Open-Xchange releases UCS Security Update 2011-10-25
This release provides a security update of Univention Corporate Server 2.4 which is integrated at Open-Xchange Advanced Server Edition and Open-Xchange Server Edition for UCS. We encourage administrators to install this update. The security update is available for all customers with a valid Open-Xchange license.
Please Note: This security update combines all last UCS Hotfix Releases. If there is already activated "Hotfix Installation" (http://sdb.open-xchange.com/node/323) and all previous Hotfix Releases have been installed, the security update isn't available at the UCS update manager.
Fixed Components:
Installation of this security update:
The system can be updated as usual for UCS using the univention-updater net command or the UMC module Online Update.
This release provides a security update of Univention Corporate Server 2.4 which is integrated at Open-Xchange Advanced Server Edition and Open-Xchange Server Edition for UCS. We encourage administrators to install this update. The security update is available for all customers with a valid Open-Xchange license.
Please Note: This security update combines all last UCS Hotfix Releases. If there is already activated "Hotfix Installation" (http://sdb.open-xchange.com/node/323) and all previous Hotfix Releases have been installed, the security update isn't available at the UCS update manager.
Fixed Components:
- Apache Portable Runtime (CVE-2011-0419, CVE-2011-1928)
- Avahi (CVE-2011-1002)
- CIFS-Utils (CVE-2010-0624CVE-2011-1678)
- cpio (CVE-2010-0624)
- Cups (CVE-2011-2896CVE-2011-3170)
- Curl (CVE-2011-2192)
- FFMpeg-Multimedia-Bibliotheken (CVE-2010-3249 CVE-2010-4704 CVE-2010-4705)
- Firefox (CVE-2011-2372 CVE-2011-2995 CVE-2011-2996 CVE-2011-2998 CVE-2011-2999CVE-2011-3000)
- Flash-Plugin (CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430CVE-2011-2444)
- Heimdal (CVE-2010-1321)
- LibXML2 (CVE-2011-1944)
- OpenLDAP (CVE-2011-1081)
- Poppler (CVE-2010-3702CVE-2010-3704)
- Subversion (CVE-2009-2411 CVE-2010-3315 CVE-2010-4539 CVE-2010-4644 CVE-2011-0715 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921)
- Tiff-Bibliothek (CVE-2011-0191 CVE-2011-0192 CVE-2011-1167)
- X11-xserver-utils (CVE-2011-0465)
Installation of this security update:
The system can be updated as usual for UCS using the univention-updater net command or the UMC module Online Update.
- Please enter your username/password first under the component called „OX" and activate it.
- In the online-updates module of UMC, under Release information, there is provided the new update
- Click on "Install this update"
- Reboot