AlpineWeb Design Home
Is there a domain name available for you?  
Search: For:   ~ Advanced Search
    Support Home > Hosting > Server Software Updates > 2007

Server Software Update Notification: 09-11-2007

Important updates in this Notification:
  • New kernel for Linux and v2
  • Dovecot for Linux
  • SpamAssassin for Linux and v2
  • ClamAV for Linux
  • CPX for Linux and v2
  • Ruby on Rails for Linux
  • PHP 5 for Linux
  • PHP 4 for Linux and v2
  • Accrisoft for Linux
  • Zend Optimizer for Linux
  • Software Firewall for Linux
  • OpenSSL for Linux

The following updates (or "dist") will be completed 09/12/2007 on all servers:

Linux MPS/VPS

Kernel
The Linux kernel will be updated to version 2.6.18. This version addresses implicit virtual mount points and several other issues. This update will take effect upon the next server reboot. Servers will be rebooted over the next several weeks. Refer to future emails for server-specific reboot information.
CPX
The CPX: Control Panel server management Web interface will be updated to support for the Dovecot email server, including email settings and configurations. CPX will also be updated to address outstanding bugs and issues, including the following:
  • Better support for UTF-8 email encodings
  • Domain admin quota calculation
  • Errors when saving changes to tasks
  • Long email addresses truncated
  • Properly address incorrect encodings
  • Add language support for Dovecot functions
No action needed.
Dovecot
The Dovecot email server will be updated to version 1.0.2. This version addresses issues with the maildir email box format. More information about version 1.0.2 can be found here:
http://www.dovecot.org/list/dovecot-news/2007-July/000046.html
The Dovecot server will be restarted as part of this update. The Dovecot email user mailbox will also be removed. No action needed.

The Dovecot vinstall will be updated to address compatibility issues with the CPX Webmail interface, Procmail configuration recipes, and IMAP processes. This update affects the vinstall only. No action needed.

The Dovecot configuration file will also be updated to address several issues, including DoS (or Denial of Service) attacks. For those who have not manually modified the configuration file, no action needed. If you have manually modified your /usr/local/etc/dovecot.conf file, to take advantage of this update, make a backup of any special configurations, remove or delete the file, then connect to your server through SSH and run the following from the command prompt to create an updated default configuration file:
# relink /usr/local/etc/dovecot.conf
SpamAssassin
The vinstall for the SpamAssassin mail filter will be updated to install version 3.2.2. This version addresses issues with DNS records, network lookups, tests, the sa-learn utility, and several other issues. More information about version 3.2.2 can be found here:
http://svn.apache.org/repos/asf/spamassassin/branches/3.2/build/announcements/3.2.2.txt
The vinstall will also be updated to better support the CPX: Control Panel. The filter will be restarted as part of this update. No action needed for existing installations.

The vinstall will also be updated to address compatibility issues with the maildir email box format and Procmail configuration recipes, and file permissions. To update SpamAssassin Procmail recipes, file permissions, or to install SpamAssassin, connect to your server through SSH and execute the following command from the prompt:
# vinstall spamassassin
ClamAV
The vinstall for ClamAV, a GPL virus scanner, will be updated to install version 0.91.1. This version brings the utility to the most current stable release and addresses security issues with clamav-milter. More information about these and other updates in version 0.91.1 can be found here:
http://sourceforge.net/project/shownotes.php?release_id=523634&group_id=86638
The vinstall will also be updated to address issues with the freshclam process, milter messages, and better support the CPX: Control Panel as well as the maildir email box format. No action needed for existing installations which have not executed the Dovecot vinstall. To update existing installations for the maildir format, or install ClamAV, connect to your server through SSH and execute the following command from the prompt:

# vinstall clamav
Software Firewall
The proprietary and customized software firewall will be updated to address issues with ports used by the Urchin Web Analytics and Webmin Web-based interface software packages, default behavior, and other issues affecting the functionality and usage of the utility. No action needed.
PHP 5.x
The vinstall for the PHP: Hypertext Preprocessor scripting language for version 5.x will be updated to install version 5.2.3. This version brings the software to the most current 5.x version and addresses several security issues (CVE-2007-2872, CVE-2007-2756, and CVE-2007-1900), discussed here: More information about version 5.2.3 can be found at these pages: The vinstall will also be updated to recursively select extensions based on their dependencies and address issues with Apache Web server LoadModule configuration settings as well as XML extensions. Incremental versions of PHP will now also have their own corresponding set of extensions.

To install PHP or upgrade existing installations to the new 5.x version, connect to your server through SSH and execute the following command from the prompt:
# vinstall php5
The PECL (PHP Extension Community Library) PHP extension repository will be updated to correctly interface with the version-specific PHP extension directories. No action needed.
PHP 4.x
The vinstall for the PHP: Hypertext Preprocessor scripting language for version 4.x will be updated to recursively select extensions based on their dependencies and address issues with Apache Web server LoadModule settings. This update affects the vinstall only. No action needed.

The PECL (PHP Extension Community Library) PHP extension repository will be updated to correctly interface with the version-specific PHP extension directories. No action needed.
OpenSSL
The OpenSSL toolkit for SSL/TLS will be updated to version 0.9.7m. This version addresses issues with FIPS 1.1.1, buffers, CipherSuite cipher specification strings, test programs, and several other issues. More information about version 0.9.7m can be found at these pages:
http://cvs.openssl.org/getfile?f=openssl/CHANGES http://www.openssl.org/news/announce.html
No action needed.
Ruby on Rails
A new vinstall for the Ruby on Rails web framework version 1.2.3 will be added to the system. Because of resource requirements, this vinstall will only be available for Linux VPS Pro and Pro Plus plans, as well as Linux MPS plans. More information about Ruby On Rails can be found here:
http://www.rubyonrails.org/
To install Ruby on Rails, connect to your server through SSH and execute the following from the command prompt:
# vinstall rails
Accrisoft
The Accrisoft Freedom installation process will be updated to install version 5.7.123a. This version updates the package to the latest version. More information about version 5.7x can be found here:
http://www.accrisoft.com/index.php?src=news&refno=16&category=Hot%20News
The Accrisoft Freedom installation process will also be updated to better address PHP compatibility. No action needed.
Zend Optimizer
The vinstall for the Zend Optimizer PHP enhancement utility will be updated to install version 3.3.0. More information about Zend Optimizer can be found here:
http://www.zend.com/products/zend_optimizer
The vinstall will also be updated to address issues with PHP configurations. To update existing installations, connect to your server through SSH and execute the following commands from the prompt:
# vuninstall zendoptimizer
# vinstall zendoptimizer
PostgreSQL
The vinstall for the PostgreSQL database management system will be updated to install version 7.4.17. This version addresses a security concern (CVE-2007-2138), discussed here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
More information about the security issues and version 7.4.17 can be found here:
http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-17
The vinstall will also be updated to address issues with startup script paths.

To install PostreSQL, connect to your server through SSH and run the following from the command prompt:
# vinstall postgresql
Follow the on-screen instructions to complete the installation.
Note: To upgrade existing installations, make a backup of all databases, shutdown PostgreSQL, and uninstall the current version before running the previous vinstall command. For considerations in upgrading between versions of PostgreSQL, including avoiding data loss, see:

http://www.postgresql.org/docs/7.4/static/install-upgrading.html


The vinstall will also be updated to create certain databases at installation time. This update affects the vinstall only. No action needed.
System Quota Checker
A vuninstall for the proprietary System Quota Checker quota utility will be added to the system. To remove the System Quota Checker from your server, connect to your server through SSH and execute the following from the command prompt:
# vuninstall quotachecker
Procmail
The vinstall to set the Procmail email processing utility as the local delivery agent (LDA) will be updated to address errors and configuration problems. This update affects the vinstall only. No action needed.

The vuninstall to set the Procmail email processing utility as the local delivery agent (LDA) will be removed from the system, since this is the only local delivery agent available for Linux MPS/VPS. No action needed.
phpMyAdmin
The vinstall for the phpMyAdmin database administration tool will be updated to check for needed extensions for PHP 4.x. This update affects the vinstall only. No action needed.
OSSP mm
The OSSP mm memory abstraction library version 1.4.2 will be added to the system. More information about OSSP mm can be found here:
http://www.ossp.org/pkg/lib/mm/
No action needed.
Perl Module
The custom Cmds Perl module will be updated to version 1.7. This version increased the verbosity support of the module. No action needed.
MD5
The md5sum (Message-Digest algorithm 5) cryptographic hash function will be linked to "md5" to provide ease-of-use. No action needed.
Math::BigInt::FastCalc
The Math::BigInt::FastCalc Perl module version 0.14 will be added to the system. More information about Math::BigInt::FastCalc can be found here:
http://search.cpan.org/~tels/Math-BigInt-FastCalc-0.15/
No action needed.
db4
Version 4 of the Berkeley Database engine will be updated to version 4.3.27. This updates the engine. More information about Berkely db can be found here:
http://www.oracle.com/technology/software/products/berkeley-db/db/index.html
No action needed.
SQLite
The SQLite database engine will be updated to version 3.4.1. This version updates the engine. More information about version 3.4.1 can be found here:
http://www.sqlite.org/changes.html#version_3_4_1
No action needed.
chkconfig
The chkconfig system utility will be updated to version 1.3.29. This updates the utility and addresses issues with the --add option. More information about version 1.3.29 can be found here:
http://download.fedora.redhat.com/pub ...
No action needed.

FreeBSD MPS/VPS v2:

Kernel
The FreeBSD kernel will be updated to version 51. This version addresses directory name serialization and deadlocks. This update will take effect upon the next server reboot. Servers will be rebooted over the next several weeks. Refer to future emails for server-specific reboot information.
SpamAssassin
The vinstall for the SpamAssassin mail filter will be updated to better detect existing Dovecot installations. This update affects the vinstall only. No action needed.
CPX
The CPX: Control Panel server management Web interface will be updated to address issues with unsupported email encodings.

No action needed.
PHP 4.x
The vinstall for the PHP: Hypertext Preprocessor scripting language for version 4.x will be updated to address issues when cancelling the installation. This update affects only the vinstall itself.

No action needed.


NoteNote: This notification could include technical inaccuracies or typographical errors. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.


image


image
Authorized viaVerio Reseller         Authorize.net         Miva Certified Business Partner