ReleaseNotes3.0.12

From EnGardeWiki

EnGarde Secure Community 3.0.12 Release Notes

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.12 (Version 3.0, Release 12). This release includes many updated packages and bug fixes, several feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.

EnGarde Secure Community is a secure distribution of Linux engineered from the ground-up to provide organizations with the level of security required to create a corporate Web presence or even conduct e-business on the Web. It can be used as a Web, DNS, e-mail, database, e-commerce, and general Internet server where security is a primary concern.

The following reported bugs from bugs.engardelinux.org are fixed in this release:

#0000132 Request policy rules needed for syslog-ng
#0000131 Postfix, multibanner
#0000129 selinux policy error - xntpd can't write to tmp_t
#0000128 Webtool Typo - 64bit
#0000127 Feature Request for PHP
#0000123 All submenus refer to 'quicklinks below' but there are none
#0000121 Postgresql refuses to startup at boot
#0000119 LM_Sensors
#0000115 Disrepancy btw memory usage stats in webtool
#0000110 Request - boolean surrounding allowing content to be ...
#0000105 amavis is not scanning some types of archives
#0000104 Postfix report stopped by selinux
#0000103 More status information on upgrades via WebTool
#0000097 Secure User Manager hangs while uploading SSH keys
#0000092 local mysql server socket access - new policy request
#0000090 TLS smtp
#0000085 selinux stops logrotate for aide
#0000057 Install creates a loop
#0000040 Should the WebTool relabel the filesystem after updates?
#0000009 Don't show the 'int' zone if only one network interface ...

Several other bugs are fixed in this release as well.

New features include:

A new SELinux policy boolean: httpd_write_content_dir. This boolean was added in response to bug #0000110 and grants the Apache webserver permission to write to httpd_content_t files and directories. Enabling this boolean is very dangerous but, using this new boolean, you can allow this functionality without having to disable SELinux altogether.

Updated PCI tables and hardware detection system, which allows for much better detection of more recent hardware.

Several reliability improvements to the Guardian Digital Secure Network Update Agent, in response bugs to #0000103 and #0000040.

New Samba packages to fix CVE-2007-0452, CVE-2007-0453, and CVE-2007-0454.

PHP packages rebuilt with --enable-mbstring in response to bug #0000127.

Several new packages such as libsemanage, openswan, and subversion. arc, cabextract, freeze, lha, lzop, tnef, unarj, unrar, and zoo were added in response to #0000105.

The latest stable versions of MySQL (5.0.33), apache (2.2.4), asterisk (1.4.0), bacula (2.0.2), bind (9.3.4), checkpolicy (1.34.0), discover (2.1.1), engarde-policy (3.12), einstall (3.12), fetchmail (6.3.6), gdb (6.6), gnupg (1.4.6), iproute2 (2.6.19), iptables (1.3.7), kernel (2.6.19), libselinux (1.34.0), libsepol (1.16.0), mod_perl (2.0.3), net-snmp (5.4), ntp (4.2.4), openssl (0.9.8d), policycoreutils (1.34.1), postfix (2.3.7), shorewall (2.4.9), snort (2.6.1.2), squid (2.6.STABLE9), tar (1.16.1), webtool (3.12), and zaptel (1.4.0).

All new users downloading EnGarde Secure Linux for the first time or users who use the LiveCD environment should download this release.

Users who are currently using EnGarde Secure Linux do not need to download this release -- they can update their machines via the Guardian Digital Secure Network WebTool module.

Downloading

Below are the MD5 sums for the i686 and x86_64 ISO images:

6398281afb53c4581a85b17cceab597e engarde-community-3.0.12.i686.iso

1784da932700c636ffa91189bf8ff33b engarde-community-3.0.12.x86_64.iso

You may download this ISO image via FTP by following the "Download Now!" link from engardelinux.org:

http://www.engardelinux.org/

(It may take several days for this image to make it to our mirrors, please be patient).

Further Information

New users are encouraged to explore our community forum and wiki: