August 2012

Apache updated to 2.4.3

The Apache proect has released a new version of their popular web server. This is principally a security and bug fix release, including the following 2 security fixes:

  • SECURITY: CVE-2012-3502 ( mod_proxy_ajp, mod_proxy_http: Fix an issue in back end connection closing which could lead to privacy issues due to a response mixup. PR 53727.
  • SECURITY: CVE-2012-2687 ( mod_negotiation: Escape filenames in variant list to prevent an possible XSS for a site where untrusted users can upload files to a location with MultiViews enabled.

I’ve got this running on my servers without a problem.

If you’ve forgotten how to upgrade your Apache installation in the least painfull way with a possibility to go back if something goes wrong: Upgrading Apache

Problem with GD, PHP and Mountain Lion solved

When installing PHP on a new blank installation of Mountain Lion I kept running into problems getting PHP working with GD. There was stuff missing in the installed that was not covered in the additional X11redirect package. But after a lot of late nights with Google I finally figured it out. The X11 server is no longer included in Mountain Lion and you need to install it separately. Once I figured this out I also found the Apple support item on this. As you see it’s all about using the right keywords when trying to find something, who thought that the X11 server has the required components for the GD parts of PHP.

So what I need to add to the instructions is that you need to download and install the XQuartz X11 server to be able to include GD with PHP. Just install the package and all will be fine again.

Dovecot updated to 2.1.9

Again an update from Timo, he is doing great work for Dovecot. Continuously improving, adding features and solving problems and bugs. The most important changes since v2.1.8 are:

  • mail-log plugin: Log mailbox names with UTF-8 everywhere (instead of mUTF-7 in some places and UTF-8 in other places)
  • director: Changed director_username_hash setting’s default from %u to %Lu (= lowercase usernames). This doesn’t break any existing installations, but might fix some of them.
  • doveadm: Added “auth cache flush []” command.
  • Implemented dict passdb/userdb
  • Implemented Redis and memcached dict backends, which can be used as auth backends. Redis can also be used as dict-quota backend.
  • Added plugin { quota_ignore_save_errors=yes } setting to allow saving a mail when quota lookup fails with temporary failure.
  • Full text search indexing might have failed for some messages, always causing indexer-worker process to run out of memory.
  • fts-lucene: Fixed handling SEARCH HEADER FROM/TO/SUBJECT/CC/BCC when the header wasn’t lowercased.
  • fts-squat: Fixed crash when searching a virtual mailbox.
  • pop3: Fixed assert crash when doing UIDL on empty mailbox on some setups.
  • auth: GSSAPI RFC compliancy and error handling fixes.
  • Various fixes related to handling shared namespaces

And here are the upgrade instructions for Dovecot!

ClamAV after upgrading to Mountain Lion

For those of you who are using the ClamAV setup for virus checks, upgrading from Lion to Mountain Lion breaks ClamAV. For some reason, the config files and executables are left intact, but the necessary libraries are removed.

In order to fix this situation, simply reinstall from start. It is as simple as following the upgrade instructions. Upgrading ClamAV.

NOTE: The ClamAV documentation and upgrading instructions have been updated to reflect the new locations for the LaunchDaemon .plist files. If your previous install used


You will have to move them to the new location.


To do this, simply make sure they are not loaded.

sudo launchctl unload /Library/LaunchDaemons/com.diymacserver.freshclam.plist
sudo launchctl unload /Library/LaunchDaemons/com.diymacserver.clamav.plist

Now move the files.

sudo mv /System/Library/LaunchDaemons/com.diymacserver.clamav.plist /Library/LaunchDaemons/com.diymacserver.clamav.plist
sudo mv /System/Library/LaunchDaemons/com.diymacserver.freshclam.plist /Library/LaunchDaemons/com.diymacserver.freshclam.plist

Postfix updated to 2.9.4

A small update to incorporate changes also made in 2.10, I’ve installed this on my machine without a problem. However you are going to see a ton of warnings when compiling this baby. They are all about having a /* within comment section. The warnings will contain the following part:

warning: '/*' within block comment [-Wcomment]

You can ignore these, I’ve did some test and did not notice any problem in sending and receiving mail in my setup. The changes are:

  • The local(8) delivery agent’s BIFF client leaked an unprivileged UDP socket. Fix by Jaroslav Skarvada. This bug was introduced 19990127.
  • The SMTP server did not reject the AUTH command while a MAIL FROM transaction was in progress. Reported by Timo Sirainen. This bug was introduced 20000314.
  • The unused “pass” trigger client could close the wrong file descriptors. This bug was introduced with Postfix 2.8.