06. October 2011: Announcing Kolab Server 2.3.4

Kolab Systems AG is pleased to announce the fourth bug fix release to the Kolab Groupware Server: version 2.3.4

This release had a short cycle and only a few updated packages. It fixes a particular build error that affected many people and also includes a fix for the recently-discovered Range header DoS vulnerability in the Apache web server.

SECURITY UPDATES

  • apache: Security update to 2.2.21 fixing CVE-2011-3192

BUGFIXES

  • imapd: The build error in imapd was fixed.
  • kolab-webadmin: The ActiveSync configuration is back again.
  • kolab-z-push: New version with bugfixes for various Nokia phones.
  • z-push: New upstream version with many bug fixes.

For a complete list of changes please refer to http://files.kolab.org/server/release/kolab-server-2.3.4/sources/release-notes.txt

UPGRADING

There are no special considerations in upgrading from any other Kolab 2.3 release.

If you are upgrading from 2.2.4, please follow the instructions to upgrade from 2.2.4 to 2.3.0 as outlined in http://files.kolab.org/server/release/kolab-server-2.3.1/sources/1st.README

DOWNLOADS

Binary packages for Debian GNU/Linux 6.0 (Squeeze/stable) and 5.0 (Lenny/oldstable) on x86 platforms can be found next to the sources: http://files.kolab.org/server/release/kolab-server-2.3.4/

As soon as they have synced, you can also use the the mirrors listed on http://kolab.org/mirrors.html

You can check the integrity of the downloaded files by importing our file distribution key and verify the OpenPGP signature and SHA1 checksums:

  • $ wget https://ssl.intevation.de/Intevation-Distribution-Key.asc
  • $ gpg --import Intevation-Distribution-Key.asc
  • $ gpg --verify SHA1SUMS.sig
  • $ sha1sum -c SHA1SUMS

BUGS

Please report bugs in our bug tracker at https://bugzilla.kolabsys.com/