Server Software Update Notification: 09-18-2006

Dada Mail » AlpineWeb Server Software Update Notification » Archives » Server Software Update Notification: 09-18-2006

Date: September 18th 2006

Server Software Notification

The following updates will be completed 09/20/2006 on all servers:

FreeBSD VPS v2:

* MySQL

The vinstall for the MySQL 4.1.x database management system will be updated to install version 4.1.21. This version brings the MySQL 4.1 vinstall to the most current version of MySQL 4.1.x and addresses a security issue, CVE-2006-3469, discussed here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469

More information about changes in MySQL 4.1.21 can be found here:

http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html

To install MySQL, connect to your server through SSH and run the following from the command prompt:

# vinstall mysql

Note: To upgrade existing installations, make a backup of all databases, shutdown MySQL, and uninstall the current version before running "vinstall mysql" (above). For considerations in upgrading between versions of MySQL, including avoiding data loss, see:

http://dev.mysql.com/doc/refman/4.1/en/upgrade.html

* PHP

The vinstall for the PHP: Hypertext Preprocessor scripting language will be updated to install version 4.4.4. This version brings the software to the most current 4.x version and addresses several issues, some dealing with security and vulnerabilities, including:

More information about changes in version 4.4.4 can be found at these pages:

http://www.php.net/release_4_4_4.php
http://www.php.net/ChangeLog-4.php#4.4.4

To install PHP or upgrade existing installations to the new version, connect to your server through SSH and execute the following command from the prompt:

# vinstall php4

* ClamAV

ClamAV, a GPL virus scanner, will be updated to version 0.88.4. This version brings the utility to the most current stable build and addresses overflow issue. More information about changes in version 0.88.4 can be found here:

http://sourceforge.net/project/shownotes.php?release_id=437903

If you are using the current default installation no action is needed. If you are using a legacy version of ClamAV and you want to take advantage of this update, or wish to install ClamAV, connect to your server through SSH and execute the following command from the prompt:

# vinstall clamav

Note: With legacy version upgrades, if you wish to keep your current ClamAV configuration, you may use the above vinstall to upgrade the program and answer "no" when prompted "Would you like to configure your ClamAV installation? [yes]:" to keep your current configuration.

* Sendmail RBL

The recently introduced Sendmail RBL (real-time black hole) subscription vinstall will be updated to improve error checking and remove deprecated and old lists. The available lists will include the following:

sbl-xbl.spamhaus.org -> Spamhaus block list. SBL and XBL (Recommended)
sbl.spamhaus.org -> Spamhaus block list (SBL)
xbl.spamhaus.org -> Spamhaus block list (XBL)
multihop.dsbl.org -> Distributed Server Boycott List (DSBL)
relays.ordb.org -> Open Relay Database (ORDB)
dnsbl.njabl.org -> Not Just Another Bogus List (NJABL)
dnsbl.sorbs.net -> Spam and Open Relay Blocking System (SORBS)
spews.relays.osirusoft.com -> SPEWS
unconfirmed.dsbl.org -> Distributed Server Boycott List (DSBL)
whois.rfc-ignorant.org -> RFC Ignorant (Whois)
list.dsbl.org -> Distributed Server Boycott List (DSBL)

No action needed.

* vadduser

The vadduser command-line utility will be updated to disallow the exclamation mark (!) in the full name field. This update affects the vadduser utility only. No action needed.

* Dada Mail

The vinstall for the Dada Mail list manager will be updated to address problems with password checking. This update affects the vinstall only. No action needed.

* ARC

The ARC archive and file compression utility will be updated to version 5.21o_1. This version brings the utility to the most current FreeBSD version and addresses issues with DESTDIR, NOPORTDOCS, PORTREVISION, and other elements. More information about version 5.21o_1 can be found at these pages:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=2045746+0+/usr/local/www/db/text/2006/cvs-all/20060813.cvs-all
http://www.freebsd.org/cgi/getmsg.cgi?fetch=1177933+0+/usr/local/www/db/text/2006/cvs-all/20060827.cvs-all

No action needed.

* Portupgrade

Portupgrade, a FreeBSD ports/packages administration and management tool suite, will be updated to version 2.1.3.3_1,2. This version addresses issues with descriptions and URLs. More information about version 2.1.3.3_1,2 can be found here:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=1921034+0+/usr/local/www/db/text/2006/cvs-all/20060827.cvs-all

No action needed.

* UNARJ

The UNARJ extract-only archive utility will be updated to version 2.65_2. This version brings the utility to the most current FreeBSD version and addresses issues with DESTDIR, NOPORTDOCS, PORTREVISION, and other elements. More information about version 2.65_2 can be found at these pages:

http: HREF="mailto://www.freshports.org/commit.php?message_id=200608110612.k7B6Cqcv024966@repoman.freebsd.org">//www.freshports.org/commit.php?message_id=200608110612.k7B6Cqcv024966@repoman.freebsd.org
http://www.freebsd.org/cgi/getmsg.cgi?fetch=1209361+0+/usr/local/www/db/text/2006/cvs-all/20060827.cvs-all

No action needed.

* LCMS

The Little Color Management System (LittleCms or LCMS) color management engine will be updated to version 1.15,1. This version brings the utility to the most current FreeBSD version and addresses issues with CMYK transforms, absolute colorimetric transforms, gamut check transforms, and many other elements. More information about version 1.15,1 can be found here:

http://www.littlecms.com/whatsnew.htm

No action needed.

* lftp

The lftp file transfer program will be updated to version 3.5.4. This version brings the utility to the most current version and addresses several issues with modules, core dumps, keys, and other elements. More information about version 3.5.4 can be found here:

http://lftp.yar.ru/news.html

No action needed.

* Unrar

The unrar archive utility, part of RAR: Roshal Archive data compression software, will be updated to version 3.60,4. This version brings the utility to the most current FreeBSD version. More information about version 3.60.4 can be found at these pages:

http: HREF="mailto://www.freshports.org/archivers/unrar/files.php?message_id=200608170146.k7H1kWTE017993@repoman.freebsd.org">//www.freshports.org/archivers/unrar/files.php?message_id=200608170146.k7H1kWTE017993@repoman.freebsd.org
http: HREF="mailto://www.freshports.org/archivers/unrar/files.php?message_id=200608170147.k7H1l7SD018061@repoman.freebsd.org">//www.freshports.org/archivers/unrar/files.php?message_id=200608170147.k7H1l7SD018061@repoman.freebsd.org

No action needed.

* Autoconf

The GNU Autoconf extensible package of m4 macros version 2.59_2 will be added to the system. No action needed.

* Tcl

A vuninstall for the Tcl scripting language will be introduced to the system. No action needed.

* Vim-lite

The vim-lite editor will be updated to version 7.0.66. This version updates the utility and addresses minor issues. More information about version 7.0.66 of the full vim package can be found here:

http://www.freebsd.org/cgi/cvsweb.cgi/ports/editors/vim/Makefile#rev1.281

No action needed.

* FreeType 2

The FreeType 2 portable TrueType font engine will be updated to version 2.1.10_5. This version addresses issues with PCF fonts. More information about version 2.1.10_5 can be found here:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=1183462+0+/usr/local/www/db/text/2006/cvs-all/20060827.cvs-all

No action needed.

* Xterm

The xterm terminal emulator will be updated to version 218. This version addresses issues with illegal characters, menu labels, and builds with older systems. More information about the changes in version 218 can be found here:

http://dickey.his.com/xterm/xterm.log.html#xterm_218

No action needed.

* XFree86-Server

The XFree86-Server X Windows system server will be updated to version 4.5.0_4. This version addresses issues with PCF fonts. More information about the changes in version 4.5.0_4 can be found here:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=2114470+0+/usr/local/www/db/text/2006/cvs-all/20060827.cvs-all

No action needed.

Signature:

* MySQL

The MySQL 4.1.x database management system will be updated to install version 4.1.21. This version brings the MySQL 4.1 vinstall to the most current version of MySQL 4.1.x and addresses a security issue, CVE-2006-3469, discussed here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469

More information about changes in MySQL 4.1.21 can be found here:

http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html

No action needed.

* Control Panel Quota

The Control Panel quota information script will be updated to address timeout problems, previously responsible for incorrect Control Panel quota display. No action needed.

Note: This notification could include technical inaccuracies or typographical errors. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.

| Archive Index |

Next: Server Software Update Notification: 10-02-2006 >>

(archive rss , atom )

AlpineWeb Server Software Update Notification

Subscribe to AlpineWeb Server Software Update Notification: