Open-Xchange releases UCS Security Update 2012-02-01

This release provides a security update of Univention Corporate Server 2.4 which is integrated at Open-Xchange Advanced Server Edition and Open-Xchange Server Edition for UCS. We encourage administrators to install this update. The security update is available for all customers with a valid Open-Xchange license.

Please Note: This security update combines all last UCS Hotfix Releases. If there is already activated "Hotfix Installation" (http://sdb.open-xchange.com/node/323) and all previous Hotfix Releases have been installed, the security update isn't available at the UCS update manager.

Fixed Components:
  • acpid (CVE-2011-4578)
  • Acrobat Reader (CVE-2011-0609 CVE-2011-0611 CVE-2011-1353 CVE-2011-2094 CVE-2011-2095 CVE-2011-2096 CVE-2011-2097 CVE-2011-2098 CVE- 2011-2099 CVE-2011-2100 CVE-2011-2101 CVE-2011-2102 CVE-2011-2103 CVE-2011-2104 CVE-2011-2105 CVE-2011-2106 CVE-2011-2130 CVE-2011-2134 CVE- 2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE- 2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE- 2011-2425 CVE-2011-2424 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE- 2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2441 CVE-2011-2442 CVE-2011-2462 CVE- 2011-4369)
  • Bind (CVE-2011-4313)
  • ClamAV (CVE-2011-3627)
  • CyrusIMAP (CVE-2011-3481)
  • Firefox (CVE-2011-3647 CVE-2011-3648 CVE-2011-3650)
  • Flash-Plugin (CVE-2011-2445 CVE-2011-2450 CVE-2011-2451 CVE-2011-2452 CVE-2011-2453 CVE-2011-2454 CVE-2011-2455 CVE-2011-2456 CVE-2011-2457 CVE-2011-2458 CVE-2011-2459 CVE-2011-2460)
  • Freetype (CVE-2011-3256 CVE-2011-3439)
  • Heimdal (CVE-2011-4862)
  • Linux-Kernel 2.6.32 (CVE-2011-1020 CVE-2011-1161 CVE-2011-1162 CVE-2011-2183 CVE-2011-2203 CVE-2011-2213 CVE-2011-2484 CVE-2011-2491 CVE- 2011-2492 CVE-2011-2494 CVE-2011-2495 CVE-2011-2497 CVE-2011-2517 CVE- 2011-2525 CVE-2011-2699 CVE-2011-2700 CVE-2011-2723 CVE-2011-2898 CVE- 2011-2905 CVE-2011-2909 CVE-2011-2918 CVE-2011-2928 CVE-2011-3188 CVE- 2011-3191 CVE-2011-3353 CVE-2011-4110 CVE-2011-4127 CVE-2011-4132 CVE-2011-4326 CVE-2011-4330 CVE-2012-0038)
  • OpenSSL (CVE-2011-1945 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE- 2011-4576CVE-2011-4619 CVE-2012-0050)
  • PAM (CVE-2011-3148CVE-2011-3149)
  • t1lib (CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE- 2011-1553 CVE-2011-1554)


Installation of this security update:
The system can be updated as usual for UCS using the univention-updater net command or the UMC module Online Update.
  • Please enter your username/password first under the component called „OX" and activate it.
  • In the online-updates module of UMC, under Release information, there is provided the new update
  • Click on "Install this update"
  • Reboot