Linogate Internet Technologies
   

4.2-5-3

Security issueAll systems Security update of the name server

A newly discovered flaw in the DNS protocol itself makes cache poisoning attacks probable again. With the new version, DNS queries will be sent using random source ports. This measure is said to make attacks unlikely.

BugfixFeature not included, enabled, used or useful on all systems Mirroring McAfee signatures for local scanners

Some McAfee update servers offer signature files with a wrong capitalization. Local scanners will not be able to update from the local mirror of such a server.
As the problem persists we decided to offer a workaround. After mirroring, copies of the signature files in various capitalizations will be created.

BugfixFeature not included, enabled, used or useful on all systems Web proxy access to support.microsoft.com

Recently browsers started to show a blank page for support.microsoft.com when compressed transfer has been negotiated. The web proxy will now prevent transfer encoding for support.microsoft.com. Systems running the web proxy with its tag filter enabled are not affected, as tag filtering will always prevent transfer encoding.

Minor bugfixes and improvements

4.2-5-2

Security issueFeature not included, enabled, used or useful on all systems Update of F-Secure Antivirus

Specially crafted archives could cause a scanner malfunction. The scan process could hang, crash or even execute malicious code.

Security issueAll systems Update of unzip

Unzip could crashed or even execute malicious code while processing specially crafted archives.

4.2-5-1

Security issueFeature not included, enabled, used or useful on all systems Update of F-Secure Antivirus

Specially crafted RAR archives could have bypassed scanning.

Security issueAll systems Update of the OpenSSL crypto library

A potential buffer overflow has been fixed.

BugfixFeature not included, enabled, used or useful on all systems Relay SPAM filter

When tagging an email with empty subject as SPAM, previously a second subject header was added by mistake. Mail clients expect only one subject header and usually display the original empty header. So you had to open the mail to see that it was actually recognized as SPAM.
An other problem occured when redirecting tagged mail to a central recipient address. If the new recipient was also part of the original recipient list, the mail was silently discarded.

BugfixFeature not included, enabled, used or useful on all systems Web-Proxy ICAP client

If both, ICAP's request and response filters were enabled, only the request filter was actually used.

BugfixFeature not included, enabled, used or useful on all systems Memory leak in dynamic firewall

BugfixOnly on individual systems or under very specific conditions Fixed potential lockup of the LHA extractor during mail virusscan

ChangeFeature not included, enabled, used or useful on all systems Optimized throughput of userspecific SPAM filter

Minor bugfixes and improvements