used.
- Fixed the firewall init’ script for the fail2ban server.
- Fixed a bug with the Health status for the PPPOE network watchdog.
- Squashed a bug with the Letsencryt.org certificate renewal.
New in Version 13.2.10-3 [ Mar 22 2017]
* New Features and Improvements *
- Fixed z-push ( active-sync) state data for 13.2.10-3
- Several features and fixes addedd for 13.2.10-2
- Updated the Linux kernel to version 4.4.36-64.
- Installed fail2ban to block remote access from persistent “script kiddies”.
- Updated the Zarafa system to the latest version of 7.2.5. This fixes a memory leak that slowed the server down over several weeks.
- Re-compiled Zarafa 7.2 with new Gsoap, tcmalloc and vmime libraries. This removes a memory leak.
- Major update for PHP software to v5.5 from v5.3
- Added “Don’t allow insecure plain-text login for POP or IMAP” option for Zarafa IMAP/ POP.
- Added a “RELAY:” option to the “SMTP Relay” page for the user entered domain list. The “Relay” host will be able to relay through the mail server. This will never normally be required.
- Updated the tcpdump program ( network packet tracing) to the latest version.
- Updated the libpcap network libraries.
- Added a charset alias for glibc iconv. /usr/lib/gconv/gconv-modules – added “alias KS_C_5601-1987//EUC-KR//”. This is to handle Korean character sets in MIME Email.
- Removed the libiconv libraries. Was causing confusion and is not required – support is in glibc.
- Recompiled all binaries relying on the old libiconv libraries – rsync, clamav, lm_sensors, Zarafa.
- Updated the hard disk untility program – hdparm – to the latest version.
- Re-compiled gperf-tools ( tcmalloc) to create new .la ( libtool linker) files. To reference new compiler libstd++ file location
- Added a “within subnet” sanity check to the WAN gateway address.
- Updated the “checkin” web page with the real hardware product data, up-time and RAM information.
- Updated the hardware sensors ( for temperature and fan speed). Installed IPMITOOLS for sensors.
- Updated Zarafa Search with a new configuration file.
- Modified “default email domain” in Email=> General to include forwarded domains.
- Installed new self-signed SSL certificates for sendmail . You should use the letsencrypt certificates, if possible.
- Updated the FTP server software.
- Updated the IMAP/POP email server software.
- Updated the Fing network scanning software to v3.0
- Update the Z-Push active-sync software to v2.3
- Updated the cifs-utils software used to mount remote SMB shares for backup.( mount.cifs)
- The incoming SMTP mail server now also listens on port 587.
- Updated the Nmap network scaning software to v7.
- Updated System_Daemon php scripts
- Changed default dhcp lease time to 3 days from 1 month
- Updated the DHCP server software to the latest version.
- Removed root user access for FTP server.
* Fixes *
- Fixed ifup-aliases. Now ignores the main WAN ip and does not duplicate it.
- Fixed Zarafa for Korean charset display problem.
- Patched the GSOAP libraries with Zarafa patches ( memory leak) . Compiled as shared libraries. Looks like previously it was static.
- Fixed some console system status health scripts. Now stores time of last fail. Reboot status now shows all reboots in history.
- Brain-dead Zarafa servers issue a kill(0,) which sends a kill to all process group members. Kills init.d script and affects console_health. Added trap ” SIGTERM to init.d script for Zarafa.
- Removed the loading of SIP VOIP helper modules on all machines. (rmmod sip helper modules in rsyncittemp)
- Fixed the email alias user list for file share access. For ADS users use the sAMAccountName as the key for write-read access list.
- Changed the sendmail MTA CA certificate bundle to ca-bundle ( STARTLS can now verify incoming SSL connections)
- NOTE: ASMedia Technology Inc. ASM1083/1085 PCIe to PCI Bridge causes lost interrupt and poll mode for bad performance !!!
- Make sure that the Realtek r8168 driver is installed if the card is a 8168 chipset. The Linux default r8169 will not work at gigabit speeds !!
- DHCP server config – don’t allow “/” in machine names.
- Fixed display issues with “Lan Devices” pages. Did not remember interfaces option and defaulted back to LAN if LAN2 was selected.
- Enabled LOOSE_PROVISIONING for Z-push ( active-sync). Android update requires it.
- Permissions and owner of mail spool file are now checked and set for users.
- Fixed a problem with Zarafa Out of Office.