AlpineWeb Support Home
Is there a domain name available for you?
Search: For:   ~ Advanced Search


How Do You Back Up
Your Computer,
Laptop or Network?

Why Backup?
Features
Backup Plans
Access Your Backup Account
    Support Home > Hosting > Server Software Updates > 2008

Server Software Update Notification: 08-15-2008

Important updates in this Notification:
  • Sendmail for Linux
  • Dovecot for v3
  • ProFTPD for Linux
  • Sudo for v3
  • ClamAV for v3
  • Frontpage for v3
  • UW-IMAP for v2
The following dist will be completed 8/19/2008 in U.S datacenters and 8/20/08 in European datacenters:

Linux MPS/VPS:

Sendmail
The Sendmail email routing system will be updated to version 8.13.6.20060614. This version brings the system to the most current RHEL 4 version. The email server will be rebooted as part of this update. No action needed.
Webmin
The vuninstall for the Webmin Web-based interface for system administration for UNIX will be updated to address problems with permissions. This update affects the vuninstall only. No action needed.
vedituser
The proprietary vedituser command-line utility will be updated to not allow root user editing and address issues CPX compatibility. No action needed.
ProFTPD
The ProFTPD GPL-licensed FTP server will be updated to add the following line to the /etc/proftpd.conf configuration file:
TimesGMT Off
in order to configure the FTP server to use the main account timezone. No action needed.

FreeBSD MPS/VPS v3:

Dovecot
The system will be updated to address problems with Dovecot when system time is corrected or changed. No action needed.
Sudo
The sudo (superuser do) utility will be updated to address issues with Apache Web server versions. No action needed.
ClamAV
The vinstall for ClamAV, a GPL virus scanner, will be updated to install version 0.93.3. This version brings the scanner to the most current version. More information about version 0.93.3 can be found here:

http://sourceforge.net/project/shownotes.php?release_id=611890&group_id=86638

The ClamAV daemon process will be restarted as part of this update. No action needed for existing installations.

The vuninstall process will also be updated to better remove databases when uninstalling the scanner. This update affects the vuninstall only. No action needed.
vedituser
The proprietary vedituser command-line utility will be updated to not allow root user editing and address issues CPX compatibility. No action needed.
PHP 4.x
The vinstall for the PHP: Hypertext Preprocessor scripting language for version 4.x will be updated to remove extensions that are now included by default. This update affects the vinstall only. No action needed.
FrontPage
The vinstall for the FrontPage server extensions will be removed from the system. The extensions have not been officially supported by Microsoft for several years. This update affects the vinstall only. No action needed.
vaddhost
The proprietary vaddhost command-line utility will be updated to provide numerical configuration choices. This update affects vaddhost only. No action needed.
Portupgrade
The Portupgrade FreeBSD ports/packages administration management tool suite will be updated to version 2.4.6,2. This version brings the suite to the most current FreeBSD version. More information about version 2.4.6,2 can be found here:

http://www.freshports.org/commit.php?category=ports-mgmt&port=portupgrade& ...
http://www.freshports.org/commit.php?category=ports-mgmt&port=portupgrade& ...

The Index-6.db file used by Portupgrade will also be updated to reflect current packages and dependencies. Some package and port timestamps will also be updated. No action needed.
OpenLDAP Client
The OpenLDAP client will be updated to version 2.3.43. This version brings the utility to the most current FreeBSD version. No action needed.
GLib
The GLib C support routines will be updated to version 2.16.5. This brings the routines to the most current FreeBSD version. More information about version 2.16.5 can be found here:

http://www.freshports.org/commit.php?category=devel&port=glib20& ...

No action needed.
IO::Compress::Base
The IO::Compress::Base Perl module class will be updated to version 2.012. This version brings the class to the most current version. More information about version 2.0.12 can be found here:

http://search.cpan.org/src/PMQS/IO-Compress-Base-2.012/Changes

No action needed.
Compress::Raw::Zlib
The Compress::Raw::Zlib Perl module will be updated to version 2.012. This version brings the module to the most current version. More information about version 2.0.12 can be found here:

http://search.cpan.org/src/PMQS/Compress-Raw-Zlib-2.012/Changes

No action needed.
IO::Compress::Zlib
The IO::Compress::Zlib Perl module will be updated to version 2.012. This version brings the module to the most current version. More information about version 2.0.12 can be found here:

http://search.cpan.org/src/PMQS/IO-Compress-Zlib-2.012/Changes

No action needed.
Compress::Zlib
The Compress::Zlib Perl module will be updated to version 2.012. This version brings the module to the most current version. More information about version 2.0.12 can be found here:

http://search.cpan.org/src/PMQS/Compress-Zlib-2.012/Changes

No action needed.
Vim-lite
The vim-lite editor will be updated to version 7.1.330. This version brings the editor to the most current FreeBSD version. More information about version 7.1.330 of the full vim package can be found here:

http://www.freshports.org/commit.php?category=editors&port=vim& ...
http://www.freshports.org/commit.php?category=editors&port=vim& ...
http://www.freshports.org/commit.php?category=editors&port=vim& ..

No action needed.
IO::Socket::SSL
The IO::Socket::SSL class for SSL sockets will be updated to version 1.14. This version brings the class to the most current version. More information about version 1.14 can be found here:

http://search.cpan.org/src/SULLR/IO-Socket-SSL-1.14/Changes

No action needed.
xloadimage
The xloadimage utility for the X11 Windows system will be updated to version 4.1.16_3. This version updates the utility. More information about version 4.1.16_3 can be found here:

http://www.freshports.org/commit.php?category=x11&port=xloadimage& ...

No action needed.
Namazu
The vinstall for the Namazu full-text search system will be removed from the system. All components are installed by default in all accounts. This update affects the vinstall only. No action needed.


FreeBSD MPS/VPS v2:

UW-IMAP
The UW-IMAP email server for the POP and IMAP protocols will be updated to version 2006i.98. More information about UW-IMAP versions can be found here:

http://www.washington.edu/imap/documentation/RELNOTES.html

The system user groups will also be updated to address issues with authentication. No action needed.
vedituser
The proprietary vedituser command-line utility will be updated to not allow root user editing and address issues CPX compatibility. No action needed.
vaddhost
The proprietary vaddhost command-line utility will be updated to provide numerical configuration choices. This update affects vaddhost only. No action needed.
Ruby
The vinstall for the Ruby object-oriented scripting language with support for the Oniguruma regular expression library will be removed from the system. Ruby is now available by default in the system. No action needed.
PHP 4.x
A vuninstall for the PHP: Hypertext Preprocessor scripting language for version 4.x will be added to the system. No action needed.


FreeBSD MPS/VPS v1:

Savelogs
The proprietary savelogs file rotation utility will be updated to version 1.81. This version brings the utility to the most current version. More information about version 1.81 can be found here:

http://search.cpan.org/src/SCOTTW/savelogs-1.81/Changes

No action needed.


Signature:

The following updates will be disted starting 08-20-2008 for all Signature servers.
SSHv1 and Telnet – End of Life
The SSHv1 protocol has various weaknesses, which can allow a remote attacker to obtain the following information via sniffing:
  • Password lengths or ranges of lengths, which simplifies brute force password guessing
  • Whether RSA or DSA authentication is being used
  • The number of authorized keys in RSA authentication
  • The lengths of shell commands.
In order to resolve this security issue, we will end-of-life SSHv1, and use SSHv2 going forward.

CUSTOMER ACTIONS NEEDED:

  • If you are using an SSH client that only supports SSHv1 or Telnet, then you will need to update to a client that supports SSHv2.
  • If you have a script that connects to our server and and it uses SSHv1 or Telnet, then they will need to upgrade that script to support SSHv2.
All remaining updates listed for the signature platform are classified as “No Action Needed.”
Changelog
Added the 4.16 CHANGELOG
Webmail Save and Compose
  • Updated Webmail so that it properly redisplays saved email drafts when reopened.
  • Updated Webmail so folder names can be properly saved when they have whitespace characters at the beginning or end of the file name.
  • Updated Webmail so that it will not add an extra instance of the email signature each time the letter is saved back to draft.
Default Index Page
Updated code so that newly provisioned customers will see the proper, branded index page when they view the index page for their account.
Gallery
Updated code so that images upload properly in the Gallery tool.
DNS in New Account
Updated code so that a newly provisioned customer will have a domains that can be resolved from the server.
NoteNote: This notification could include technical inaccuracies or typographical errors. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.


image


image
Authorized viaVerio Reseller         Authorize.net         Miva Certified Business Partner