AlpineWeb Support Home
Is there a domain name available for you?
Search: For:   ~ Advanced Search


How Do You Back Up
Your Computer,
Laptop or Network?

Why Backup?
Features
Backup Plans
Access Your Backup Account
    Support Home > Hosting > Server Software Updates > 2007

Server Software Update Notification: 09-26-2007

Important updates in this Notification:
  • Dovecot for Linux and v3
  • SpamAssassin for v3
  • ClamAV for Linux and v3
  • CPX for v3
  • ProFTPD for v3
  • Apache for v3
  • Zend Optimizer for v3
  • GNU Tar now GPLv3 for v3
  • GNU Emacs for v3
  • SQLite for v3
  • Perl for v3
  • GPG FormMail for v3
  • Zope for v3
The following updates (or "dist") will be completed 09/26/2007 on all servers:

Linux MPS/VPS

Dovecot
The Dovecot email server will be updated to version 1.0.3. This version addresses issues with email bounces, LDAP, and Solaris. More information about version 1.0.3 can be found here:
http://www.dovecot.org/list/dovecot-news/2007-August/000048.html
The Dovecot server will be restarted as part of this update. No action needed.

The vuninstall will be updated to give information about Procmail email configuration recipes upon uninstalling Dovecot and converting the email box format from maildir to mbox. This update affects the vuninstall only. No action needed.
ClamAV
The vinstall for ClamAV, a GPL virus scanner, will be updated to install version 0.91.2. This version addresses issues with the milter, daemon, freshclam updating utility, and several other issues. More information about version 0.91.2 can be found here:
http://sourceforge.net/project/shownotes.php?release_id=533658&group_id=86638
The ClamAV service will be restarted as part of this update. No action needed for existing installations.

To install ClamAV, connect to your server through SSH and execute the following from the command prompt:

# vinstall clamav
DNS
The resolv.conf DNS resolution configuration file will be updated to address issues with wildcard domain names. No action needed.
Apache
The restart_apache command to restart the Apache Web server will be updated to better handle process IDs and persistent process termination. No action needed.
Accrisoft
The Accrisoft Freedom installation process will be updated to address issues with special characters in passwords. This update affects new installations only. No action needed.

FreeBSD MPS/VPS v3

SpamAssassin
The vinstall for the SpamAssassin mail filter will be updated to install version 3.2.1_1. More information about version 3.2.1_1 can be found here:
http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/p5-Mail-SpamAssassin/
The SpamAssassin service will be restarted as part of this update. No action needed.

The vinstall for the SpamAssassin mail filter will be updated to better detect existing Dovecot installations. This update affects the vinstall only. No action needed.
ClamAV
The vinstall for ClamAV, a GPL virus scanner, will be updated to install version 0.91.2. This version addresses issues with the milter, daemon, freshclam updating utility, and several other issues. More information about version 0.91.2 can be found here:
http://sourceforge.net/project/shownotes.php?release_id=533658&group_id=86638
The vinstall will also be updated to address issues with mail folder creation and permissions, as well as milter messages. The vuninstall will be updated to address issues with freshclam cron processes.

The ClamAV service will be restarted as part of this update. No action needed for existing installations.

To install ClamAV, connect to your server through SSH and execute the following from the command prompt:

# vinstall clamav
Apache
The default Apache Web server configuration file will be updated to set the UseCanonicalName directive to "On". More information about UseCanonicalName can be found here:
http://httpd.apache.org/docs/trunk/mod/core.html#usecanonicalname
This update only affects new accounts and is not necessary for a functional Web server. If after reviewing the information about UseCanonicalName you wish to update existing accounts, edit the UseCanonicalName line in the /www/conf/httpd.conf file as in the following example:
UseCanonicalName       On
Permissions for several of the Web server files will be updated as well. The restart_apache command to restart the Web server will be updated to better handle process IDs and persistent process termination. The Web server configuration file will be updated to enable the rewrite engine for CPX installations. No action needed.
Dovecot
The vinstall for the Dovecot email server will be updated to install version 1.0.3. This version addresses issues with email bounces, LDAP, and Solaris. More information about version 1.0.3 can be found here:
http://www.dovecot.org/list/dovecot-news/2007-August/000048.html
The Dovecot server will be restarted as part of this update. No action needed for existing installations. To install Dovecot, set it as the POP and IMAP server, and convert your email boxes to maildir format, connect to your server through SSH and execute the following from the command line:

# vinstall dovecot

The vuninstall will be updated to give information about Procmail email configuration recipes upon uninstalling Dovecot and converting the email box format from maildir to mbox. This update affects the vuninstall only. No action needed.
CPX
The CPX: Control Panel server management Web interface will be updated to address outstanding bugs and issues, including the following:
  • Errors when saving changes to tasks
  • Long email addresses truncated
  • Properly address incorrect encodings
No action needed.
ProFTPD
The ProFTPD GPL-licensed FTP server will be updated to disable the AllowForeignAddress setting in the /etc/proftpd.conf configuration file. This setting is used for site-to-site transfers, but can sometimes be exploited by certain attacks. No action needed.
IO::Socket::SSL
The IO::Socket::SSL class will be updated to version 1.08. This version updates the class and addresses issues with Scalar::Util. More information about version 1.08 can be found here:
http://search.cpan.org/src/SULLR/IO-Socket-SSL-1.08/Changes
No action needed.
Portupgrade
The Index-6.db file used by the Portupgrade FreeBSD ports/packages administration and management tool suite will be updated to reflect current packages and dependencies. No action needed.
Sudo
The sudo (superuser do) utility will be updated to version 1.6.9.3_2. This version updates the utility. More information about sudo can be found here:
http://www.freshports.org/security/sudo/
No action needed.
Archive::Tar
The Archive::Tar Perl module will be updated to version 1.34. This version brings the module to the most current version and addresses issues with filenames and documentation. More information about version 1.34 can be found here:
http://search.cpan.org/src/KANE/Archive-Tar-1.34/CHANGES
No action needed.
Ruby-bdb
The Ruby-bdb Sleepycat Berkeley DB interface will be updated to version 0.6.2. This version brings the utility to the most current FreeBSD version. More information about version 0.62 and past versions can be found here:
http://www.freshports.org/databases/ruby-bdb/
No action needed.
GNU Tar
The gtar (GNU Tar) archive utility will be updated to version 1.18. This version brings the utility to the most current FreeBSD version and switches the utility to GPLv3. More information about version 1.18 can be found here:
http://www.freshports.org/commit.php?category=archivers&port=gtar ...
More information about GPL v3 can be found here:
http://gplv3.fsf.org/
No action needed.
Lynx
The Lynx command-line textual Web browser will be update to version 2.8.7d7. This version brings the utility to the most current FreeBSD version. More information about version 2.8.7d7 can be found here:
http://www.freshports.org/commit.php?category=www&port=lynx-current ...
No action needed.
Vim-lite
The vim-lite editor will be updated to version 7.1.87. This version brings the editor to the most current FreeBSD version. More information about version 7.1.87 of the full vim package can be found here:
http://www.freshports.org/commit.php?category=editors&port=vim ...
No action needed.
OpenGL
The libGL OpenGL library will be updated to version 7.0.1. This version brings the library to the most current FreeBSD version. More information about version 7.0.1 can be found here:
http://www.freshports.org/commit.php?category=graphics&port=libGL ...
No action needed.
Libungif
Libungif, a software library used to read and write graphical image files, will be upgraded to version 4.1.4_5. This version brings the utility to the most current FreeBSD version. More information about version 4.1.4_5 can be found here:
http://www.freshports.org/commit.php?category=graphics&port=libungif ...
No action needed.
Net::DNS
The Net::DNS Perl module collection will be updated to version 0.61. This version brings the collection to the most current FreeBSD version and addresses issues with Perl and test. More information about version 0.61 can be found here:
http://www.freshports.org/commit.php?category=dns&port=p5-Net-DNS ...
No action needed.
PHP 5.x
The vinstall for the PHP: Hypertext Preprocessor scripting language for version 5.x will be updated to address issues with extension paths. This update affects only the vinstall itself. No action needed.
Tcpdump
The tcpdump network diagnostic utility will be updated to address a buffer overflow vulnerability. More information about this security issue can be found here:
http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.asc
No action needed.
BIND
The BIND implementation of the DNS protocol will be updated to address predictable query IDs. More information about this security issue can be found here:
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc
No action needed.
Mailman
The vuninstall for Mailman, the GNU Mailing List Manager, will be updated to address issues with syntax. This update affects the vuninstall only. No action needed.
Zend Optimizer
The vuninstall for the Zend Optimizer PHP enhancement utility will be updated to correctly remove all settings from the php.ini configuration file. No action needed.
Autoconf
The Autoconf M4 macro package, its associated wrapper, and Automake will be updated to versions 2.61_2, 20070404, and 1.4.6_4, respectively. These versions bring the utilities to the most current FreeBSD versions. More information about Autoconf version 2.61_2 can be found here:
http://beta.freshports.org/commit.php?category=devel&port=autoconf261 ...
More information about the wrapper version 20070404 can be found here:
http://beta.freshports.org/commit.php?category=devel&port=autoconf-wrapper ...
More information about Automake version 1.4.6_4 can be found here:
http://beta.freshports.org/commit.php?category=devel&port=automake14 ...
No action needed.
Xterm
The xterm terminal emulator will be updated to version 228. This version brings the utility to the most current FreeBSD version and addresses issues with menus, errors, colors, and several other issues. More information about version 228 can be found here:
http://invisible-island.net/xterm/xterm.log.html#xterm_228
No action needed.
GNU Emacs
The GNU Emacs real-time display editor and its associated libraries for multilingual characters will be updated to version 22.1. This version brings the utility to the most current FreeBSD version and addresses issues build options. More information about version 22.1 can be found here:
http://www.freshports.org/commit.php?category=editors&port=emacs ...

http://www.freshports.org/commit.php?category=editors&port=emacs ...
No action needed.
libXcomposite
The libXcomposite X11 Composite extension library will be updated to version 0.3.2,1. This version brings the library to the most current FreeBSD version. More information about version 0.3.2,1 can be found here:
http://www.freshports.org/commit.php?category=x11&port=libXcomposite ...
No action needed.
Zsh
The zsh UNIX command interpreter (shell) will be updated to version 4.3.4_1. This version brings the interpreter to the most current FreeBSD version and addresses issues with the shared libraries. More information about version 4.3.4_1 can be found here:
http://www.freshports.org/commit.php?category=shells&port=zsh ...
No action needed.
JasPer
The JasPer implementation of the JPEG-2000 standard specification will be updated to version 1.900.1_6. This version brings the utility to the most current FreeBSD version and addresses issues with build options. More information about version 1.900.1_6 can be found here:
http://www.freshports.org/commit.php?category=graphics&port=jasper ...
No action needed.
GNU Ghostscript
The GNU Ghostscript interpreter will be updated to version 7.07_17. This version updates the utility. More information about GNU Ghostscript can be found here:
http://pages.cs.wisc.edu/~ghost/doc/gnu/index.htm
No action needed.
SQLite
The SQLite database engine will be updated to version 3.4.1. This version brings the engine to the most current FreeBSD version. More information about version 3.4.1 can be found here:
http://www.freshports.org/commit.php?category=databases&port=sqlite3 ...
No action needed.
t1lib
The t1lib library for Adobe Type 1 fonts will be updated to version 5.1.1_2,1. This version brings the utility to the most current FreeBSD version. More information about version 5.1.1_2,1 can be found here:
http://www.freshports.org/commit.php?category=devel&port=t1lib ...
No action needed.
Perl
The vinstall for the Perl programming language version 5.8.7 will be removed from the system. A newer version is available through the vinstall for Perl 5.8. This update affects the vinstalls only. No action needed.
Perl modules
The proprietary Framework Perl module will be updated to version 1.12. This version adds support for additional symbols. No action needed.
FormMail
The vinstall for the FormMail form CGI will be updated to provide more interactive features. This update affects the vinstall itself only. No action needed.
GPG FormMail
A vinstall for a GPG-based FormMail will be added to the system. This can be used in place of PGP-based FormMail. To install this new vinstall, connect to your server through SSH and execute the following:
# vinstall gpgformmail
Python
A vinstall for the Python programming language to install version 2.5 will be added to the system. The vinstalls which install versions 2.1 and 2.2 will be removed from the system. This update affects the vinstalls only. No action needed.
Rsync
Rsync, an open source utility that provides fast incremental file transfer, will be updated to version 2.6.9_1. This version addresses a possible buffer overflow (CVE-2007-4091) discussed here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
More information about version 2.6.9_1 can be found here:
http://www.freshports.org/commit.php?category=net&port=rsync ...
No action needed.
OpenLDAP Client
The OpenLDAP client will be updated to version 2.3.38. This version brings the utility to the most current FreeBSD version and addresses issues with the build, documentation, and several other issues. More information about version 2.3.38 can be found here:
http://www.openldap.org/lists/openldap-announce/200708/msg00000.html
No action needed.
Readline
The GNU Readline library will be updated to version 5.2_1. This version brings the utility to the most current FreeBSD version and addresses issues with screen line wrapping and the GNU Bash shell. More information about version 5.2_1 can be found here:
http://www.freshports.org/commit.php?category=devel&port=readline ...
No action needed.
Samba
The vinstall for the Samba SMB/CIFS software suite for file and print services will be updated to address configuration file options. This update affects the vinstall only. No action needed.
Zope
The vinstall for the Zope open source Web application platform will be updated to install version 3.3.1. More information about version 3.3.1 can be found here:
http://www.zope.org/Products/ZODB3.3
To install Zope, connect to your server through SSH and execute the following from the command prompt:
# vinstall zope

FreeBSD MPS/VPS v2

Dovecot
The vinstall for the Dovecot email server will be updated to install version 1.0.3. This version addresses issues with email bounces, LDAP, and Solaris. More information about version 1.0.3 can be found here:
http://www.dovecot.org/list/dovecot-news/2007-August/000048.html
The Dovecot server will be restarted as part of this update. No action needed for existing installations. To install Dovecot, set it as the POP and IMAP server, and convert your email boxes to maildir format, connect to your server through SSH and execute the following from the command line:
# vinstall dovecot
The vuninstall will be updated to give information about Procmail email configuration recipes upon uninstalling Dovecot and converting the email box format from maildir to mbox. This update affects the vuninstall only. No action needed.
ClamAV
The vinstall for ClamAV, a GPL virus scanner, will be updated to install version 0.91.2. This version addresses issues with the milter, daemon, freshclam updating utility, and several other issues. More information about version 0.91.2 can be found here:
http://sourceforge.net/project/shownotes.php?release_id=533658&group_id=86638
The ClamAV service will be restarted as part of this update. No action needed for existing installations.

To install ClamAV, connect to your server through SSH and execute the following from the command prompt:
# vinstall clamav
Apache
The restart_apache command to restart the Apache Web server will be updated to better handle process IDs and persistent process termination. No action needed.
Perl modules
The proprietary Framework Perl module will be updated to version 1.12. This version adds support for additional symbols. No action needed.


NoteNote: This notification could include technical inaccuracies or typographical errors. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.


image


image
Authorized viaVerio Reseller         Authorize.net         Miva Certified Business Partner