Leopard

ClamAV update – 0.93.4

There is a update for ClamAV available for download. The current version is 0.97.4. Upgrading is relatively easy and straight forward. All that needs to be done is remove the old version and install the new.

You can check the instructions on what to do here Upgrading ClamAV.

There is no need to reconfigure anything.

For those that are interested. This version of ClamAV has on access scanning available under OS X 10.5 and later. For more information please check the ClamAV website here -> http://www.clamav.net/lang/en/2012/03/21/on-access-scanning-for-os-x/

Mac OS X update 10.6.5 and Security Update 2010-007

I’ve installed the updates on all my test machines running Snow Leopard 10.6.4 and Leopard 10.5.8 and I’ve noticed the following problems:

on Leopard

On Leopard there are the small known issues with postfix, replacing our binary and shutting don remote conntections. To correct it perform the following steps after the updates:

Re-install postfix by going into your latest source directory you’ve used the last time and run

sudo make install

Next, comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run sudo postfix start).

Snow Leopard

Can’t detect any postfix problems on Snow Leopard. If you can confirm this please leave a comment.

To read more on the updates read the Apple Knowledge Base article on this update.

PS. Yes I know, I’m working on relocating postfix to another location so it won’t happen again. But lack of time is hampering progress….

Mac OS X update 10.6.4 and Security Update 2010-004

I’ve installed the updates on all my test machines running Snow Leopard 10.6.3 and Leopard 10.5.8 and I’ve noticed the following problems:

Leopard

On Leopard there are the small known issues with postfix. To correct it perform the following steps after the updates:

Re-install postfix by going into your latest source directory you’ve used the last time and run

sudo make install

Next, comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run sudo postfix start).

Snow Leopard

Could not detect any postfix problems which I find suspicious but I can’t find the same postfix problems on Snow Leopard. If you can confirm this please leave a comment.

To read more on the updates read the Apple Knowledge Base article on this update.

I had someone reporting a problem with php which got replaced, but he used the default apache installation. So if you use the default apache and did not compile it please check your version of php. It might have been updated.

Mac OS X Update 10.6.2 and Security Update 2009-006

Warning, be careful when updating your server. I noticed a few hick-ups on my machine. I will update this post with my findings through the day when I find out more.

Leopard Issues:

  • Resolved: My remote desktop isn’t working anymore, still looking into this one. Solution: It somehow works again after some time waiting, probably I was trying to fast

Working: Everything else does not look to be affected, even Postfix is as is (in contrast to Snow Leopard)

Snow Leopard issues:

  • Postfix binary get’s replaced, you’ll have to do a ‘sudo make install’ from the last install direcory to get it working again.

For the rest on Snow Leopard everything seems to be working as intended. Will do some more test during the day.

Read more about the update to 10.6.2 here and the security update 2009-006 here.

If you find anything please let us know in the comments and I will try to verify.

Update: No more problems found, I guess it was just a postfix problem and as Joe has commented I need to change the location to prevent future issues.

Dovecot updated to 1.2.5

A new verison of Dovecot has been released a few days ago but I’ve only been able to test it today, sorry busy week.

The bugfixes include:

  • Authentication: DIGEST-MD5 and RPA mechanisms no longer require user’s login realm to be listed in auth_realms. It only made configuration more difficult without really providing extra security.
  • zlib plugin: Don’t allow clients to save compressed data directly. This prevents users from exploiting (most of the) potential security holes in zlib/bzlib.
  • Added pop3_save_uidl setting.
  • dict quota: When updating quota and user isn’t already in dict, recalculate and save the quota.
  • file_set_size() was broken with OSes that didn’t support posix_fallocate() (almost everyone except Linux), causing all kinds of index file errors.
  • v1.2.4 index file handling could have caused an assert-crash
  • IMAP: Fixes to QRESYNC extension.
  • virtual plugin: Crashfix
  • deliver: Don’t send rejects to any messages that have Auto-Submitted
    header. This avoids emails loops.
  • Maildir: Performance fixes, especially with maildir_very_dirty_syncs.
  • Maildir++ quota: Limits weren’t read early enough from maildirsize file (when quota limits not enforced by Dovecot)
  • Message decoding fixes (mainly for IMAP SEARCH, Sieve).

Next Page »