Open-Xchange releases UCS Security Update 2011-09-07
This release provides a security update of Univention Corporate Server 2.4 which is integrated at Open-Xchange Advanced Server Edition and Open-Xchange Server Edition for UCS. We encourage administrators to install this update. The security update is available for all customers with a valid Open-Xchange license.
Please Note: This security update combines all last UCS Hotfix Releases. If there is already activated "Hotfix Installation" (http://sdb.open-xchange.com/node/323) and all previous Hotfix Releases have been installed, the security update isn't available at the UCS update manager.
Fixed Components:
Installation of this security update:
The system can be updated as usual for UCS using the univention-updater net command or the UMC module Online Update.
This release provides a security update of Univention Corporate Server 2.4 which is integrated at Open-Xchange Advanced Server Edition and Open-Xchange Server Edition for UCS. We encourage administrators to install this update. The security update is available for all customers with a valid Open-Xchange license.
Please Note: This security update combines all last UCS Hotfix Releases. If there is already activated "Hotfix Installation" (http://sdb.open-xchange.com/node/323) and all previous Hotfix Releases have been installed, the security update isn't available at the UCS update manager.
Fixed Components:
- Apache (CVE-2011-1452CVE-2011-3192)
- ClamAV (CVE-2011-2721)
- Evolution Data Server (CVE-2009-0547 CVE-2009-0582 CVE-2009-0587)
- Freetype (CVE-2011-0226)
- Firefox (CVE-2011-0083 CVE-2011-0084 CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2364 CVE-2011-2365 CVE-2011-2370 CVE-2011-2371 CVE-2011-2373 CVE-2011-2374 CVE-2011-2376 CVE-2011-2377 CVE-2011-2378 CVE- 2011-2981 CVE-2011-2982 CVE-2011-2983 CVE-2011-2984)
- Flash-Plugin ( CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425)
- Imlib (CVE-2008-6079)
- ISC DHCP-Server (CVE-2011-2748 CVE-2011-2749)
- kdegraphics/kpdf (CVE-2010-3702 CVE-2010-3704)
- LibPNG (CVE-2011-2690 CVE-2011-2691 CVE-2011-2692)
- LibSndFile (CVE-2011-2696)
- LibWWW-Perl (CVE-2010-2253)
- LibXFont (CVE-2011-2895)
- Oracle Java (CVE-2011-0862 CVE-2011-0873 CVE-2011-0815 CVE-2011-0817 CVE-2011-0863 CVE-2011-0864 CVE-2011-0802 CVE-2011-0814 CVE-2011-0871 CVE-2011-0786 CVE-2011-0788 CVE-2011-0866 CVE-2011-0868 CVE- 2011-0872 CVE-2011-0867 CVE-2011-0869 CVE-2011-0865)
- Socat(CVE-2010-2799)
- xpdf(CVE-2010-3702CVE-2010-3704)
Installation of this security update:
The system can be updated as usual for UCS using the univention-updater net command or the UMC module Online Update.
- Please enter your username/password first under the component called „OX" and activate it.
- In the online-updates module of UMC, under Release information, there is provided the new update
- Click on "Install this update"
- Reboot