4.2-5-0
Possible DNS cache poisoning attack
A random number generator is used to provide an ID for every name server query. It was possible to guess the next ID with
a certain probability which made DNS vulnerable to cache poisoning attacks.
System crashes due to dynamic firewall
When enabled, the dynamic firewall could have caused crashes in individual cases.
Error in memory statisics
The physical memory graph sometimes gave lower values than actually true.
F-Secure virus scanner
With this update we move to F-Secure Antivirus 5.52 / F-Secure Security Platform 1.10.
Attention: The new version requires a different signature database. Please make sure that a current signature set is downloaded right
after the update finished.
Improved error message when Kaspersky Antivirus license expired
Minor bugfixes and improvements
4.2-4-4
High system load or crash of dynamic firewall
After an update of the dynamic firewall configuration it could have happened that the system load went up high or the service
crashed. The service also terminated when a problem occured while sending notification emails.
High system load caused by OLE extractor
The mail virusscan module passes attachments which have been labeled as OLE files to an OLE extractor. If in fact the file
was not an OLE file, the extractor could have caused significant system load.
Improved pattern update notification
It's no longer necessary to open the mails as the virus pattern version is already listed in the email subject.
Orphaned files in mail server queue
In certain situations the mail server did not remove all files while dequeuing an email.
Possibility to bypass web proxy user limits
With enabled virusscan proxy it was possible to bypass the limits, using a login with captial letters.
Minor bugfixes and improvements
4.2-4-3
Medium- and longterm analysis of dynamic firewall
Since update 4.2-4.2 the medium- and longterm analysis on ADSL, L2TP and analogue modem interfaces was broken.
Processing of dynamic firewall messages blocked
Updating the dynamic firewall configuration could block the message loop. The dynamic firewall then stops processing new attack
notifications.
New Kaspersky Antivirus release
The new release fixes the problems with the extended bases signature set. The update will reactivate the extended bases on
systems where these have been disabled.
Possible SPAM filter overload
There has been a problem, analyzing emails which contain unusual large URLs. Processing such mail occupied the SPAM filter
quite a while.
Dedicated reverse proxy backend for Outlook Web Access
There's a new option in the reverse proxy configuration which optimizes the configuration in respect of Outlook Web Access
(OWA). Use this new setting instead of "Custom backend server" to grant access exclusively for URLs required by OWA.
Definition of inbound and outbound emails
Up to now the mail server considered an email to be outbound when it has been delivered by an internal IP address or the webmail
client. Now "outbound" also includes authenticated mails (SMTP auth).
Particularely the "Disclaimer" feature, which adds a boilerplate to every outbound email is affected by this modification.
The mail archive option and, depending on its configuration, the MIME filter are involved, too.
Also the relay SPAM filter will no longer process authenticated mails. Previously only mail from internal sender IPs was delivered
unchecked.
Minor bugfixes and improvements
4.2-4-2
Incorrect assignment of dynamic firewall's per interface configuration
Since 4.2-4.0 it could happen that the dynamic firewall mixes up the per interface configuration of ethernet devices. In the
worst case the dynamic firewall would use the configuration of an interface where it is disabled.
New SPAM filter release
The new SPAM filter engine comes with an updated and markedly extended signature database, improving the SPAM detection quality.
Although the average SPAM rating score will change slightly, the recommended threshold to mark emails as SPAM is still between
a score of 2 and 3.
 |
Attention!The increased memory demand of the new SPAM filter might cause problems on systems with no more than 128 MB memory. |
Due to a change of its license terms we may no longer use the DCC service. The update will automatically switch to the comparable
Razor2 system if DCC had been enabled. If an upstream firewall restricts Internet access you will have to open TCP port 2703
now. UDP port 6277 is no longer required.
Support for McAfee 5100
According to McAfee the official support for the 4400 scan engines ends in January 2007. However due to compatibility issues
it was not possible to install newer engines yet. With this update the system will be prepared to support the next engine
generation. Before you can install it, you will have to upload a McAfee support pack which is available from >http://update.linogate.com/en/antivirus.html.
Stopped IPSec service after ADSL restart since 4.2-4.0
Minor bugfixes and improvements
4.2-4-1
Error in Kaspersky antivirus signatures
The antivirus signatures published late on 2007-01-15 seem to be corrupted. The problem is caused by the "extended signatures"
which are disabled temporarily by this update. The virus protection is not affected by this measure. Only so called "greyware"
will no longer be recognized. The problem affects all releases since 4.2-3.9.
Note: If Kaspersky is the only installed scanner, the proxies and the mailserver will block downloads and emails. So there's
no need to worry.
Potential crash of the IPSec server
If the client and server do not agree upon the perfect forward secrecy option when using preshared key authentication, the
IPsec server would crash.