June 2012

ClamAV update – 0.97.5

There is a update for ClamAV available for download. The current version is 0.97.5. Upgrading is relatively easy and straight forward. All that needs to be done is remove the old version and install the new.

You can check the instructions on what to do here Upgrading ClamAV.

There is no need to reconfigure anything.

PHP released 5.4.4

The PHP development team released 5.4.4 which is fixes a security problem with a weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. I urge you to update if you are using it on a production platform. I’ve successfully tested it on my servers without a noticeable problem.

To see the complete buglist solved in this release, read them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

Postfix updated to 2.9.3

A small update on Postfix which will solve some SSL problems which you might have had. All the issues solved are:

  • OpenSSL related (all supported Postfix versions).
    • Some people have reported program crashes when the OpenSSL library was updated while Postfix was accessing the Postfix TLS session cache. To avoid this, the Postfix TLS session cache ID now includes the OpenSSL library version number. This cache ID is not shared via the network.
    • The OpenSSL workaround introduced with the previous stable and legacy releases did not compile with older gcc compilers. These compilers can’t handle #ifdef inside a macro invocation (NOT: definition).
  • The postconf command flagged parameter “-o name=value” settings in master.cf as “unused” when those settings were used only in main.cf. Problem reported by Michael Tokarev.
  • To avoid repeated warnings from postscreen(8) with “connect to private/dnsblog service: Connection refused” on FreeBSD, the dnsblog(8) daemon now uses the single_server program driver instead of the multi_server driver. This one-line code change has no performance impact for other systems, and eliminates a high-frequency accept() race on a shared socket that appears to cause trouble on FreeBSD. The same single_server program driver has proven itself for many years in smtpd(8). Problem reported by Sahil Tandon.

Dovecot updated to 2.1.7

Another small update from Timo on Dovecot. Errors solved include:

  • LDAP: Compatibility fix for v2.0: ldap: If attributes contain ldapAttr=key=template%$ and ldapAttr doesn’t exist, skip the key instead of using “template” value with empty %$ part for the key.
  • pop3: Added pop3_uidl_duplicates setting for changing the behavior for duplicate UIDLs.
  • director: Added “doveadm director ring remove” command.
  • director: Don’t crash with quickly disconnecting incoming director connections.
  • mdbox: If mail was originally saved to non-INBOX, and namespace prefix is non-empty, don’t assert-crash when rebuilding indexes.
  • sdbox: Don’t use more fds than necessary when copying mails.
  • auth: Fixed crash with DIGEST-MD5 when attempting to do master user login without master passdbs.
  • Several fixes to mail_shared_explicit_inbox=no
  • imapc: Use imapc_list_prefix also for listing subscriptions.

And here are the upgrade instructions for Dovecot!