When finished, the system will reboot automatically. Please do not reboot manually.
Update of the Linux kernel
Two security vulnerabilities have been fixed which allow local users to gain privileged access.
More features for mail attachment filter
In previous releases unwanted attachments in emails have been replaced by a warning message. The modified mail was then delivered,
the removed attachments were stored in a quarantine directory. Now an alternative second way of processing is available. When
enabled, the email will be retained. The recipients will receive a notification email which includes information linke sender,
subject and which attachments were rejected. With a single click in the administration interface an administrator can trigger
the delivery of the quarantined email.
To relieve the administrator, recipients can be allowed to access the quarantine area themselves under certain conditions.
Depending on the selected quarantine procedure, recipients will either receive links for downloading quarantined attachments
or a link to trigger delivery of a quarantined email.
The following conditions are mandatory:
- No virus has been discovered in the email yet
- The email does not contain attachments with "dangerous file extensions". For emails with "dangerous" files, the recipients
won't even receive a download link. You may want to move entries from the list of "dangerous" to the list of "forbidden" extensions
if they are often quarantined although they are needed.
- The administrator granted access and the configured additional prerequisits have been met
The following additional prerequesits can be configured:
- The email must have been re-scanned with updated virusscanner signatures
- In addition, the email must have been quarantined at least for a configurable amount of time
Filtering mail attachments of outbound emails
If the mail attachment filter has been enabled for outbound emails, too, it will reject outbound mails with unwanted attachments
from now on. These mails will no longer be quarantined.
Import and export of configuration tables
In the administration interface you can now export and import the contents of many tables. So you can e.g. copy configurations
between multiple systems or copy the configuration of one interface to another. It is also possible to import external data
like e.g. address lists, if the data is available in the correct format.
Update of the Avira, F-Secure and Kaspersky virus scanner engines
The update fixes occasional crashes of the F-Secure scanner.
The configuration of the scanners has been modified, so that all scanners allow the same number of concurrent scan processes
and run with the same process priorities.
Memory leak in IPsec server
On misconfigured systems which continuously initiate new connections without success, the IPsec server enventually used up
all available memory.
Broken output in LCD display
On machines with LCD display the output was broken since release 7.0 in varying degree.
Configurable proxy IP for proxy autoconf file on clusters
URL for archiving reverse proxy logs now configurable in administration interface
IDS/IPS signatures for systems without maintenance contract
URL filter database
Update of various software components
Minor bugfixes and improvements