From thomas at intevation.de  Wed Jan  9 18:07:39 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Wed, 9 Jan 2008 18:07:39 +0100
Subject: [Kolab-announce] Kolab Security Issue 18 20080109 (clamav)
Message-ID: <20080109170738.GH3538.thomas@intevation.de>

Kolab Security Issue 18 20080109
================================

Package:              Kolab Server, ClamAV
Vulnerability:        various
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

CVE-2007-6335

    It was discovered that an integer overflow in the decompression code
    for MEW archives may lead to the execution of arbitrary code.

CVE-2007-6336

    It was discovered that on off-by-one in the MS-ZIP decompression
    code may lead to the execution of arbitrary code.

CVE-2007-6337

    Unspecified vulnerability in the bzip2 decompression algorithm in
    nsis/bzlib_private.h


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.91.2.
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.
Kolab Server 2.2-beta3 and previous prereleases are affected.


Fix
~~~

Upgrade to ClamAV 0.92.

The ClamAV source RPM patched to be compilable with Kolab Server 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20080109/clamav-0.92-20080101_kolab.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20080109/clamav-0.92-20080101_kolab.ix86-debian3.1-kolab.rpm

All other server versions: Please build from the src.rpm.
For Kolab Server 2.2-beta3 the unmodified OpenPKG rpm can be used:
security-updates/20080109/clamav-0.92-20080101.src.rpm


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080109/clamav-0.92-20080101_kolab.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080109/clamav-0.92-20080101_kolab.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080109/clamav-0.92-20080101.src.rpm .

MD5 sums:
ad61c36b1d84aaa06e734fa02e13923b  clamav-0.92-20080101.src.rpm
3fe0e99160eea9816e55630378cd79d8  clamav-0.92-20080101_kolab.ix86-debian3.1-kolab.rpm
91094b48f22958536685eb29c786ea4f  clamav-0.92-20080101_kolab.src.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.92-20080101_kolab.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.92-20080108_kolab.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?release_id=562254
	ClamAV 0.92 release notes

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335
	CVE-2007-6335

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336
	CVE-2007-6336

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6337
	CVE-2007-6337


Timeline
~~~~~~~~
    20071217 ClamAV release 0.92.
    20071217 OpenPKG 0.92 package release.
    20080109 Kolab Server security advisory published.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080109/4d17654b/attachment.bin

From emanuel at intevation.de  Wed Jan 30 10:15:58 2008
From: emanuel at intevation.de (Emanuel =?iso-8859-1?q?Sch=FCtze?=)
Date: Wed, 30 Jan 2008 10:15:58 +0100
Subject: [Kolab-announce] New Kolab documentation material
Message-ID: <200801301015.58829.emanuel@intevation.de>

New Kolab documentation material has been released:
http://kolab.org/documentation.html

+++ Operating manual for Kolab Server 2.2 +++
version 1.0, only in german ("Allgemeine Betriebsdokumentation").

+++ Example slides for Kolab presentations +++
version 1.0, only in german.

Translations and improvements are welcome! 
Changes and new draft versions can be uploaded and added in the Kolab wiki. 
See here for more information:
http://wiki.kolab.org/index.php/Operating_Manual
http://wiki.kolab.org/index.php/Example_Slides_for_Kolab_Presentations

Regards,
Emanuel


-- 
Emanuel Sch?tze  |  ++49-541-335 08 38  |  http://www.intevation.de/
Intevation GmbH, Georgstr. 4, 49074 Osnabr?ck, DE | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner


From thomas at intevation.de  Tue Feb  5 12:24:51 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Tue, 5 Feb 2008 12:24:51 +0100
Subject: [Kolab-announce] Kolab Server 2.2 Release Candidate 1 released
Message-ID: <20080205112451.GE10443.thomas@intevation.de>

Hi!

Yesterday I uploaded Kolab Server 2.2-rc1, which includes some
enhancements and fixes compared to beta 3 and feature and security
updates for OpenPKG components.

Since 2.2 beta 2 the Kolab server provides a web client that
supports all the groupware features known from Outlook and Kontact.
Thus users are less dependent on their local client and can access
their groupware data from anywhere in the world provided they have
a standard browser available.

All packages except for openldap and db were upgraded to OpenPKG-CURRENT
(as of 20080118). The package openldap-2.3.39-20071130 was created to
fix security issues (CVE-2007-5707 and CVE-2007-5708) without upgrading
to OpenLDAP 2.4. The new imapd package was modified to behave like
in previous server releases, i.e. to not send capabilities after
STARTTLS, see kolab/issue2443 for details.

Documentation and OpenPKG source packages are be available in the
directory server/beta/kolab-server-2.2-rc-1/ of the mirrors listed
on http://kolab.org/mirrors.html, e.g.:

http://ftp.belnet.be/packages/kolab/server/beta/kolab-server-2.2-rc-1/
 ftp://ftp.belnet.be/packages/kolab/server/beta/kolab-server-2.2-rc-1/
http://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-1/
 ftp://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-1/

Included is a gpg signed MD5SUMS file to verify if your download is
correct:

  $ gpg --verify MD5SUMS
  $ md5sum -c MD5SUMS

Binary packages for Debian GNU/Linux (etch/stable) on x86 platforms
can be found in the ix86-debian4.0 directory next to the sources.

Please look at 1st.README and release-notes.txt for more information
about this release. Please report any problems you encounter in our
issue tracker: https://issues.kolab.org/

Regards,
Thomas Arendsen Hein

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080205/da3d5dda/attachment.bin

From thomas at intevation.de  Mon Feb 18 18:28:30 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Mon, 18 Feb 2008 18:28:30 +0100
Subject: [Kolab-announce] Kolab Security Issue 19 20080218 (clamav)
Message-ID: <20080218172830.GF567.thomas@intevation.de>

Kolab Security Issue 19 20080218
================================

Package:              Kolab Server, ClamAV
Vulnerability:        various
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

CVE-2007-6595

    ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink
    attack on (1) temporary files in the cli_gentempfd function in
    libclamav/others.c or on (2) .ascii files in sigtool, when utf16-decode is
    enabled.

CVE-2008-0318

    Integer overflow in libclamav in ClamAV before 0.92.1, as used in clamd,
    allows remote attackers to cause a denial of service and possibly execute
    arbitrary code via a crafted Petite packed PE file, which triggers a
    heap-based buffer overflow.

CVE-2008-0728

    libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact
    and attack vectors that trigger "heap corruption."


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.92.
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.
Kolab Server 2.2-rc1 and previous prereleases are affected.


Fix
~~~

Upgrade to ClamAV 0.92.1.

The ClamAV source RPM patched to be compilable with Kolab Server 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20080218/clamav-0.92.1-20080213_kolab.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20080218/clamav-0.92.1-20080213_kolab.ix86-debian3.1-kolab.rpm

All other server versions: Please build from the src.rpm.
For Kolab Server 2.2-rc1 the unmodified OpenPKG rpm can be used:
security-updates/20080218/clamav-0.92.1-20080213.src.rpm


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080218/clamav-0.92.1-20080213_kolab.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080218/clamav-0.92.1-20080213_kolab.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080218/clamav-0.92.1-20080213.src.rpm .

MD5 sums:
272ecc840ac8c322aa845e70b44917d6  clamav-0.92.1-20080213.src.rpm
1d787aa112cebf1788b1965ae22d5d30  clamav-0.92.1-20080213_kolab.ix86-debian3.1-kolab.rpm
09cb2442abbb333371874d9f60c0e439  clamav-0.92.1-20080213_kolab.src.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.92.1-20080213_kolab.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.92.1-20080213_kolab.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav stop
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=575703
	ClamAV 0.92.1 release notes

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595
	CVE-2007-6595

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318
	CVE-2008-0318

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728
	CVE-2008-0728


Timeline
~~~~~~~~
    20080211 ClamAV release 0.92.1.
    20080213 OpenPKG 0.92.1 package release.
    20080218 Kolab Server security advisory published.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080218/ff9d10ee/attachment.bin

From thomas at intevation.de  Mon Mar 17 15:57:13 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Mon, 17 Mar 2008 15:57:13 +0100
Subject: [Kolab-announce] Kolab Server 2.2 Release Candidate 2 released
Message-ID: <20080317145712.GH15003.thomas@intevation.de>

Hi!

On Friday I uploaded Kolab Server 2.2-rc2, which includes important
fixes compared to rc 2 and includes the ClamAV security update.
enhancements and fixes compared to beta 3 and feature and security
updates for OpenPKG components.

Documentation and OpenPKG source packages are be available in the
directory server/beta/kolab-server-2.2-rc-2/ of the mirrors listed
on http://kolab.org/mirrors.html (which currently is only one):

http://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-2/
 ftp://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-2/

Included is a gpg signed MD5SUMS file to verify if your download is
correct:

  $ gpg --verify MD5SUMS
  $ md5sum -c MD5SUMS

Binary packages for Debian GNU/Linux (etch/stable) on x86 platforms
can be found in the ix86-debian4.0 directory next to the sources.

Please look at 1st.README and release-notes.txt for more information
about this release. Please report any problems you encounter in our
issue tracker: https://issues.kolab.org/

Regards,
Thomas Arendsen Hein


P.S.: A very quick way to upgrade a server running 2.2-rc1 via
source packages is to download only the new RPM files from
server/development-2.2/20080314-since-20080204/sources/
and compile them with the following (long) command line:

# su - kolab
$ openpkg rpm --rebuild --define 'with_fsl yes' --define 'with_group yes' --define 'with_group_igncase yes' --define 'with_atvdom yes' --define 'with_drac no' --define 'with_replication no' --define 'with_murder no' --define 'with_listext no' --define 'with_nntp no' --define 'with_ldap yes' --define 'with_annotate yes' --define 'with_morelogging yes' --define 'with_kolab yes' --define 'with_kolab_nocaps yes' imapd-2.3.11-20080101_kolab2.src.rpm && openpkg rpm --rebuild clamav-0.92.1-20080213.src.rpm horde-framework-kolab-3.2_rc1-20080311.src.rpm && openpkg rpm --rebuild --define 'with_horde = yes' --define 'kolab_version = 2.2-rc2' kolab-filter-2.2.rc2-20080314.src.rpm kolab-freebusy-2.2.rc2-20080314.src.rpm kolab-webadmin-2.1.99-20080314.src.rpm kolabconf-2.2.rc2-20080314.src.rpm kolabd-2.1.99-20080314.src.rpm perl-kolab-2.2.rc2-20080314.src.rpm php-kolab-2.2.rc2-20080314.src.rpm

(please drop "--define 'with_horde = yes'" if your server does not
use the Horde web interface)

After compilation you can use "openpkg rpm -Uvh" on the new rpm files
in the /kolab/RPM/PKG directory.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 205 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080317/ce640af6/attachment.bin

From ludwig.reiter at intevation.de  Wed Mar 19 14:23:46 2008
From: ludwig.reiter at intevation.de (Ludwig Reiter)
Date: Wed, 19 Mar 2008 14:23:46 +0100
Subject: [Kolab-announce] Kolab KDE Client 2.1.12 released
Message-ID: <200803191423.55230.ludwig.reiter@intevation.de>

Kolab KDE Client 2.1.12 has been released.
This release contains bug fixes and some new minor features.
A tarball and release notes with a list of the changes can be found in the 
Kolab download area once the mirrors have been updated.

   Ludwig Reiter 

-- 
Intevation GmbH, Osnabr?ck
Registereintrag: Amtsgericht Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- n?chster Teil --------------
Current Release is Proko2 2.1.12

Changes since Proko2 2.1.11 (released 18.10.2007)

Bugfixes
========

* Kolab/issue2184 Don't crash when trying to save a composer 
  backup copy of a message that is already being sent.

* Kolab issue 2172 Skip quoted text when looking for the address
  separator.

* Kolab/issue2182 Ensure smime opaque encrypted emails lacking the
  smime-type parameter in the header are treated correctely wrt
  error handling and decryption is attempted, when in doubt.

* Kolab/issue2183 In the case of smime opaque signed and encrypted
  messages missing the smime-type parameter in the header the cases
  where decryption fails because of an error are discerned from
  those cases where decryption is attempted but fails because the
  message is not in fact encrypted. This ensures such messages being
  properly treated as signed, still.

-------------- n?chster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde abgetrennt...
Dateiname   : smime.p7s
Dateityp    : application/pkcs7-signature
Dateigr??e  : 1574 bytes
Beschreibung: nicht verf?gbar
URL         : http://kolab.org/pipermail/kolab-announce/attachments/20080319/68d403e5/smime.bin

From thomas at intevation.de  Wed Apr 16 17:25:23 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Wed, 16 Apr 2008 17:25:23 +0200
Subject: [Kolab-announce] Kolab Security Issue 20 20080416 (clamav)
Message-ID: <20080416152523.GL3360.thomas@intevation.de>

Kolab Security Issue 20 20080416
================================

Package:              Kolab Server, ClamAV
Vulnerability:        various
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

Various vulnerabilities, some allowing remote attackers to execute arbitrary
code, others causing a denial of service, have been found in ClamAV.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.92.1
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.
Kolab Server 2.2-rc2 and previous prereleases are affected.


Fix
~~~

Upgrade to ClamAV 0.93.

The ClamAV source RPM patched to be compilable with Kolab Server 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20080416/clamav-0.93-20080414_kolab.src.rpm

For Kolab Server 2.2-rc1 and -rc2 the unmodified OpenPKG rpm can be used:
security-updates/20080416/clamav-0.93-20080414.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20080416/clamav-0.93-20080414_kolab.ix86-debian3.1-kolab.rpm

A binary RPM for Kolab Server 2.2-rc1 and rc2 (ix86 Debian GNU/Linux Etch) is
available from:
security-updates/20080416/clamav-0.93-20080414_kolab.ix86-debian4.0-kolab.rpm

All other server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080416/clamav-0.93-20080414_kolab.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080416/clamav-0.93-20080414_kolab.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080416/clamav-0.93-20080414.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080416/clamav-0.93-20080414.ix86-debian4.0-kolab.rpm .

MD5 sums:
3f4a1e82a83ad3122e72744653c4d5d0  clamav-0.93-20080414.ix86-debian4.0-kolab.rpm
35c11b1f4e56b5b7169a52521f24dbdb  clamav-0.93-20080414.src.rpm
34f2a4853eab14c83559c80dd2b619c5  clamav-0.93-20080414_kolab.ix86-debian3.1-kolab.rpm
21ff5b7812d27bc22f4e808d93d68714  clamav-0.93-20080414_kolab.src.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.93-20080414_kolab.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.93-20080414_kolab.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav stop
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam
$ rm -r /kolab/share/clamav/*.inc

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?release_id=592112&group_id=86638
	ClamAV 0.93 release notes

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=876
	PeSpin Heap Overflow Vulnerability

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=877
	WWPack Heap Overflow Vulnerability

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100
	Upack Buffer Overflow Vulnerability (CVE-2008-1100)

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387
	ARJ: Sample from CERT-FI hangs clamav (CVE-2008-1387)


Timeline
~~~~~~~~
    20080414 ClamAV release 0.93.
    20080414 OpenPKG 0.93 package release.
    20080416 Kolab Server security advisory published.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080416/931f9d41/attachment.bin

From emanuel at intevation.de  Thu Apr 17 12:09:55 2008
From: emanuel at intevation.de (Emanuel =?utf-8?q?Sch=C3=BCtze?=)
Date: Thu, 17 Apr 2008 12:09:55 +0200
Subject: [Kolab-announce] New german-speaking users mailing list
Message-ID: <200804171209.55986.emanuel@intevation.de>

Hi Kolab community,

we have created a new mailing list for all german-speaking Kolab users:
  kolab-users-de at kolab.org

You are welcome to subscribe to the list at:
http://lists.wald.intevation.org/mailman/listinfo/kolab-users-de


Regards,
Emanuel

-- 
Emanuel Sch?tze  |  ++49-541-335 08 38  |  http://www.intevation.de/
Intevation GmbH, Georgstr. 4, 49074 Osnabr?ck, DE | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner


From thomas at intevation.de  Fri May 23 14:48:32 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Fri, 23 May 2008 14:48:32 +0200
Subject: [Kolab-announce] Kolab Server 2.2 Release Candidate 3 released
Message-ID: <20080523124832.GA17529.thomas@intevation.de>

Hi!

I just uploaded Kolab Server 2.2-rc3, which includes many important
fixes, an updated Horde webmail component and security updates for
ClamAV, OpenLDAP and PHP.

Documentation and OpenPKG source packages will soon be available in
the directory server/beta/kolab-server-2.2-rc-3/ of the mirrors
listed on http://kolab.org/mirrors.html, e.g.:

http://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-3/
 ftp://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2-rc-3/

rsync://rsync.kolab.org/kolab/RSYNC.txt explains how to get (or
mirror) the files via rsync.

All files updated since 2.2-rc1 and 2.2-rc2 are available in the
directory server/development-2.2/20080523-since-20080314/

Included is a gpg signed MD5SUMS file to verify if your download is
correct:

  $ gpg --verify MD5SUMS
  $ md5sum -c MD5SUMS

Binary packages for Debian GNU/Linux (etch/stable) on x86 platforms
can be found in the ix86-debian4.0 directory next to the sources.

Please look at 1st.README and release-notes.txt for more information
about this release.

The file 1st.README contains a new section "Generating your own
00INDEX.rdf for installations or upgrades" which explains how to
use existing binary packages for faster upgrades.

Please report any problems you encounter in our issue tracker:
https://issues.kolab.org/

Regards,
Thomas Arendsen Hein

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080523/e32c1e7f/attachment.bin

From emanuel at intevation.de  Wed Jun 11 11:40:17 2008
From: emanuel at intevation.de (Emanuel =?iso-8859-1?q?Sch=FCtze?=)
Date: Wed, 11 Jun 2008 11:40:17 +0200
Subject: [Kolab-announce] Thunderbird Plugin SyncKolab 1.0.0 available
Message-ID: <200806111140.17460.emanuel@intevation.de>

Version 1.0.0 of SyncKolab is available.

SyncKolab was written to add Kolab functionality to Thunderbird. 
It reads a selected Imap folder and synchronizes it with the local address 
book and calendar. It has been tested under Thunderbird for Windows (XP and 
Vista), MacOSX and Linux. Version 1.0 had 61 prereleases and 83 nightly 
releases with over 100 bugs fixed and is known to work nicely with 
Thunderbird 2 and Lightning 0.8.

More information: http://synckolab.mozdev.org/


From emanuel at intevation.de  Wed Jun 11 11:40:52 2008
From: emanuel at intevation.de (Emanuel =?iso-8859-1?q?Sch=FCtze?=)
Date: Wed, 11 Jun 2008 11:40:52 +0200
Subject: [Kolab-announce] Kontact for Windows and Mac OS X (developer
	version) presented
Message-ID: <200806111140.53266.emanuel@intevation.de>

The german Federal Office for Information Security (BSI) has presented a 
prototype of KDE Kolab Client Kontact on Windows and Mac OS X at the LinuxTag 
2008 (may 28th to 31th) in Berlin. These new Kolab clients based on KDE and 
Qt. They are still in development. A stable release is planed for the end of 
2008.

More information:
* Screenshots of Kontact/Win and Kontact/Mac:
  http://www.kolab.org/screenshots.html
* BSI press release (2008-05-21):
  http://www.bsi.bund.de/presse/pressinf/linuxtag210508.htm
* German News of Heise (2008-05-29):
http://www.heise.de/newsticker/LinuxTag-Kontact-fuer-Windows-und-Mac-OS-X--/meldung/108689
* German News of Linux-Magazin (2008-05-29):  
http://www.linux-magazin.de/news/linuxtag_2008_kontact_vorkonfiguriert_fuer_windows_und_mac
* German News of Golem (2008-05-30):
  http://www.golem.de/0805/60069.html
 


From thomas at intevation.de  Wed Jun 18 18:09:53 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Wed, 18 Jun 2008 18:09:53 +0200
Subject: [Kolab-announce] Kolab Security Issue 21 20080618 (clamav)
Message-ID: <20080618160953.GG19025.thomas@intevation.de>

Kolab Security Issue 21 20080618
================================

Package:              Kolab Server, ClamAV
Vulnerability:        denial of service
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

Damian Put reported a problem in ClamAV's code to decompress executables
created by the Petite packer, which causes invalid memory access.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.93
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.
Kolab Server 2.2-rc3 and previous prereleases are affected.


Fix
~~~

Upgrade to ClamAV 0.93.1.

The ClamAV source RPM patched to be compilable with Kolab Server 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20080618/clamav-0.93.1-20080610_kolab.src.rpm

For Kolab Server 2.2 release candidates the unmodified OpenPKG rpm can be used:
security-updates/20080618/clamav-0.93.1-20080610.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20080618/clamav-0.93.1-20080610_kolab.ix86-debian3.1-kolab.rpm

A binary RPM for Kolab Server 2.2 release candidates (ix86 Debian GNU/Linux
Etch) is available from:
security-updates/20080618/clamav-0.93.1-20080610_kolab.ix86-debian4.0-kolab.rpm

All other server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080618/clamav-0.93.1-20080610_kolab.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080618/clamav-0.93.1-20080610_kolab.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080618/clamav-0.93.1-20080610.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080618/clamav-0.93.1-20080610.ix86-debian4.0-kolab.rpm .

MD5 sums:
15a088fcdcd8af3513c38afe69a69d2b  clamav-0.93.1-20080610.ix86-debian4.0-kolab.rpm
57d5566041ee8f771673be894de8c00f  clamav-0.93.1-20080610.src.rpm
9c7d90027b3c4a923be2269f7a91fd3e  clamav-0.93.1-20080610_kolab.ix86-debian3.1-kolab.rpm
7d7e51d550282eff0eeb9c0eb34bb446  clamav-0.93.1-20080610_kolab.src.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.93.1-20080610_kolab.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.93.1-20080610_kolab.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav stop
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam
$ rm -r /kolab/share/clamav/*.inc

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=605577
	ClamAV 0.93.1 release notes

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000
	Entry in the ClamAV bug database

http://www.heise.de/security/news/meldung/109606
http://www.heise-online.co.uk/news/110947
	News about DoS vulnerability on Heise security


Timeline
~~~~~~~~
    20080609 ClamAV release 0.93.1.
    20080610 OpenPKG 0.93.1 package release.
    20080618 News on Heise security.
    20080618 Kolab Server security advisory published.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080618/e04c0967/attachment.bin

From lennart.johansen at intevation.de  Wed Jul  9 18:09:18 2008
From: lennart.johansen at intevation.de (Lennart Johansen)
Date: Wed, 9 Jul 2008 18:09:18 +0200
Subject: [Kolab-announce] Kolab integrates mobile devices via SyncML
Message-ID: <200807091809.24585.lennart.johansen@intevation.de>

Univention GmbH has realised an extension to Kolab in cooperation with the 
Kolab Konsortium and Pardus, which allows users to connect mobile devices 
directly to the groupware server. Now it is possible to synchronize 
appointment times and contact information being away on business. This was 
done by integrating the SyncML protocol into the Horde part of Kolab server. 
SyncML is a platform independant standard designed for the exchange of data 
between servers, clients and mobile devices.
The Horde interface is going to be integrated into Kolab Server/OpenPKG 2.2.0 
as a beta version. Version 2.2.1 is then expected to integrate the SyncML 
extensions for tasks and contacts.
In Univention's UGS the SyncML extensions are available as release candidates 
for testing purposes.

You can find more information in <a 
href="http://www.univention.de/pm_syncml.html">Univention's press release</a> 
(German only).

-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : nicht verfügbar
Dateityp    : application/pgp-signature
Dateigröße  : 197 bytes
Beschreibung: This is a digitally signed message part.
URL         : http://kolab.org/pipermail/kolab-announce/attachments/20080709/64007dcc/attachment.bin

From thomas at intevation.de  Fri Jul 11 19:38:59 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Fri, 11 Jul 2008 19:38:59 +0200
Subject: [Kolab-announce] Kolab Server 2.2.0 Final Release
Message-ID: <20080711173859.GC4107.thomas@intevation.de>

Hi!

I just uploaded the final release of Kolab Server 2.2.0, which
includes some important fixes to the last release candidates.

Again mmany thanks to all the people who helped with this!

Documentation and OpenPKG source packages will soon be available in
the directory server/release/kolab-server-2.2.0/ of the mirrors
listed on http://kolab.org/mirrors.html
for example:
http://ftp.gwdg.de/pub/linux/kolab/server/release/kolab-server-2.2.0/
 ftp://ftp.gwdg.de/pub/linux/kolab/server/release/kolab-server-2.2.0/

rsync://rsync.kolab.org/kolab/RSYNC.txt explains how to get (or
mirror) the files via rsync.

All files updated since 2.2-rc3 are available in the directory
server/development-2.2/20080711-since-20080523/

You can check the integrity of the downloaded files with:

$ gpg --keyserver hkp://subkeys.pgp.net --recv-key 5816791A
  or import the key from https://www.intevation.de/~thomas/gpg_pub_key.asc
  (the same key that I used to sign this email)
$ gpg --verify MD5SUMS.sig
$ md5sum -c MD5SUMS

Binary packages for Debian GNU/Linux (etch/stable) on x86 platforms
can be found in the ix86-debian4.0 directory next to the sources.

Please look at 1st.README and release-notes.txt (attached for your
convenience) for install instructions and more information about
this release. The install and upgrade instructions have been
extended since version 2.2-rc3.

Please report any problems you encounter in our issue tracker:
https://issues.kolab.org/

Regards,
Thomas Arendsen Hein

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
Kolab2 Server Install and Upgrade Information
=============================================

See http://kolab.org/ for general information about Kolab,
or look at http://wiki.kolab.org/ for specific topics.

It is recommended to subscribe to the announcement mailing list at
http://kolab.org/mailman/listinfo/kolab-announce
to receive security advisories and release announcements.


Quick install instructions
--------------------------

Kolab server with Horde needs about 1GB of disk space for the initial
install. By default the directory /kolab will be used, which should be
an empty directory or a symbolic link to an empty directory. If this
directory does not yet exist, it will be automatically created.

For production use it is recommended to create a separate partition for
/kolab (2GB to have some spare) and partitions for /kolab/var (at least
2GB for log files, virus filtering and caches) and /kolab/var/imapd/spool
(with enough space for your users' mails). For evaluation you could
start with the 2GB partition for /kolab (or 2GB free space on / if you
only have one big partition for your test system) and create the other
partitions when needed. Do _not_ use an NFS mounted drive!

Make sure that the following names are not in /etc/passwd or /etc/groups,
as OpenPKG will want to create them: "kolab" "kolab-r" "kolab-n"

To install the Kolab server, you need to download the files from the
directory containing this file (1st.README) to some local directory.

You can check the integrity of the downloaded files with:

$ gpg --keyserver hkp://subkeys.pgp.net --recv-key 5816791A
  or import the key from https://www.intevation.de/~thomas/gpg_pub_key.asc
$ gpg --verify MD5SUMS.sig
$ md5sum -c MD5SUMS

Then as root, cd into that local directory and run

# sh install-kolab.sh 2>&1 | tee /root/kolab-install.log

to build and install packages in /kolab. The command output will
be logged to install-kolab.log so that you have a reference in case
an errors occurs during installation.

The install script needs to store some files and creates a subdirectory
below /tmp (or $TMPDIR if set) for this purpose.

Horde might create much load on your server if there are many concurrent
users, so you can choose to not install it by adding the option
"-x horde-kolab-client" to the call to install-kolab.sh.
Installing Horde on a separate host is possible, but not discussed here.

If you do not want to install the free/busy view tool, add the option
"-x fbview-kronolith".

The binary packages distributed via kolab.org are compiled with Horde
and the free/busy view tool. Currently you need to compile from the
source packages to install without these features, see kolab/issue2440
for details.

By default, the Kolab server will now be started at boottime, so you
have to bootstrap the server configuration now to prevent unconfigured
components from being started, see kolab/issue1745 for details.

Please run:

# /kolab/etc/kolab/kolab_bootstrap -b

and follow the instructions.

Check http://www.openpkg.org/documentation/ for additional documentation
about the OpenPKG packaging system.


General update instructions
---------------------------

Usually an update of the Kolab server works as described here.  In
some cases you will need to deviate from these instructions a bit.  All
such cases are documented below, so read the release specific update
instructions for all releases newer than the one you already have before
you start the update.

In any case you should completely read *all* relevant update
instruction *before* starting the upgrade procedure.  Always make
sure you have a recent backup of your /kolab directory before you
attempt to upgrade Kolab.

The installation of the new packages works just as for the initial
installation.  Download the files as described above and run

# sh install-kolab.sh 2>&1 | tee /root/kolab-update.log

If you installed without Horde or F/B-View you need to drop the
corresponding flags again.

install-kolab.sh will usually automatically determine which packages
need to be built.  If you have made changes to configuration files or
an updated package includes configuration files which are usually
regenerated from files in /kolab/etc/kolab/templates/ the old
configuration file will be saved with the extension .rpmsave.  For
files generated from templates you just have to remove the rpmsave
file, because services will refuse to start if there still is an
rpmsave file, e.g.:

# rm /kolab/etc/clamav/*.conf.rpmsave

For other changed files (e.g. the template files themselves) you may
want to transfer your changes from the .rpmsave backup to the new files.

Then regenerate the configuration and restart Kolab with:

# /kolab/sbin/kolabconf
# /kolab/bin/openpkg rc all restart

Or alternatively if the Kolab server was stopped before the upgrade:

# /kolab/bin/openpkg rc openldap start
# /kolab/sbin/kolabconf
# /kolab/bin/openpkg rc all start


Generating your own 00INDEX.rdf for installations or upgrades
-------------------------------------------------------------

The source and binary downloads contain the 00INDEX.rdf file needed by
the "openpkg build" command used by install-kolab.sh to install or upgrade
a Kolab server.

If you already have your own set of binary packages from a previous build,
you can use these to create a full binary installer (e.g. to install the
packages on a second machine) or or a partial binary installer (for upgrades
where you only want to compile the new .src.rpm files instead of everything).

To generate this file, you always need all .src.rpm files, so link or copy
them in a new directory (needs to be writable by the kolab user of your
installation). After this you can link/copy the install-kolab.sh file and
your binary rpm files (e.g. from /kolab/RPM/PKG/) into this directory and
run the following command as user kolab or root to create the new
00INDEX.rdf file::

$ sh install-kolab.sh -X

If you want a pure binary installer, you can remove the .src.rpm files
now. To be able to use this directory for fresh installations (i.e. not
only for upgrades), you need to put the OpenPKG bootstrap file
(openpkg-*.src.sh or openpkg-<ARCH>-<OS>-kolab.rpm) into this directory,
too.


Upgrade from 2.2-rc3 to 2.2.0
-----------------------------

Nothing special has to be done for this upgrade.


Upgrade from 2.2-rc2 to 2.2-rc3
-------------------------------

You should regenerated the free/busy cache again, as described in the
upgrading instructions from 2.2-rc1 to 2.2-rc2.

The IMAP annotation /vendor/kolab/xfb-readable (introduced in 2.2-beta3)
was renamed to /vendor/kolab/pxfb-readable-for to reflect the actual meaning.
After the upgrade the old annotations are still readable, but unused by the
server. If you still need to write this annotation for some reason, you have
to add it to imapd.annotation_definitions.template and run kolabconf.


Upgrade from 2.2-rc1 to 2.2-rc2
-------------------------------

You have to regenerated the free/busy cache, which now can be done
automatically. First (optional, but recommended) step is to remove the
current cache below /kolab/var/kolab-freebusy/cache:

# su - kolab-n
$ rm -r /kolab/var/kolab-freebusy/cache/*

Now you can use the following command (still as user kolab-n):

$ PHP_AUTH_USER=manager PHP_AUTH_PW='managerpassword' /kolab/bin/php \
  -c /kolab/etc/apache/php.ini /kolab/var/kolab/www/freebusy/generatefb.php

As this will show the manager's password on the command line, you can
alternatively open https://yourserver.example.com/freebusy/generatefb.php
in a web browser and login as "manager". This needs "Allow unauthenticated
downloading of Free/Busy information" to be disabled, which is the default.


Upgrade from 2.2-beta3 to 2.2-rc1
---------------------------------

Updating the free/busy cache has to be triggered for all calendar
folders of all accounts:
- Users need to create or update an appointment in their folders.
- Resources can be invited to a new appointment or send them an update
  to an existing appointment.


Upgrade from 2.2-beta2 to 2.2-beta3
-----------------------------------

After upgrading, you should remove the package "kolab-horde-framework",
which is no longer needed:

# /kolab/bin/openpkg rpm -e kolab-horde-framework


Upgrade from 2.2-beta1 to 2.2-beta2
-----------------------------------

Before running install-kolab.sh, you should stop the running Kolab server and
remove some packages which got renamed or will no longer be needed by running
this command:

# /kolab/bin/openpkg rc all stop
# /kolab/bin/openpkg rpm -e --nodeps apache2 apache2-php getopt proftpd \
    pth sharutils kolab-horde-fbview kolab-resource-handlers

Ignore errors about pth or sharutils not being installed, these
were included in the beta1 release but not installed by default.


Upgrade from Kolab server 2.1 or before
---------------------------------------

Instructions for upgrading from Kolab server 2.0 will be added in a
future version of this document.  These instructions are for upgrading
from Kolab server 2.1.0 to 2.2.0:

0.  Make a backup of your installation and data stored inside /kolab

1.  Before upgrading the Kolab server must be stoped:

    # /kolab/bin/openpkg rc all stop

2.  Save the current ldap:

    Copy the contents of the openldap database, use a different output
    filename if you want. You should make sure that no other users can
    read the sensitive data contained in the ldif file, e.g. with umask:

    # umask 077
    # /kolab/sbin/slapcat > ~/kolab-2.1.ldif

3.  Some of the old Kolab packages must be removed to avoid conflicts
    during the upgrade process:

    # /kolab/bin/openpkg rpm -e --nodeps \
        kolabd kolab-webadmin kolab-horde-fbview kolab-horde-framework \
        kolab-resource-handlers getopt patch proftpd sharutils

4.  New versions of openpkg and openpkg-tools are needed for the upgrade, so
    you have to install them manually beforehand.

    As root, cd into the directory of kolab server 2.2 binary packages and run:

    # /kolab/bin/openpkg rpm -Uvh \
        ./openpkg-20071227-20071227.<ARCH>-<OS>-kolab.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        ./openpkg-tools-1.4.6-20071231.<ARCH>-<OS>-kolab.rpm

    If you do not have binary packages for you platform, you have to build
    them from source first. As root, cd into the Kolab server 2.2 source
    directory and run:

    # /kolab/bin/openpkg rpm --rebuild ./openpkg-20071227-20071227.src.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        /kolab/RPM/PKG/openpkg-20071227-20071227.<ARCH>-<OS>-kolab.rpm
    # /kolab/bin/openpkg rpm --rebuild ./openpkg-tools-1.4.6-20071231.src.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        /kolab/RPM/PKG/openpkg-tools-1.4.6-20071231.<ARCH>-<OS>-kolab.rpm

    (<ARCH> and <OS> must be replaced by the correct values for your system).

5.  Start the standard upgrade (as described above):

    # sh install-kolab.sh 2>&1 | tee /root/kolab-update.log

6.  Before starting the LDAP server the database must be restored from
    the ldif:

    # rm /kolab/var/openldap/openldap-data/*
    # /kolab/sbin/slapadd -l ~/kolab-2.1.ldif

7.  The format of the TLS session cache changed, therefore you have truncated
    it to zero length:

    # > /kolab/var/imapd/tls_sessions.db

8   Check /kolab/etc/kolab/kolab.conf and merge new entries from
    kolab.conf.rpmnew manually!

9.  Remove all *.conf.rpmsave files in the subdirectories of
    /kolab/etc/ as described above.

10. Start the OpenLDAP, generate the configuration files and start the
    Kolab server:

    # /kolab/bin/openpkg rc openldap start
    # /kolab/sbin/kolabconf
    # /kolab/bin/openpkg rc all start

11. After the successful upgrade some cleanup can be done, by
    removing obsolete files/directories:

    # rm -r /kolab/etc/resmgr
    # rm -r /kolab/etc/proftpd
    # rm -r /kolab/var/kolab/www/freebusy/cache/*

12. The free/busy cache has to be regenerated for all calendar folders
    of all accounts, see "Upgrade from 2.2-rc1 to 2.2-rc2" in this file.

Additional hints may be available in the Kolab wiki:
http://wiki.kolab.org/index.php/Kolab2_Upgrading

Direct upgrade from Kolab1 is not supported. We suggest that you back
up your IMAP store, install Kolab2 and manually recreate user accounts
and then restore the IMAP data from the backup.


Known problems and workarounds
------------------------------

    - Your system (C library) has to support all languages you want to have
      available in the web admin interface and fbview. For most languages you
      have to use the non-UTF-8 and non-euro locales, i.e. de_DE, fr_FR,
      it_IT, nl_NL instead of e.g. de_DE at euro. For fbview some languages need
      a UTF-8 locale, e.g. ja_JP.UTF-8 for Japanese.
      See kolab/issue2732 (Horde and Web Admin Interface Language Selection
      depends on OS locale support) for details.

    - If login on https://yourserver.example.com/fbview and triggering
      free/busy regeneration does not work, try as user kolab:

        /kolab/bin/php -r 'imap_open("{localhost:143/notls}", "" ,"");'

      If it yields "Segmentation fault (core dumped)", then there probably is
      a conflict between a dynamically loaded libdb3 from your system and a
      statically linked libdb4 from the OpenpPKG php package. If it yields a
      "PHP Warning: ...", this part of the system works correctly.

      One reason for such a conflict could be the mere presence of
      /lib/libnss_db.so.*, which is installed on some distributions by
      default. On Debian systems it is contained in the package "libnss-db".
      If you really need this library, you could work around the loading of
      libdb3 by placing a symbolic link with the correct name in /kolab/lib,
      e.g.:

        ldd /lib/libnss_db.so.2
                libnss_files.so.2 => /lib/tls/libnss_files.so.2 (0xb7f16000)
           ---> libdb3.so.3 => /usr/lib/libdb3.so.3 (0xb7e6b000)
                libc.so.6 => /lib/tls/libc.so.6 (0xb7d36000)
                /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
        ln -s /dev/null /kolab/lib/libdb3.so.3

      See kolab/issue1607 (need to replace gdbm for pfbcache, because of
      license clash gdbm vs php) for details.

    - /kolab/etc/kolab/kolab_bootstrap -b fails to start the temporary
      slapd on Linux 2.4 kernels if binaries compiled on Linux 2.6 (as
      provided on kolab.org) are used. See kolab/issue1795 for details.

    - Under some circumstance the Kolab server may not create or delete
      users or update the configuration after changes have been made in
      the web interface.  This happens most often immediately after the
      bootstrap.  In that case restart the kolabd:

        /kolab/bin/openpkg rc kolabd restart

      If user accounts are still not created or deleted, you can try removing
      the file /kolab/var/kolab/mailbox-uidcache.db and restarting kolabd.

      See kolab/issue1068 (Mailboxes are not created until kolabd restart)
      and kolab/issue1098 (Changes in the service tab are not accepted after
      bootstrap) for details.

    - If modifying or deleting of address book entries doesn't work,
      restarting openldap can help, see kolab/issue854 for details.

    - There is a report that the manager can only see users in the primary
      domain, see kolab/issue1485. We can't reproduce this problem, please
      tell us if you can.

    - Calendar folders for group/resource accounts can't be created for
      domains which were added after bootstrap, i.e. via the web admin
      interface. See kolab/issue1313 for details.

    - When deleting domains via the web admin interface, the corresponding
      LDAP data and IMAP spool stay on the server and have to be deleted
      manually. See kolab/issue1571 and kolab/issue1576 for details.

    - A domain maintainer can not always edit the email aliases for a user,
      even if the user and the alias is in domains the domain maintainer has
      access to. See kolab/issue2825 for details.


$Id: README.1st,v 1.90 2008/07/10 12:41:32 thomas Exp $
-------------- next part --------------
Kolab Server 2.2 Release Notes
==============================
(Version 20080711, Kolab Server 2.2.0)

For upgrading and installation instructions, please refer to
the 1st.README file in the package directory.
Upgrading from Kolab server 2.1 is not yet documented.


Differences between Kolab 2.1 and 2.2:

    - Upgrade of central Kolab server components

	The Apache server shipped with the Kolab server has been
	upgraded to Apache-2.2.*. At the same time the system was
	switched to PHP5.

	Postfix got upgraded to 2.4.* which removes the need for
	special Kolab patches which were integrated upstream.

	The Cyrus IMAP server was updated to 2.3.* also removing the
	need for some, though not all, Kolab specific patches.

    - Inclusion of the web based Horde Groupware client

	The Kolab server now provides a web client that supports all
	the groupware features known from Outlook and Kontact. Thus
	users are less dependent on their local client and can access
	their groupware data from anywhere in the world provided they
	have a standard browser available.

    - Structural improvements

	Several components of the Kolab server got restructured so
	that porting the Kolab server to distributions other than
	OpenPKG got easier. This also improves the development model
	in general.

    - Improvements, bugfixes and upgraded software components

	The 2.2 release received many improvements and bugfixes for
	issues found in earlier versions. Additionally all software
	components have been upgraded to new upstream versions.
	The specifics are described below.


Changes between 2.2-rc-3 and 2.2.0

    - clamav-0.93.3-20080708

	New upstream version, fixes denial of service.

    - fbview-horde-3.2_rc3-20080605

	Allow login if public imap service is disabled.

    - fbview-kronolith-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-imp-kolab-4.2_rc3-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-ingo-kolab-1.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-kolab-3.2_rc3-20080707

	Allow login if public imap service is disabled.

	kolab/issue2831 (SECURITY: <horde-3.2.1 affected by XSS issue)

    - horde-kronolith-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-mnemo-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-nag-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-passwd-kolab-3.0.1-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-turba-kolab-2.2_rc3-20080710

	kolab/issue2832 (SECURITY: <turba-2.2.1 affected by XSS issue)
	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - install-kolab.sh

	Adjusted version number.

	Install fbview-kronolith and horde-kolab-client by default, unless
	excluded with "-x fbview-kronolith" or "-x horde-kolab-client".

	Removed obsolete options -F/-H/-i.

	kolab/issue2727 (install-kolab.sh: tar uses -O which is not
	                 implemented in Solaris' tar)
	kolab/issue2747 (Installation of ix86 binaries fails on amd64 system)

    - kolabconf-2.2.0-20080709

	Adjusted version number.

    - kolabd-2.2.0-20080709

	Adjusted version number (and fixed typo).

	Removed unused fbview.conf.template file.

	kolab_bootstrap: Use Net::Domain to determine fqdn more reliably
	and make sure suggested domain name contains a dot.

	kolab.conf, quotawarning and templates are owned by kolab instead of
	kolab-n to improve security, and kolab.conf is marked as (noreplace)
	so it does not overwrite the existing config file during upgrades.

	Updated check of free ports during kolab_bootstrap.

	kolab/issue1895 (switch from virtual_maps to virtual_alias_maps)
	kolab/issue2855 (Can create folder while logging in as user without
	                 domain name)

    - kolab-filter-2.2.0-20080709

	Adjusted version number.

    - kolab-freebusy-2.2.0-20080709

	Adjusted version number.

    - kolab-webadmin-2.2.0-20080709

	Adjusted version number.

	Fix deleting of domains and kolab hosts.

	kolab/issue2739 (Some characters are not allowed in users
	                 fax-/phonenumbers despite the description
	                 in the error)

    - perl-kolab-2.2.0-20080709

	Adjusted version number.

	kolab/issue2517 (group accounts lead to more rights than necessary for
	                 the "calendar" user)
	kolab/issue2760 (Deleting shared folders does not work)
	kolab/issue2827 (Deleting users does not work reliably)

    - php-kolab-2.2.0-20080711

	Adjusted version number.

	kolab/issue2660 (Invitation for event series not accept automatically)
	kolab/issue2734 (Automatic ressources decline changed overlapping event
	                 time)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	fbview-horde-3.2_rc3-20080605
	fbview-kronolith-2.2_rc2-20080710
	horde-imp-kolab-4.2_rc3-20080710
	horde-ingo-kolab-1.2_rc2-20080710
	horde-kolab-3.2_rc3-20080707
	horde-kronolith-kolab-2.2_rc2-20080710
	horde-mnemo-kolab-2.2_rc2-20080710
	horde-nag-kolab-2.2_rc2-20080710
	horde-passwd-kolab-3.0.1-20080710
	horde-turba-kolab-2.2_rc3-20080710
	kolab-filter-2.2.0-20080709
	kolab-freebusy-2.2.0-20080709
	kolab-webadmin-2.2.0-20080709
	kolabconf-2.2.0-20080709
	kolabd-2.2.0-20080709
	perl-kolab-2.2.0-20080709
	php-kolab-2.2.0-20080711

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	horde-framework-kolab-3.2_rc3-20080405
	horde-kolab-client-0.99-20080405
	openldap-2.3.41-20080424
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	clamav-0.93.3-20080708

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.6-20080514_kolab
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	imapd-2.3.11-20080101_kolab4
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.6-20080514_kolab
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101_kolab
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-rc-2 and 2.2-rc-3

    - apache-php-5.2.6-20080514_kolab

	New upstream version, fixes various security issues.

	kolab/issue2519 (Add functionality PHP : GetMYRIGHT)

    - clamav-0.93-20080414

	New upstream version, fixes various security issues.

    - fbview-horde-3.2_rc3-20080523

	Removed manager password from fbview config file.

	kolab/issue2134 ([Horde]Unable to send message with attachments)

    - fbview-kronolith-2.2_rc2-20080523

	New upstream package with adjusted patches.

    - install-kolab.sh

	kolab/issue2371 (install-kolab.sh script incompatible with /bin/sh of
	                 e.g. Solaris 10)
	kolab/issue2591 (NTLM support in Cyrus SASL)
	kolab/issue2686 (unquoted wildcards in install-kolab.sh)

    - horde-framework-kolab-3.2_rc3-20080405

	Rename .xpfb to .pxfb.

	kolab/issue2587 (ifb retrieval does not work for aliases anymore)
	kolab/issue2588 (whole day event with show-time-as free gets into the
	                 pfb)

    - horde-kolab-3.2_rc3-20080405

	kolab/issue2134 ([Horde]Unable to send message with attachments)

    - imapd-2.3.11-20080101_kolab4

	kolab/issue1824 (cyrus-imapd segfaults on x86_64)
	kolab/issue2443 (kontact aborts sieve when imapd sends capabilities
	                 after starttls)

    - kolabd-2.1.99-20080521

	Rename .xpfb to .pxfb and xfb-readable to pxfb-readable-for

	kolab/issue2244 (SpamAssassin uses DNS blacklists)
	kolab/issue2436 (delprune setting in cyrus.conf)
	kolab/issue2586 (SPAM filtering: HELO_LOCALHOST score default too high)

    - kolab-filter-2.2.rc3-20080521

	Rename .xpfb to .pxfb.

    - kolab-freebusy-2.2.rc3-20080521

	kolab/issue2536 (generatefb.php doesn't work with folders containing
	                 umlauts)

    - kolab-webadmin-2.1.99-20080521

	Fixes for XHTML strict

	kolab/issue2505 (update of the french translation for kolab-server)
	kolab/issue2538 (Make the location of the Smarty compile directory
	                 configurable)
	kolab/issue2569 (rename of services to settings makes welcome screen
	                 fail)
	kolab/issue2575 (Make background of favicon transparent)

    - openldap-2.3.41-20080424

	New upstream version, fixes various security issues.

    - perl-kolab-2.2.rc3-20080521

	Added Fedora-DS backend (inactive by default)

	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)

    - php-5.2.6-20080514_kolab

	New upstream version, fixes various security issues.

	kolab/issue2519 (Add functionality PHP : GetMYRIGHT)

    - php-kolab-2.2.rc3-20080521

	Rename .xpfb to .pxfb.

	kolab/issue2549 (Resource manager creates events in wrong account)

    - postfix-2.4.6-20080101_kolab

	kolab/issue2346 (Compilation of postfix fails on CentOS 5.1 64Bit)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	fbview-horde-3.2_rc3-20080523
	fbview-kronolith-2.2_rc2-20080523
	horde-framework-kolab-3.2_rc3-20080405
	horde-imp-kolab-4.2_rc3-20080405
	horde-ingo-kolab-1.2_rc2-20080405
	horde-kolab-3.2_rc3-20080405
	horde-kolab-client-0.99-20080405
	horde-kronolith-kolab-2.2_rc2-20080405
	horde-mnemo-kolab-2.2_rc2-20080405
	horde-nag-kolab-2.2_rc2-20080405
	horde-passwd-kolab-3.0.1-20080405
	horde-turba-kolab-2.2_rc3-20080405
	kolab-filter-2.2.rc3-20080521
	kolab-freebusy-2.2.rc3-20080521
	kolab-webadmin-2.1.99-20080521
	kolabconf-2.2.rc3-20080521
	kolabd-2.1.99-20080521
	openldap-2.3.41-20080424
	perl-kolab-2.2.rc3-20080521
	php-kolab-2.2.rc3-20080521

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	apache-php-5.2.6-20080514_kolab
	clamav-0.93-20080414
	imapd-2.3.11-20080101_kolab4
	php-5.2.6-20080514_kolab
	postfix-2.4.6-20080101_kolab

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-rc-1 and 2.2-rc-2

    - clamav-0.92.1-20080213

	New upstream version, fixes various security issues.

    - horde-framework-kolab-3.2_rc1-20080311

	kolab/issue2521 (an event breaking lib/Horde/Kolab/Freebusy.php)

    - imapd-2.3.11-20080101_kolab2

	kolab/issue2535 (group:distributionlist at example.com doesn't work for
	                 Cyrus IMAP ACLs)
	kolab/issue2541 (openpkg rpm -e imapd removes annotations.db and
	                 mailboxes.db)

    - kolabconf-2.2.rc2-20080314

	kolab/issue1550 (Masquerade problem)
	kolab/issue2446 (Make the used syslog facility configureable)

    - kolabd-2.1.99-20080314

	kolabdcachetool: Fix location of graveyard caches.

	Enforce SSL for horde and fbview and corrected Location entries.

	Use https for freebusy look-ups by the resmgr (resmgr didn't work
	when "FreeBusy Service via HTTP" was disabled).

	kolab/issue1693 (Automatically trigger f/b cache regeneration)
	kolab/issue2350 (Email from buggy Lotus notes client not accepted by
	                 Cyrus)
	kolab/issue2358 (mismatch between cyrus-admins and cyrus-admin)
	kolab/issue2446 (Make the used syslog facility configureable)
	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)
	kolab/issue2507 (move session_vars.php to sysconfig directory)

    - kolab-freebusy-2.2.rc2-20080314

	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-webadmin-2.1.99-20080314

	Corrections in the Dutch translation.

	Better LDAP filter when listing admins and maintainers.

	kolab/issue2203 (About Kolab does not list new server components)
	kolab/issue2329 (Domain Maintainer cannot create users)
	kolab/issue2437 (Change name of service tab to settings)
	kolab/issue2505 (update of the french translation for kolab-server)
	kolab/issue2507 (move session_vars.php to sysconfig directory)

    - perl-kolab-2.2.rc2-20080314

	kolab/issue2358 (mismatch between cyrus-admins and cyrus-admin)
	kolab/issue2478 (kolabd memory leak)

    - php-kolab-2.2.rc2-20080314

	Fixed determination of calendar folder owner.  Resmgr wasn't
	able to trigger freebusy list generation.

	kolab/issue1272 (From: header in vacation messages is marked as
	                 "Untrusted")
	kolab/issue1693 (Automatically trigger f/b cache regeneration)
	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)
	kolab/issue2467 (Kolab Filter ignores configuration in 2.2 RC1)
	kolab/issue2487 (Incorrect variable name $fbfilename within
	                 Freebusy/Cache.php)
	kolab/issue2495 (The reply to an invitation with umlauts of a group
	                 account doesn't display the umlauts.)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	horde-framework-kolab-3.2_rc1-20080311
	kolab-filter-2.2.rc2-20080314
	kolab-freebusy-2.2.rc2-20080314
	kolab-webadmin-2.1.99-20080314
	kolabconf-2.2.rc2-20080314
	kolabd-2.1.99-20080314
	perl-kolab-2.2.rc2-20080314
	php-kolab-2.2.rc2-20080314

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_rc1-20071128
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	clamav-0.92.1-20080213
	imapd-2.3.11-20080101_kolab2

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.5-20080114
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openldap-2.3.39-20071130
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.5-20080114
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-beta-3 and 2.2-rc-1

    All packages except for openldap and db were upgraded to OpenPKG-CURRENT
    (as of 20080118). The new imapd package was modified to behave like in
    previous server releases, i.e. to not send capabilities after STARTTLS,
    see kolab/issue2443 for details.

    - kolabconf-2.2.rc1-20080204

	Added missing newlines in kolabconf -h

    - kolabd-2.1.99-20080204

	deluser: add missing @ to bindir variable

	Updates for SUSE (support for <= 10.1 is completely dropped)

	kolab/issue26   (Allow to bind to specific IPs)

    - kolab-filter-2.2.rc1-20080204

	kolab/issue2425 (Undefined variable: reject_forged_from_header
	                 reported in fatal.log)

    - kolab-webadmin-2.1.99-20080204

	Fixed some variable initialisations.

	Correction in the Dutch translation.

	Link to favicon.ico so it is still used when running the web interface
	with a different path prefix.

	kolab/issue2439 (Explanation in the section Mail Filter Settings on
	                 the services tab not clear)

    - perl-kolab-2.2.rc1-20080204

	kolab/issue2411 (perl error in LDAP.pm)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	imapd-2.3.11-20080101_kolab
	kolab-filter-2.2.rc1-20080204
	kolab-freebusy-2.2.rc1-20080204
	kolab-webadmin-2.1.99-20080204
	kolabconf-2.2.rc1-20080204
	kolabd-2.1.99-20080204
	openldap-2.3.39-20071130
	perl-kolab-2.2.rc1-20080204
	php-kolab-2.2.rc1-20080204

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-framework-kolab-3.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_rc1-20071128
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Added:

	perl-locale-5.10.0-20080112
	perl-text-5.10.0-20080101

      Updated:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.5-20080114
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	clamav-0.92-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.5-20080114
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101

      Unchanged:

	db-4.5.20.2-20070628


Changes between 2.2-beta-2 and 2.2-beta-3:

    All packages except for openldap and db were upgraded to OpenPKG-CURRENT
    (as of 20071206). The package openldap-2.3.39-20071130 was created to
    fix security issues (CVE-2007-5707 and CVE-2007-5708) without upgrading
    to OpenLDAP 2.4.

    - kolabconf-2.2.beta3-20071207

	Fix the install location for kolabconf for the newest MakeMaker.

    - kolabd-2.1.99-20071203

	freebusy_logfile is now freebusy_logdir.

	Updated the template for the restructured kolab-freebusy package.

	Allow postfix smtp and smtps to bind to a specific IP, too.

	Support for the extended free/busy concept.

	Removed resource password handling which is unused since server 2.1.

	kolab/issue2134 ([Horde] Unable to send message with attachments)
	kolab/issue2206 (Multiple deliveries to distribution lists)
	kolab/issue2225 (notifyd logging going into fsl.log)
	kolab/issue2236 (Apache UID access broken)

    - kolab-filter-2.2.beta3-20071203

	Adapted to the restructured php-kolab/Kolab_Filter package.

	Removed resource password handling which is unused since server 2.1.

	kolab/issue2174 (Automatic Invitation Policy not working with invites
	                 as attachment)
	kolab/issue2177 (Better logging in kolabfilter and kolabmailboxfilter)

    - kolab-freebusy-2.2.beta3-20071130

	A fully restructured free/busy with the most recent free/busy
	concept implemented.

	kolab/issue799 (pfb php script cannot handle umlaut and dots in
	                foldernames correctly)
	kolab/issue898 (pfbs from several servers, are not combined into .ifb)

    - kolab-webadmin-2.1.99-20071203

	Improved some message strings.

	Updated German translations.

	Removed resource password handling which is unused since server 2.1.

	Removed obsolete explanation about enabling legacy services.

	kolab/issue1711 (extra space after first name when editing users or
	                 admins)
	kolab/issue1912 (some field descriptions missing in web admin
	                 interface)

    - perl-kolab-2.2.beta3-20071130

	Show component and log level when sending debug log to stdout.

	kolab/issue1313 (resmngr cannot create calendar folder in multidomain
	                 setup)

    - php-kolab-2.2.beta3-20071207

	A fully restructured free/busy with the most recent free/busy
	concept implemented.

	Restructured Kolab_Filter package with the focus on error
	handling and unit testing.

	Fix removal of the empty line between header and body. Added a
	unit test for that.

	kolab/issue1313 (resmngr cannot create calendar folder in multidomain
	                 setup)

    - horde-framework-kolab-3.2_rc1-20071129

	New functionality required for kolab-freebusy.

	Support for the extended free/busy concept.

	kolab/issue2128 (Building horde-framework-kolab without http access
	                 fails)
	kolab/issue2134 ([Horde] Unable to send message with attachments)
	kolab/issue2135 ([horde/turba] Turba should support some more contact
	                 attributes)
	kolab/issue2138 (Horde creates events in main inbox)
	kolab/issue2144 (Calendar items of shared calendar not appearing)

    - horde-kolab-3.2_rc1-20071201

	kolab/issue2101 ([horde] can't delete categories)

    - horde-kronolith-kolab-2.2_rc1-20071129

	kolab/issue2138 (Horde creates events in main inbox)

    - horde-turba-kolab-2.2_rc1-20071128

	kolab/issue2040 (Horde: resouces are not displayed in address book)
	kolab/issue2135 ([horde/turba] Turba should support some more contact
	                 attributes)

    - fbview-kronolith-2.2_rc1-20071129

	Support for the extended free/busy concept.


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Removed:

	kolab-horde-framework (now horde-framework-kolab)

      Added:

	php-channel-horde-1.0-1

      Updated:

	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-framework-kolab-3.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-turba-kolab-2.2_rc1-20071128
	kolab-filter-2.2.beta3-20071203
	kolab-freebusy-2.2.beta3-20071130
	kolab-webadmin-2.1.99-20071203
	kolabconf-2.2.beta3-20071207
	kolabd-2.1.99-20071203
	openldap-2.3.39-20071130
	perl-kolab-2.2.beta3-20071130
	php-kolab-2.2.beta3-20071207

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	horde-kolab-client-0.99-20071002
	horde-passwd-kolab-3.0.1-20071001
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	apache-2.2.6-20071121
	apache-php-5.2.5-20071206
	apr-1.2.12-20071126
	binutils-2.18-20071111
	curl-7.17.1-20071030
	flex-2.5.33-20071104
	fsl-1.7.0-20071027
	gcc-4.2.2-20071031
	gettext-0.17-20071107
	gmp-4.2.2-20071107
	imap-2006j2-20071028
	imapd-2.3.10-20071206
	libiconv-1.12-20071112
	libxml-2.6.30-20071205
	ncurses-5.6.20071201-20071202
	openpkg-20071030-20071030
	openssl-0.9.8g-20071104
	pcre-7.4-20071101
	perl-5.8.8-20071108
	perl-comp-5.8.8-20071201
	perl-crypto-5.8.8-20071110
	perl-db-5.8.8-20071029
	perl-ds-5.8.8-20071114
	perl-mail-5.8.8-20071206
	perl-module-5.8.8-20071206
	perl-net-5.8.8-20071203
	perl-parse-5.8.8-20071129
	perl-ssl-5.8.8-20071026
	perl-stats-5.8.8-20071204
	perl-sys-5.8.8-20071124
	perl-time-5.8.8-20071204
	perl-util-5.8.8-20071203
	perl-www-5.8.8-20071201
	perl-xml-5.8.8-20071121
	php-5.2.5-20071206
	png-1.2.23-20071109
	postfix-2.4.6-20071027
	procmail-3.22-20071027
	sasl-2.1.22-20071206
	spamassassin-3.2.3-20071027

      Unchanged:

	amavisd-2.5.2-20070907
	autoconf-2.61-20070711
	automake-1.10-20061111
	bc-1.06-20061013
	bison-2.3-20070312
	bzip2-1.0.4-20070507
	clamav-0.91.2-20070907
	config-20060923-20061013
	db-4.5.20.2-20070628
	diffutils-2.8.7-20071005
	expat-2.0.1-20070629
	file-4.21-20070829
	freetype-2.3.5-20070720
	gd-2.0.35-20071011
	grep-2.5.3-20070829
	groff-1.19.2-20070113
	gzip-1.3.12-20070623
	jpeg-6b-20070507
	libmcrypt-2.5.8-20070720
	libxslt-1.1.22-20070824
	lzo-2.02-20061013
	m4-1.4.9-20070818
	make-3.81-20061013
	mhash-0.9.9-20070807
	mm-1.4.2-20061013
	openpkg-tools-1.4.5-20070624
	perl-conv-5.8.8-20070526
	perl-dns-5.8.8-20070920
	perl-ldap-5.8.8-20070916
	perl-openpkg-5.8.8-20061013
	perl-term-5.8.8-20070924
	pkgconfig-0.22-20070720
	readline-5.2.7-20070927
	sed-4.1.5-20061013
	texinfo-4.11-20070911
	zlib-1.2.3-20070507


Changes between 2.2-beta-1 and 2.2-beta-2:

    - perl-kolab-2.2.beta2-20071018

	Removed the Kolab-Mailer module.

	Removed "dirserv"-support.

	Replaced path reference to the kolabconf script by a
	configuration variable.

	Replaced statedir path with function argument.

	Replaced several variables originally rewritten during the
	make cycle with values in a central configuration file.

	Converted the package into a standard perl library package.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - php-kolab-2.2.beta2-20071018

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue1637 (Recurrency issues)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolabconf-2.2.beta2-20071018

	New package that holds the kolabconf script.

	Added mechanism to allow config variable replacement in the META
	section.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1879 (kolabconf poor error message in buildCyrusConfig)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolabd-2.1.99-20071018

	Added "discard" service to the postfix master.cf configuration.

	Removed "dirserv"-support.

	Replaced path reference to the kolabconf script by a
	configuration variable.

	Replaced statedir path with function argument in Kolab::LDAP::startup.

	Replaced several variables originally rewritten during the
	make cycle with values in a central configuration file.

	Moved kolabconf into its own package.

	Fixed the apache configuration for the new fbview packages

	Switched from displaying php errors to logging them
	(recommended for production servers).

	Disabled spamd, hourly instead of daily clamav updates.

	Added "with_horde" support.

	Added LDAP attributes 'kolabAllowSMTPRecipient' and
	'kolabPolicyDaemon' in preparation for kolab/issue1340.

	The emailserver_socket is stored in $(libexecdir) and not in
	$(libdir). This fixes an x86_64 issue.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1025 (loading policy bank "MYUSERS": unknown field
	                 "mynetworks")
	kolab/issue1686 (Remove WebDAV Support)
	kolab/issue1796 (httpd.conf : MISSING Include
	                 "/kolab/etc/apache/apache.d/*.conf")
	kolab/issue1804 (Several files apparently missing in kolabd package)
	kolab/issue1805 (Uncleaned files in kolabd source package)
	kolab/issue1811 (Spurious files in CVS, kolabd directory)
	kolab/issue1861 (imapd.conf.template: primary domain listed twice in
	                 loginrealms)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)
	kolab/issue1895 (switch from virtual_maps to virtual_alias_maps)
	kolab/issue2038 (additional sieve extensions)

    - kolab-filter-2.2.beta2-20071018

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue1606 (Allow to run kolab-resource-handlers with PHP cgi)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolab-webadmin-2.1.99-20071018

	Clarify web admin description for HTTP FreeBusy switch
	(with updated German translation)

	kolab/issue932  (Illegal values in webadmin cause LDAP errors)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1162 (Misplaced title field in webinterface)
	kolab/issue1246 (Permission handling in the webadmin frontend)
	kolab/issue1611 ([webadmin] page.tpl use no valid XHTML)
	kolab/issue1694 (Unable to modify the folder type of an already
	                 created shared folder)
	kolab/issue1781 (Spanish PO File Translation)
	kolab/issue1797 (kolab-webadmin source package missing PO files)
	kolab/issue1800 (kolab-webadmin debian dist_conf smarty location)
	kolab/issue1845 (incorrect check mailForDn for ldap results)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Removed:

	kolab-horde-fbview (now fbview-horde, fbview-kronolith)
	kolab-resource-handlers (now kolab-filter, kolab-freebusy, php-kolab)

      Added:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_alpha-20071013
	fbview-kronolith-2.2_alpha-20071001
	horde-framework-kolab-3.2_ALPHA-20071004
	horde-imp-kolab-4.2_alpha-20071004
	horde-ingo-kolab-1.2_alpha-20071004
	horde-kolab-3.2_alpha-20071013
	horde-kolab-client-0.99-20071002
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_alpha-20071004
	horde-mnemo-kolab-2.2_alpha-20071001
	horde-nag-kolab-2.2_alpha-20071004
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_alpha-20071002
	kolab-filter-2.2.beta2-20071018
	kolab-freebusy-2.2.beta2-20071018
	kolabconf-2.2.beta2-20071018
	php-kolab-2.2.beta2-20071018

      Updated:

	kolab-webadmin-2.1.99-20071018
	kolabd-2.1.99-20071018
	perl-kolab-2.2.beta2-20071018

      Unchanged:

	kolab-horde-framework-2.1.99-20070607
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Removed:

	apache2 (renamed to apache)
	apache2-php (renamed to apache-php)
	getopt (was needed by proftpd)
	proftpd (obsolete)
	pth (openldap is now built without pth)
	sharutils (no package requires this)

      Added:

	apache-2.2.6-20070910
	apache-php-5.2.4-20071015
	apr-1.2.11-20070907
	freetype-2.3.5-20070720
	gd-2.0.35-20071011
	jpeg-6b-20070507
	libmcrypt-2.5.8-20070720
	mhash-0.9.9-20070807
	png-1.2.22-20071014

      Updated:

	amavisd-2.5.2-20070907
	autoconf-2.61-20070711
	binutils-2.18-20070829
	clamav-0.91.2-20070907
	curl-7.17.0-20071009
	db-4.5.20.2-20070628
	diffutils-2.8.7-20071005
	expat-2.0.1-20070629
	file-4.21-20070829
	gcc-4.2.2-20071016
	gettext-0.16.1-20070930
	grep-2.5.3-20070829
	gzip-1.3.12-20070623
	imap-2006j2-20071012
	imapd-2.3.9-20071015
	libxml-2.6.30-20070824
	libxslt-1.1.22-20070824
	m4-1.4.9-20070818
	ncurses-5.6.20071013-20071014
	openldap-2.3.38-20071012
	openpkg-20071018-20071018
	openpkg-tools-1.4.5-20070624
	openssl-0.9.8f-20071017
	pcre-7.4-20070921
	perl-5.8.8-20071011
	perl-comp-5.8.8-20071005
	perl-crypto-5.8.8-20070929
	perl-db-5.8.8-20070711
	perl-dns-5.8.8-20070920
	perl-ds-5.8.8-20071008
	perl-ldap-5.8.8-20070916
	perl-mail-5.8.8-20070928
	perl-module-5.8.8-20070928
	perl-net-5.8.8-20070829
	perl-parse-5.8.8-20071018
	perl-ssl-5.8.8-20071017
	perl-stats-5.8.8-20070708
	perl-sys-5.8.8-20071018
	perl-term-5.8.8-20070924
	perl-time-5.8.8-20071006
	perl-util-5.8.8-20071015
	perl-www-5.8.8-20071010
	perl-xml-5.8.8-20070929
	php-5.2.4-20071012
	pkgconfig-0.22-20070720
	postfix-2.4.5-20070908
	procmail-3.22-20070720
	readline-5.2.7-20070927
	sasl-2.1.22-20071009
	spamassassin-3.2.3-20070810
	texinfo-4.11-20070911

      Unchanged:

	automake-1.10-20061111
	bc-1.06-20061013
	bison-2.3-20070312
	bzip2-1.0.4-20070507
	config-20060923-20061013
	flex-2.5.33-20070507
	fsl-1.7.0-20070316
	gmp-4.2.1-20061222
	groff-1.19.2-20070113
	libiconv-1.11-20061013
	lzo-2.02-20061013
	make-3.81-20061013
	mm-1.4.2-20061013
	perl-conv-5.8.8-20070526
	perl-openpkg-5.8.8-20061013
	sed-4.1.5-20061013
	zlib-1.2.3-20070507


Changes between 2.1.0 and 2.2-beta1:

    All components except for OpenLDAP were upgraded to
    OpenPKG-CURRENT (as of 20070608), most noteworthy:

	amavisd 2.5.1
	apache 2.2.4
	imapd 2.3.8
	php 5.2.3
	postfix 2.4.3
	spamassassin 3.2.0

    - perl-kolab-5.8.8-20070608

	kolab/issue1679 (Update template META mechanism to support service
	                 restarts)

    - kolabd-2.1.99-20070612

	kolab/issue919  (kolab server has problems with some characters in
	                 passwords)
	kolab/issue1126 (ldap_simple_bind() failed and Domain/Realm not
	                 available) - partial fix
	kolab/issue1679 (Update template META mechanism to support service
	                 restarts)
	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-resource-handlers-2.1.99-20070612

	added location to xpfb events

	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-webadmin-2.1.99-20070607

	kolab/issue1610 (Use <label> for forms in webadmin)
	kolab/issue1615 (Use <label> also for login page)
	kolab/issue1618 (Add missing headings)
	kolab/issue1619 (Add CSS file for printing)
	kolab/issue1620 (fix invalid XHTML in form.class.php)
	kolab/issue1742 (Do not modify the objectclasses of an existing object)
	kolab/issue1744 (No "User Deleted, awaiting cleanup" for admins and
	                 domain maintainers)


-------------------------------------------------------------------------------

Differences between Kolab 2.0 and 2.1:

    - Simple multi-domain support

	The Kolab server can now accept mail for multiple email domains.
	There is also a new class of maintainers which are only allowed
	to manage settings for a subset of the mail domains of the kolab
	server.

    - Hashed IMAP spool

	The default imapd configuration has been changed to enable the
	hashimapspool option, which allows the Cyrus IMAP server to run
	more efficiently especially when you have many mailboxes.

    - Improvements, bugfixes and upgraded software components

	The 2.1 release received many improvements and bugfixes for issues
	found in the 2.0 versions and during the long beta and rc phase.
	Additionally many software components have been upgraded to new
	upstream versions.


Changes between 2.1-rc-2 and 2.1.0:

    - Documentation

	Documented workaround for libdb3 conflict in README.1st

	Added instructions for automatically upgrading the free/busy cache.

    - amavisd-2.3.3-2.5.0_kolab

	kolab/issue1447 (Virus Scanning: Inserted note when partially scanned
	                 ugly)

    - kolabd-2.1.0-20070510

	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1560 (postfix modifies message/rfc822 MIME parts)
	kolab/issue1608 (A patch for kolabd to include the horde LDAP schema)

    - kolab-resource-handlers-2.1.0-20070510

	Generate a single To: header listing all recipients when forwarding
	encapsulated iCal messages.

	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1422 (Dummy freebusy info)

    - kolab-webadmin-2.1.0-20070510

	kolab/issue1616 (Use different cursor for <label> tags)
	kolab/issue1617 (fix small inconsistency in german translation)


Changes between 2.1-rc-1 and 2.1-rc-2:

    - apache-1.3.33-2.5.6_kolab2

	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)

    - clamav-0.90.2-20070413_kolab

	New upstream version, fixes various security issues.

    - file-4.15-2.5.0_kolab2

	Fix for security issue described in CVE-2007-1536:
	buffer overflow, remotely exploitable due to the usage of file in
	amavisd-new

    - fsl-1.7.0-20070303

	New upstream version.

	kolab/issue1172 (Cyrus Imapd dies when logfile exceeds 2 GiB)

    - php-4.4.0-2.5.2_kolab2

	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)

    - spamassassin-3.1.0-2.5.1_kolab

	Fix for security issue described in CVE-2007-0451:
	possible DoS due to incredibly long URIs found in the message content

	Disabled external DNS and URI blacklists, because some of these
	services require payment if used for many mailboxes.

	Ignore headers inserted on the receiving side for bayes filtering.

    - perl-kolab-5.8.7-20070420

	Added debug option for verbose logging to stderr.

    - kolabd-2.1.0-20070420

	Fix the path to the freebusy directory for non-OpenPKG installations.

	Fix usage of tar and modification of rc.conf during slave setup for
	non-OpenPKG installations.

	Don't pass notifications and quarantined mails through amavisd-new.

	Updated configuration templates for ClamAV 0.90

	Updated openldap monitor configuration.

	Updated cyrus imapd configuration to use cyr_expire.

	kolab/issue954  (kolab server rejects mails that should be marked
	                 untrusted)
	kolab/issue1538 (outlook invitation forwarding broken in Kolab server
	                 2.1)
	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)
	kolab/issue1609 ("kolab --help" tries to execute *all* commands)
	kolab/issue1638 (kolabconf generates broken resmgr.conf)
	kolab/issue1680 (/kolab/bin/kolab fix)

    - kolab-horde-fbview-2.1.0-20070420

	Updated version number, no other changes since 2.1rc1

    - kolab-resource-handlers-2.1.0-20070420

	Improved logging for opening pfbcache.db

	kolab/issue954  (kolab server rejects mails that should be marked
	                 untrusted)
	kolab/issue1538 (outlook invitation forwarding broken in Kolab server
	                 2.1)
	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)
	kolab/issue1659 (Freebusy assumes that all day events last exactly one
	                 day)

    - kolab-webadmin-2.1.0-20070420

	Updated Dutch and German translations.

	kolab/issue1457 (updated French translation)
	kolab/issue1612 (modify user ignores account type)
	kolab/issue1614 (ldap_add() - Constraint violation on change user
	                 account type)
	kolab/issue1630 (Domain maintainer can see distribution lists from
	                 other domains)
	kolab/issue1652 (Import users from ldif and LDAP Constraint violation)
	kolab/issue1654 (New LDAP overlay prevents modification of
	                 distribution lists)
	kolab/issue1663 (It is possible to create domain maintainers without
	                 domains)
	kolab/issue1670 (Renaming a domain maintainer twice within the same
	                 form fails)


Changes between 2.1-beta-4 and 2.1-rc-1:

    - kolabd-2.0.99-20070205

	kolab/issue1335 (pfbcache.db locking problems)
	kolab/issue1507 (Public viewable phpinfo() and more in Server default
	                 installation)
	kolab/issue1550 (Masquerade problem, corrected template)
	kolab/issue1563 (freebusy.conf template doesn't match freebusy.conf
	                 from package)
	kolab/issue1575 (Openldap enhanced data integrity)

    - kolab-webadmin-2.0.99-20070205

	Disabled Spanish language selection from web admin interface, because
	of missing translation.

	kolab/issue1479 ("Type" of shared folder can only be modified in 2nd
	                 try)
	kolab/issue1486 ("About Kolab" in Webinterface needs work over)
	kolab/issue1539 (extension to the opening text, when the manager logs
	                 in for the 1st time)
	kolab/issue1559 (Domain Maintainer cannot delete "his" users)
	kolab/issue1586 ("Required field" not translated to German in web
	                 admin)
	kolab/issue1592 (LANGUAGE variable overrides web admin language
	                 selection)


Changes between 2.1-beta-3 and 2.1-beta-4:

    - clamav-0.88.7-20061211

	bypass virus detection (CVE-2006-6406),
	denial of service, remotely exploitable (CVE-2006-6481)
	(http://kolab.org/security/kolab-vendor-notice-14.txt)

    - kolabd-2.0.99-20070117

	Updated proftpd.conf template: LDAPHomedirOnDemand(Prefix) is
	now named LDAPGenerateHomedir(Prefix).

	Set imapidlepoll to 5 seconds in imapd.conf.template.in.

	kolab/issue1433 (Some files in /kolab/etc/postfix have wrong ownership)
	kolab/issue1484 (Warnings using openldap = 2.3.27-2.20061018_kolab)
	kolab/issue1487 (amavisd.conf mynetworks incomplete)
	kolab/issue1531 (amavisd.conf local_domains only contains primary
	                 domain)
	kolab/issue1532 (Set "duplicatesuppression: 0" in imapd.conf.template?)

    - kolab-horde-fbview-2.0.99-20070112

	Improvements to the week view (part of kolab/issue666)

	Removed dangerous php scripts (part of kolab/issue1507)

    - kolab-resource-handlers-2.0.99-20070117

	kolab/issue1490 (freebusy cache written to /kolab/kolab/...)
	kolab/issue1512 (No FB information for resource accounts)
	kolab/issue1558 (kolab-webadmin and php 5.2.0)

    - kolab-webadmin-2.0.99-20070117

	kolab/issue1013 (user passwords sha1 encoded without salt)
	kolab/issue1262 (Setting quota to 4096+ MB breaks message delivery)
	kolab/issue1418 (fields visible even when attribute_access is "hidden"
	                 in session_vars.php)
	kolab/issue1540 (Typo on kolab/admin/service page)
	kolab/issue1555 (Login screen shows error msg for no good reason)

    - openldap-2.3.29-2.20061110_kolab

	New upstream version, fixes CVE-2006-5779 (Bugtraq ID 20939)

    - perl-kolab-5.8.7-20070117

	Only print warning about missing configuration variable if relevant.

	kolab/issue1550 (Masquerade problem)


Changes between 2.1-beta-2 and 2.1-beta-3:

    - openpkg-2.5.4-2.5.4

	New upstream version.

    - apache-1.3.33-2.5.6

	denial of service and possibly arbitrary code execution via crafted
	URLs that are not properly handled using certain rewrite rules.
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html

    - gzip-1.3.5-2.5.1

	denial of service, arbitrary code execution
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html

    - curl-7.15.0-2.5.2

	buffer overflow
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.012-curl.html

    - openssl-0.9.8a-2.5.4

	denial of service, may allow execution of arbitrary code
	(http://kolab.org/security/kolab-vendor-notice-12.txt)

    - clamav-0.88.5-2.20061018

	buffer overflow, remotely exploitable (CVE-2006-4018)
	(http://kolab.org/security/kolab-vendor-notice-10.txt)

	heap overflow, remotely exploitable (CVE-2006-4182),
	denial of service, remotely exploitable (CVE-2006-5295)
	(http://kolab.org/security/kolab-vendor-notice-13.txt)

    - file-4.15-2.5.0_kolab

	kolab/issue1458 (Password protected .sxw files can be banned by
	                 amavisd, as a result of the file command)

    - openldap-2.3.27-2.20061018_kolab

	New upstream version, fixes CVE-2006-4600 (Bugtraq ID 19832)
	and other problems.

	kolab/issue1229 (Master openldap's slurpd fails to start after
	                 adding slave)
	kolab/issue1431 (Slave cannot access master ldap server via SSL)

    - imapd-2.2.12-2.5.0_kolab2

	Fix folder structure for foldernames with non-alphanumeric characters,
	when using skiplist as the database backend for mailboxes.db.

    - perl-kolab-5.8.7-20061110

	kolab/issue1194 (serious performance problem on high number of users)

    - kolabd-2.0.99-20061110

	Added missing relay service for postfix.

	Changed main.cf masquerading defaults so email to
	user at machine.example.org is actually delivered.

	Use mailbox_transport instead of local_transport for
	kolabmailboxfilter to work around issue825.

	Removed doubled attribute cyrus-autocreatequota.

	Added indexes for delegate and delete.

	Updated freebusy.conf template for freebusy IMAP caching.

	Changed imapd.conf template to use berkeley db instead of
	skiplist for annotations.db and mailboxes.db as a workaround
	for kolab/issue840 (Annotations needs to be more robust).

	kolab/issue824  (kolabmailboxfilter run once for each recipient)
	kolab/issue1264 (Add support for sieve based notifications)
	kolab/issue1273 (Sending as delegate broken in Kolab server 2.1)
	kolab/issue1428 (Fixed locking issue)
	kolab/issue1433 (Some files in /kolab/etc/postfix have wrong ownership)

    - kolab-webadmin-2.0.99-20061110

	Fixes for setting folder type of shared folders.

	Guard against large number of users.

	kolab/issue1457 (updated French translation)

    - kolab-resource-handlers-2.0.99-20061110

	Improvements and fixes for freebusy IMAP caching.

	kolab/issue815  (invitation replies vanish in resmgr)
	kolab/issue957  (All-day events from Outlook don't show up in freebusy)
	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1042 (empty lines at the end of mails delivered via LMTP)
	kolab/issue1352 (resmgr can create wrong range dates)
	kolab/issue1387 (resmgr replies to replies creating mail loop)
	kolab/issue1422 (Dummy freebusy info)


Changes between 2.1-beta-1 and 2.1-beta-2:

    OpenPKG updates:

      openpkg-2.5.2-2.5.2
      openpkg-registry-0.2.7-20060223
      libxslt-1.1.15-2.5.1
      php-smarty-2.6.10-20051003
      clamav-0.88.2-20060524

      binutils-2.16.1-2.5.1
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.009-binutils.html

      openldap-2.3.11-2.5.1
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.008-openldap.html


    Kolab updates:

      More distconf changes by Richard Bos and Markus Huewe.

      - perl-kolab-5.8.7-20060619

	kolab/issue1194 (kolabd quota performance)
	kolab/issue1220 (postfix permissions)
	kolab/issue1237 (Handling of @@@var@@@ in Conf.pm (Gunnar Wrobel))

      - kolabd-2.0.99-20060619

	* The default imapd configuration has been changed to enable the
	  hashimapspool option.  This affects the upgrade procedure.
	  See 1st.README for upgrade instructions.

	* amavis now logs to /kolab/var/amavisd/amavisd.log.  This is
	  part of the fix for Issue1015

	kolab/issue1015 (fixing logging and logrotate for amavisd)
	kolab/issue1089 (enable hashimapspool for imapd to cope with many users)
	kolab/issue1101 (allowapop: no; disable apop access to imapd by default)
	kolab/issue1105 (fix compilation of kolabd on FreeBSD)
	kolab/issue1257 (wrong attribute name for imap quota)

      - kolab-webadmin-2.0.99-20060619

	* patch from Tobias Koenig in order to support setting of
	  foldertype for public folders

	kolab/issue848 (Modifying address book entry may break distribution list)
	kolab/issue1106 (email validation in webgui)
	kolab/issue1214 (number of days for vacation messages on webinterface)
	kolab/issue1263 (Bug in the shared folders folder-type code) [Wrobel]

      - kolab-resource-handlers-2.0.99-20060619

	* create empty pfbcache.db if missing

	kolab/issue973 (quoting and rewriting From header)
	kolab/issue966 (Wrong CN for resource accounts)
	kolab/issue1042 (server modifies email content)
	kolab/issue1195 (error message in bounce)
	kolab/issue1243 (rewriting fails when "From:" contains quoted printable)
	kolab/issue1245 (rewriting problems on folded Header "From:"-line)


$Id: release-notes.txt,v 1.295 2008/07/11 16:25:38 thomas Exp $
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080711/e8563eea/attachment-0001.bin

From wilde at intevation.de  Thu Sep 11 18:12:01 2008
From: wilde at intevation.de (Sascha Wilde)
Date: Thu, 11 Sep 2008 18:12:01 +0200
Subject: [Kolab-announce] Kolab Security Issue 22 20080911 (clamav)
Message-ID: <s7wy71y1x2m.fsf@intevation.de>

Kolab Security Issue 22 20080911
================================

Package:              Kolab Server, ClamAV
Vulnerability:        denial of service
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

Various unspecified memory corruption vulnerabilities and a bug in the
chm parser allowed remote attackers to cause a denial of service.
Further unknown attack vectors might exist.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.93.1
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.
Kolab Server 2.2.0 and previous prereleases are affected.


Fix
~~~

Upgrade to ClamAV 0.94.

The ClamAV source RPM patched to be compilable with Kolab Server 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20080911/clamav-0.94-20080905_kolab.src.rpm

For Kolab Server 2.2.0 the unmodified OpenPKG rpm can be used:
security-updates/20080911/clamav-0.94-20080905.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20080911/clamav-0.94-20080905_kolab.ix86-debian3.1-kolab.rpm

A binary RPM for Kolab Server 2.2.0 (ix86 Debian GNU/Linux Etch) 
is available from:
security-updates/20080911/clamav-0.94-20080905_kolab.ix86-debian4.0-kolab.rpm

All other server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080911/clamav-0.94-20080905_kolab.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080911/clamav-0.94-20080905_kolab.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080911/clamav-0.94-20080905.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20080911/clamav-0.94-20080905.ix86-debian4.0-kolab.rpm .

MD5 sums:
35acf995ef8927a8ea76afb8502eb648  clamav-0.94-20080905.ix86-debian4.0-kolab.rpm
0b6be1bf21deef9de8582a56d330aaef  clamav-0.94-20080905.src.rpm
67ffd197c991b5d1dc83520a91b5ff57  clamav-0.94-20080905_kolab.ix86-debian3.1-kolab.rpm
0b7d3a2a22f9a2c2e12bc0b14cc3b800  clamav-0.94-20080905_kolab.src.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.93.1-20080610_kolab.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.93.1-20080610_kolab.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav stop
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam
$ rm -r /kolab/share/clamav/*.inc

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?release_id=623661&group_id=86638
	ClamAV 0.94 release notes

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1389
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1089
	clamav chm handler: crasher bugs

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3912
http://www.securityfocus.com/bid/31051
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141
	DOS related to out-of-memory in libclamav

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3913
http://www.securityfocus.com/bid/31051
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141
	DOS caused by multiple memory leaks in freshclam/manager.c

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3914
http://www.securityfocus.com/bid/31051
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141
	Multiple unspecified vulnerabilities with unknown impact

Timeline
~~~~~~~~
    20080902 ClamAV release 0.94.
    20080905 OpenPKG 0.94 package release.
    20080905 Kolab Bug Tracker Issue created.
    20080611 Kolab Server security advisory published.
-- 
Sascha Wilde                                      OpenPGP key: 4BB86568
Intevation GmbH, Osnabr?ck             http://www.intevation.de/~wilde/
Amtsgericht Osnabr?ck, HR B 18998             http://www.intevation.de/
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20080911/797a9d74/attachment.bin

From thomas at intevation.de  Tue Dec  2 18:27:01 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Tue, 2 Dec 2008 18:27:01 +0100
Subject: [Kolab-announce] Kolab Security Issue 23 20081202 (clamav)
Message-ID: <20081202172701.GE20734.thomas@intevation.de>

Kolab Security Issue 23 20081202
================================

Package:              Kolab Server, ClamAV
Vulnerability:        various
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

Moritz Jodeit reports that ClamAV up to version 0.94 contains an
off-by-one heap overflow vulnerability in the code responsible for
parsing VBA project files. Successful exploitation could allow an
attacker to execute arbitrary code with the privileges of the `clamd'
process by sending an email with a prepared attachment.

Ilja Van Sprundel reported a denial-of-service vulnerability and an
unconfirmed possibility to run arbitrary code in ClamAV up to version
0.94.1 by sending malformed JPEG files.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.94.1
Kolab Server 2.2.0 and previous prereleases are affected.
Kolab Server 2.1.0 and previous releases of the 2.1 branch are affected.
Kolab Server 2.0.4 and previous releases of the 2.0 branch are affected.


Fix
~~~

Upgrade to ClamAV 0.94.2.

The ClamAV source RPM for Kolab Server 2.2, 2.1 and 2.0
is available from the Kolab download mirrors as:
security-updates/20081202/clamav-0.94.2-20081202.src.rpm

A binary RPM for Kolab Server 2.1.0 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20081202/clamav-0.94.2-20081202.ix86-debian3.1-kolab.rpm

A binary RPM for Kolab Server 2.2.0 (ix86 Debian GNU/Linux Etch)
is available from:
security-updates/20081202/clamav-0.94.2-20081202_kolab.ix86-debian4.0-kolab.rpm

All other server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20081202/clamav-0.94.2-20081202.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20081202/clamav-0.94.2-20081202.ix86-debian3.1-kolab.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20081202/clamav-0.94.2-20081202.ix86-debian4.0-kolab.rpm .

MD5 sums:
bd4aaba0b5dc0c4c7349fd3418326534  clamav-0.94.2-20081202.src.rpm
4e1efcb88af5ab6538560be9ee618ca0  clamav-0.94.2-20081202.ix86-debian3.1-kolab.rpm
0fe61493cfc48dda972844e455867f8e  clamav-0.94.2-20081202.ix86-debian4.0-kolab.rpm


The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.94.2-20081202.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.94.2-20081202.<ARCH>-<OS>-kolab.rpm
# rm /kolab/etc/clamav/*.rpmsave
# /kolab/bin/openpkg rc clamav stop
# /kolab/bin/openpkg rc clamav start
# su - kolab-r
$ freshclam
$ rm -r /kolab/share/clamav/*.inc

For Kolab Server 2.0.4 you have to copy the new /kolab/etc/clamav/clamd.conf
to /kolab/etc/kolab/templates/clamd.conf.template so it will not be
overwritten by kolabconf. Do NOT copy this file with Kolab Server 2.1 or 2.2!


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?release_id=637952&group_id=86638
	ClamAV 0.94.1 release notes

http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html
	Vulnerability description: ClamAV get_unicode_name() off-by-one buffer overflow

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1239
	ClamAV bug tracker entry for above vulnerability (not yet publicly available)

http://sourceforge.net/project/shownotes.php?release_id=643134&group_id=86638
	ClamAV 0.94.2 release notes

http://www.securityfocus.com/bid/32555
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266
	ClamAV 'cli_check_jpeg_exploit' Function Malformed JPEG File Remote Denial Of Service Vulnerability


Timeline
~~~~~~~~
    20081016 Moritz Jodeit reports vulnerability to ClamAV vendor.
    20081103 ClamAV release 0.94.1.
    20081109 Moritz Jodeit publishes vulnerability fixed in 0.94.1.
    20081126 ClamAV release 0.94.2.
    20081201 Bugtraq ID 32555 published for problem fixed in 0.94.2.
    20081202 Kolab Server security advisory published.

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Neuer Graben 17, 49074 Osnabrueck - AG Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20081202/bb264847/attachment.bin

From thomas at intevation.de  Fri Dec 12 20:18:15 2008
From: thomas at intevation.de (Thomas Arendsen Hein)
Date: Fri, 12 Dec 2008 20:18:15 +0100
Subject: [Kolab-announce] Kolab Server 2.2.1 Beta 1
Message-ID: <20081212191815.GA21528.thomas@intevation.de>

Hi!

I just uploaded Kolab Server 2.2.1-beta1 which contains a new
version of the web client (Horde), restructured packages and many
important fixes to the last release. Please make sure to follow
the upgrade instructions in 1st.README, because there have been
some changes in the LDAP schema.

|  This is a beta release and therefore not yet recommended
|  to be used in production environments!

Again many thanks to all the people who helped with this!

Documentation and OpenPKG source packages will soon be available in
the directory server/beta/kolab-server-2.2.1-beta-1/ of the mirrors
listed on http://kolab.org/mirrors.html
for example:
http://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2.1-beta-1/
 ftp://ftp.gwdg.de/pub/linux/kolab/server/beta/kolab-server-2.2.1-beta-1/

rsync://rsync.kolab.org/kolab/RSYNC.txt explains how to get (or
mirror) the files via rsync.

All files updated since 2.2.0 are available in the directory
server/development-2.2/20081212-since-20080711/

You can check the integrity of the downloaded files with:

$ gpg --keyserver hkp://subkeys.pgp.net --recv-key 5816791A
  or import the key from https://www.intevation.de/~thomas/gpg_pub_key.asc
  (the same key that I used to sign this email)
$ gpg --verify MD5SUMS.sig
$ md5sum -c MD5SUMS

Binary packages for Debian GNU/Linux (etch/stable) on x86 platforms
can be found in the ix86-debian4.0 directory next to the sources.

Please look at 1st.README and release-notes.txt (attached for your
convenience) for install instructions and more information about
this release.

Please report any problems you encounter in our issue tracker:
https://issues.kolab.org/

Regards,
Thomas Arendsen Hein

-- 
thomas at intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
Kolab Server 2.2 Install and Upgrade Information
================================================
(Version 20081212, Kolab Server 2.2.1-beta1)

See http://kolab.org/ for general information about Kolab,
or look at http://wiki.kolab.org/ for specific topics.

It is recommended to subscribe to the announcement mailing list at
http://kolab.org/mailman/listinfo/kolab-announce
to receive security advisories and release announcements.


Quick install instructions
--------------------------

Kolab server with Horde needs about 1GB of disk space for the initial
install. By default the directory /kolab will be used, which should be
an empty directory or a symbolic link to an empty directory. If this
directory does not yet exist, it will be automatically created.

For production use it is recommended to create a separate partition for
/kolab (2GB to have some spare) and partitions for /kolab/var (at least
2GB for log files, virus filtering and caches) and /kolab/var/imapd/spool
(with enough space for your users' mails). For evaluation you could
start with the 2GB partition for /kolab (or 2GB free space on / if you
only have one big partition for your test system) and create the other
partitions when needed. Do _not_ use an NFS mounted drive!

Make sure that the following names are not in /etc/passwd or /etc/groups,
as OpenPKG will want to create them: "kolab" "kolab-r" "kolab-n"

To install the Kolab server, you need to download the files from the
directory containing this file (1st.README) to some local directory.

You can check the integrity of the downloaded files with:

$ gpg --keyserver hkp://subkeys.pgp.net --recv-key 5816791A
  or import the key from https://www.intevation.de/~thomas/gpg_pub_key.asc
$ gpg --verify MD5SUMS.sig
$ md5sum -c MD5SUMS

Then as root, cd into that local directory and run

# sh install-kolab.sh 2>&1 | tee /root/kolab-install.log

to build and install packages in /kolab. The command output will
be logged to install-kolab.log so that you have a reference in case
an errors occurs during installation.

The install script needs to store some files and creates a subdirectory
below /tmp (or $TMPDIR if set) for this purpose.

Horde might create much load on your server if there are many concurrent
users, so you can choose to not install it by adding the option
"-x kolab-webclient" to the call to install-kolab.sh.
Installing Horde on a separate host is possible, but not discussed here.

If you do not want to install the free/busy view tool, add the option
"-x kolab-fbview".

The binary packages distributed via kolab.org are compiled with Horde
and the free/busy view tool. Currently you need to compile from the
source packages to install without these features, see kolab/issue2440
for details.

By default, the Kolab server will now be started at boottime, so you
have to bootstrap the server configuration now to prevent unconfigured
components from being started, see kolab/issue1745 for details.

Please run:

# /kolab/sbin/kolab_bootstrap -b

and follow the instructions.

Check http://www.openpkg.org/documentation/ for additional documentation
about the OpenPKG packaging system.


General update instructions
---------------------------

Usually an update of the Kolab server works as described here.  In
some cases you will need to deviate from these instructions a bit.  All
such cases are documented below, so read the release specific update
instructions for all releases newer than the one you already have before
you start the update.

In any case you should completely read *all* relevant update
instruction *before* starting the upgrade procedure.  Always make
sure you have a recent backup of your /kolab directory before you
attempt to upgrade Kolab.

The installation of the new packages works just as for the initial
installation.  Download the files as described above and run

# sh install-kolab.sh 2>&1 | tee /root/kolab-update.log

If you installed without Horde or F/B-View you need to drop the
corresponding flags again.  install-kolab.sh will usually automatically
determine which packages need to be built.

If you have made changes to configuration files or an updated package
includes configuration files which are usually regenerated from files
in /kolab/etc/kolab/templates/ the old configuration file will be saved
with the extension .rpmsave.  For files generated from templates you
just have to remove the rpmsave file, because services will refuse to
start if there still is an rpmsave file, e.g.:

# rm /kolab/etc/clamav/*.conf.rpmsave

For other changed files (e.g. the template files themselves) you may
want to transfer your changes from the .rpmsave backup to the new files.

Then regenerate the configuration and restart Kolab with:

# /kolab/sbin/kolabconf
# /kolab/bin/openpkg rc all restart

Or alternatively if the Kolab server was stopped before the upgrade:

# /kolab/bin/openpkg rc openldap start
# /kolab/sbin/kolabconf
# /kolab/bin/openpkg rc all start


Generating your own 00INDEX.rdf for installations or upgrades
-------------------------------------------------------------

The source and binary downloads contain the 00INDEX.rdf file needed by
the "openpkg build" command used by install-kolab.sh to install or upgrade
a Kolab server.

If you already have your own set of binary packages from a previous build,
you can use these to create a full binary installer (e.g. to install the
packages on a second machine) or or a partial binary installer (for upgrades
where you only want to compile the new .src.rpm files instead of everything).

To generate this file, you always need all .src.rpm files, so link or copy
them in a new directory (needs to be writable by the kolab user of your
installation). After this you can link/copy the install-kolab.sh file and
your binary rpm files (e.g. from /kolab/RPM/PKG/) into this directory and
run the following command as user kolab or root to create the new
00INDEX.rdf file::

$ sh install-kolab.sh -X

If you want a pure binary installer, you can remove the .src.rpm files
now. To be able to use this directory for fresh installations (i.e. not
only for upgrades), you need to put the OpenPKG bootstrap file
(openpkg-*.src.sh or openpkg-<ARCH>-<OS>-kolab.rpm) into this directory,
too.


Upgrade from 2.2.0 to 2.2.1-beta1
---------------------------------

0. Make a backup of your installation and data stored inside /kolab

1. The Kolab server must be stopped:

    # /kolab/bin/openpkg rc all stop

2. Save the current LDAP data:

   Copy the contents of the openldap database, use a different output
   filename if you want. You should make sure that no other users can
   read the sensitive data contained in the ldif file, e.g. with umask:

   # umask 077
   # /kolab/sbin/slapcat > ~/kolab-2.2.0.ldif

3. Start the standard upgrade:
   (as described in the General update instructions)

   # sh install-kolab.sh 2>&1 | tee /root/kolab-update.log

4. /kolab/etc/kolab/kolab.conf will be saved as kolab.conf.rpmsave,
   please move it back to the original name:

   # cd /kolab/etc/kolab && mv kolab.conf.rpmsave kolab.conf

5. Look at *.conf.rpmsave files in the subdirectories of /kolab/etc/,
   transfer your changes and remove these files.
   (as described in the General update instructions)

6. Before starting the LDAP server the database must be restored from
   the ldif (with Horde preferences filtered out, since these are now
   stored in files):

   # rm /kolab/var/openldap/openldap-data/*
   # /kolab/bin/awk '!/^ / {ok=1;}
      /^objectClass: horde(Person|Group)$/ {ok=0;}
      /^([a-z]*Prefs|turba(Contact|Members|PGPPublicKey|Type)):/ {ok=0;}
      {if(ok) print;}' kolab-2.2.0.ldif | /kolab/sbin/slapadd

7. Start the OpenLDAP, generate the configuration files and start the
   Kolab server:

   # /kolab/bin/openpkg rc openldap start
   # /kolab/sbin/kolabconf
   # /kolab/bin/openpkg rc all start


Upgrade from 2.2-rc3 to 2.2.0
-----------------------------

Nothing special has to be done for this upgrade.


Upgrade from 2.2-rc2 to 2.2-rc3
-------------------------------

You should regenerated the free/busy cache again, as described in the
upgrading instructions from 2.2-rc1 to 2.2-rc2.

The IMAP annotation /vendor/kolab/xfb-readable (introduced in 2.2-beta3)
was renamed to /vendor/kolab/pxfb-readable-for to reflect the actual meaning.
After the upgrade the old annotations are still readable, but unused by the
server. If you still need to write this annotation for some reason, you have
to add it to imapd.annotation_definitions.template and run kolabconf.


Upgrade from 2.2-rc1 to 2.2-rc2
-------------------------------

You have to regenerated the free/busy cache, which now can be done
automatically. First (optional, but recommended) step is to remove the
current cache below /kolab/var/kolab-freebusy/cache:

# su - kolab-n
$ rm -r /kolab/var/kolab-freebusy/cache/*

Now you can use the following command (still as user kolab-n):

$ PHP_AUTH_USER=manager PHP_AUTH_PW='managerpassword' /kolab/bin/php \
  -c /kolab/etc/apache/php.ini /kolab/var/kolab/www/freebusy/regenerate.php

As this will show the manager's password on the command line, you can
alternatively open https://yourserver.example.com/freebusy/regenerate.php
in a web browser and login as "manager". This needs "Allow unauthenticated
downloading of Free/Busy information" to be disabled, which is the default.


Upgrade from 2.2-beta3 to 2.2-rc1
---------------------------------

Updating the free/busy cache has to be triggered for all calendar
folders of all accounts:
- Users need to create or update an appointment in their folders.
- Resources can be invited to a new appointment or send them an update
  to an existing appointment.


Upgrade from 2.2-beta2 to 2.2-beta3
-----------------------------------

After upgrading, you should remove the package "kolab-horde-framework",
which is no longer needed:

# /kolab/bin/openpkg rpm -e kolab-horde-framework


Upgrade from 2.2-beta1 to 2.2-beta2
-----------------------------------

Before running install-kolab.sh, you should stop the running Kolab server and
remove some packages which got renamed or will no longer be needed by running
this command:

# /kolab/bin/openpkg rc all stop
# /kolab/bin/openpkg rpm -e --nodeps apache2 apache2-php getopt proftpd \
    pth sharutils kolab-horde-fbview kolab-resource-handlers

Ignore errors about pth or sharutils not being installed, these
were included in the beta1 release but not installed by default.


Upgrade from Kolab server 2.1 or before
---------------------------------------

Instructions for upgrading from Kolab server 2.0 will be added in a
future version of this document.  These instructions are for upgrading
from Kolab server 2.1.0 to 2.2.0:

0.  Make a backup of your installation and data stored inside /kolab

1.  Before upgrading the Kolab server must be stopped:

    # /kolab/bin/openpkg rc all stop

2.  Save the current LDAP data:

    Copy the contents of the openldap database, use a different output
    filename if you want. You should make sure that no other users can
    read the sensitive data contained in the ldif file, e.g. with umask:

    # umask 077
    # /kolab/sbin/slapcat > ~/kolab-2.1.ldif

3.  Some of the old Kolab packages must be removed to avoid conflicts
    during the upgrade process:

    # /kolab/bin/openpkg rpm -e --nodeps \
        kolabd kolab-webadmin kolab-horde-fbview kolab-horde-framework \
        kolab-resource-handlers getopt patch proftpd sharutils

4.  New versions of openpkg and openpkg-tools are needed for the upgrade, so
    you have to install them manually beforehand.

    As root, cd into the directory of kolab server 2.2 binary packages and run:

    # /kolab/bin/openpkg rpm -Uvh \
        ./openpkg-20071227-20071227.<ARCH>-<OS>-kolab.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        ./openpkg-tools-1.4.6-20071231.<ARCH>-<OS>-kolab.rpm

    If you do not have binary packages for you platform, you have to build
    them from source first. As root, cd into the Kolab server 2.2 source
    directory and run:

    # /kolab/bin/openpkg rpm --rebuild ./openpkg-20071227-20071227.src.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        /kolab/RPM/PKG/openpkg-20071227-20071227.<ARCH>-<OS>-kolab.rpm
    # /kolab/bin/openpkg rpm --rebuild ./openpkg-tools-1.4.6-20071231.src.rpm
    # /kolab/bin/openpkg rpm -Uvh \
        /kolab/RPM/PKG/openpkg-tools-1.4.6-20071231.<ARCH>-<OS>-kolab.rpm

    (<ARCH> and <OS> must be replaced by the correct values for your system).

5.  Start the standard upgrade (as described above):

    # sh install-kolab.sh 2>&1 | tee /root/kolab-update.log

6.  Before starting the LDAP server the database must be restored from
    the ldif:

    # rm /kolab/var/openldap/openldap-data/*
    # /kolab/sbin/slapadd -l ~/kolab-2.1.ldif

7.  The format of the TLS session cache changed, therefore you have truncated
    it to zero length:

    # > /kolab/var/imapd/tls_sessions.db

8   Check /kolab/etc/kolab/kolab.conf and merge new entries from
    kolab.conf.rpmnew manually!

9.  Remove all *.conf.rpmsave files in the subdirectories of
    /kolab/etc/ as described above.

10. Start the OpenLDAP, generate the configuration files and start the
    Kolab server:

    # /kolab/bin/openpkg rc openldap start
    # /kolab/sbin/kolabconf
    # /kolab/bin/openpkg rc all start

11. After the successful upgrade some cleanup can be done, by
    removing obsolete files/directories:

    # rm -r /kolab/etc/resmgr
    # rm -r /kolab/etc/proftpd
    # rm -r /kolab/var/kolab/www/freebusy/cache/*

12. The free/busy cache has to be regenerated for all calendar folders
    of all accounts, see "Upgrade from 2.2-rc1 to 2.2-rc2" in this file.

Additional hints may be available in the Kolab wiki:
http://wiki.kolab.org/index.php/Kolab2_Upgrading

Direct upgrade from Kolab1 is not supported. We suggest that you back
up your IMAP store, install Kolab2 and manually recreate user accounts
and then restore the IMAP data from the backup.


Known problems and workarounds
------------------------------

    - Compiling openpkg-20071227-20071227 does not work with gcc 4.3, e.g.
      on Debian/lenny. As a workaround you can install the gcc-4.2 package,
      but you have to make sure that "gcc" calls this version. If your system
      uses a symbolic link /usr/bin/gcc -> gcc-4.3 you can execute:

        ln -sf gcc-4.2 /usr/bin/gcc

      "gcc --version" should report 4.2.x now. See kolab/issue2871
      (openpkg-20071227-20071227 does not compile with gcc 4.3) for details.

    - Your system (C library) has to support all languages you want to have
      available in the web admin interface and fbview. For most languages you
      have to use the non-UTF-8 and non-euro locales, i.e. de_DE, fr_FR,
      it_IT, nl_NL instead of e.g. de_DE at euro. For fbview some languages need
      a UTF-8 locale, e.g. ja_JP.UTF-8 for Japanese.
      See kolab/issue2732 (Horde and Web Admin Interface Language Selection
      depends on OS locale support) for details.

    - If login on https://yourserver.example.com/fbview and triggering
      free/busy regeneration does not work, try as user kolab:

        /kolab/bin/php -r 'imap_open("{localhost:143/notls}", "" ,"");'

      If it yields "Segmentation fault (core dumped)", then there probably is
      a conflict between a dynamically loaded libdb3 from your system and a
      statically linked libdb4 from the OpenpPKG php package. If it yields a
      "PHP Warning: ...", this part of the system works correctly.

      One reason for such a conflict could be the mere presence of
      /lib/libnss_db.so.*, which is installed on some distributions by
      default. On Debian systems it is contained in the package "libnss-db".
      If you really need this library, you could work around the loading of
      libdb3 by placing a symbolic link with the correct name in /kolab/lib,
      e.g.:

        ldd /lib/libnss_db.so.2
                libnss_files.so.2 => /lib/tls/libnss_files.so.2 (0xb7f16000)
           ---> libdb3.so.3 => /usr/lib/libdb3.so.3 (0xb7e6b000)
                libc.so.6 => /lib/tls/libc.so.6 (0xb7d36000)
                /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
        ln -s /dev/null /kolab/lib/libdb3.so.3

      See kolab/issue1607 (need to replace gdbm for pfbcache, because of
      license clash gdbm vs php) for details.

    - /kolab/sbin/kolab_bootstrap -b fails to start the temporary
      slapd on Linux 2.4 kernels if binaries compiled on Linux 2.6 (as
      provided on kolab.org) are used. See kolab/issue1795 for details.

    - Under some circumstance the Kolab server may not create or delete
      users or update the configuration after changes have been made in
      the web interface.  This happens most often immediately after the
      bootstrap.  In that case restart the kolabd:

        /kolab/bin/openpkg rc kolabd restart

      If user accounts are still not created or deleted, you can try removing
      the file /kolab/var/kolab/mailbox-uidcache.db and restarting kolabd.

      See kolab/issue1068 (Mailboxes are not created until kolabd restart)
      and kolab/issue1098 (Changes in the service tab are not accepted after
      bootstrap) for details.

    - If modifying or deleting of address book entries doesn't work,
      restarting openldap can help, see kolab/issue854 for details.

    - There is a report that the manager can only see users in the primary
      domain, see kolab/issue1485. We can't reproduce this problem, please
      tell us if you can.

    - Calendar folders for group/resource accounts can't be created for
      domains which were added after bootstrap, i.e. via the web admin
      interface. See kolab/issue1313 for details.

    - When deleting domains via the web admin interface, the corresponding
      LDAP data and IMAP spool stay on the server and have to be deleted
      manually. See kolab/issue1571 and kolab/issue1576 for details.

    - A domain maintainer can not always edit the email aliases for a user,
      even if the user and the alias is in domains the domain maintainer has
      access to. See kolab/issue2825 for details.


$Id: README.1st,v 1.97 2008/12/12 18:00:35 thomas Exp $
-------------- next part --------------
Kolab Server 2.2 Release Notes
==============================
(Version 20081212, Kolab Server 2.2.1-beta1)

For upgrading and installation instructions, please refer to
the 1st.README file in the package directory.


Differences between Kolab 2.1 and 2.2:

    - Upgrade of central Kolab server components

	The Apache server shipped with the Kolab server has been
	upgraded to Apache-2.2.*. At the same time the system was
	switched to PHP5.

	Postfix got upgraded to 2.4.* which removes the need for
	special Kolab patches which were integrated upstream.

	The Cyrus IMAP server was updated to 2.3.* also removing the
	need for some, though not all, Kolab specific patches.

    - Inclusion of the web based Horde Groupware client

	The Kolab server now provides a web client that supports all
	the groupware features known from Outlook and Kontact. Thus
	users are less dependent on their local client and can access
	their groupware data from anywhere in the world provided they
	have a standard browser available.

    - Structural improvements

	Several components of the Kolab server got restructured so
	that porting the Kolab server to distributions other than
	OpenPKG got easier. This also improves the development model
	in general.

    - Improvements, bugfixes and upgraded software components

	The 2.2 release received many improvements and bugfixes for
	issues found in earlier versions. Additionally all software
	components have been upgraded to new upstream versions.
	The specifics are described below.


Changes between 2.2.0 and 2.2.1-beta-1

    - apache-2.2.10-20081111

	New upstream version, fixes various security issues.

    - apache-php-5.2.8-20081209_kolab

	New upstream version, fixes various security issues.

	Added sqlite2 support for SyncML support in kolab-webclient.

    - bzip2-1.0.5-20080318

	New upstream version, fixes CVE-2008-1372 (denial of service)

    - clamav-0.94.2-20081212

	New upstream version, fixes various security issues.

	kolab/issue765  (openpkg "junk" warnings)

    - gawk-3.1.6-20080101

	New package, build (not runtime) dependency of sqlite.

    - gmp-4.2.2-20080101_kolab

	kolab/issue2928 (gmp-4.2.2-20080101 does not compile on Debian
	                 lenny/amd64)

    - Horde_iCalendar-0.1.0-20081209

	kolab/issue3284 (Webclient or resmgr might send invitations that Outlook
	                 2003 does not understand (unquoted CN with Umlauts))

    - Kolab_Filter-0.1.3-20081212

	A new package replacing kolab-filter
	(from http://pear.horde.org/index.php?package=Kolab_Filter)

	Added LDA (dovecot) backend.

	kolab/issue839  (problem when kolabHomeServer is missing)
	kolab/issue3074 (Freebusy trigger fails for other users's calenders.)
	kolab/issue3208 (Free/Busy list is always empty)
	kolab/issue3256 (resmgr responses should reflect server revision in
	                 PRODID)
	kolab/issue3260 (kolabfilter does not allow empty sender (and
	                 therefore MAILER-DAEMON))
	kolab/issue3289 (resmgr dies when it should accept, but has
	                 not Calender folder access) - only partial fix

    - Kolab_Format-1.0.0-20081212

	New package
	(from http://pear.horde.org/index.php?package=Kolab_Format)

    - Kolab_FreeBusy-0.1.2-20081212

	A new package replacing kolab-freebusy
	(from http://pear.horde.org/index.php?package=Kolab_FreeBusy)

	Fixed handling of extended free/busy information.

	Fixed identification of the corresponding free/busy server.

	kolab/issue3208 (Free/Busy list is always empty)
	kolab/issue3256 (resmgr responses should reflect server revision in
	                 PRODID)

    - Kolab_Server-0.2.0.20081114-20081114

	New package
	(from http://pear.horde.org/index.php?package=Kolab_Server)

    - Kolab_Storage-0.3.0-20081205

	New package
	(from http://pear.horde.org/index.php?package=Kolab_Storage)

    - kolabd-2.2.1-20081212

	Added configuration option in resmgr.conf for local delivery
	backend.  (Makes it possible to activate the new LDA backend)

	Activated sqlite support in PHP.

	Updated the configuration for the newer Kolab_Filter package.

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue936  (kolabquotawarn: system cron used, and firing when
	                 server stopped)
	kolab/issue1310 (kolabquotawarn runs via cron before server was
	                 bootstrapped)
	kolab/issue1755 (syncrepl support (for OpenLDAP >=2.4.6))
	kolab/issue2351 (horde doesn't present attachment stuff while compose
	                 a message)
	kolab/issue2440 (Installing binary packages of 2.2 fails without Horde)
	kolab/issue2446 (Make the used syslog facility configureable (kolabd,
	                 kolabconf))
	kolab/issue2550 (kolabconf should make some others postfix maps)
	kolab/issue2910 (obsolete definition of schemacheck in slapd.conf)
	kolab/issue2911 (Change comments around the idletimeout definiton
	                 in the file templates/slapd.conf.template.in)
	kolab/issue2961 (added smtpd_sasl_authenticated_header = yes for
	                 simpler authorization)
	kolab/issue2994 (Duplicated kolab.conf files in cvs, one should
	                 be removed)
	kolab/issue3005 (Remove specific TLSCertificate code by using new
	                 bootstrap_config conditional in slapd.conf.template)
	kolab/issue3006 (Surround the horde schema include in
	                 slapd.conf.template with @@@ conditionals)
	                 Remark: this actually added only the code that allows
	                 to use @@@if exists(<file)@@@ inside a config file
	kolab/issue3031 (Make kolab.globals readonly)
	kolab/issue3224 (perl-kolab has been restructured)
	kolab/issue3262 (web admin: versions page needs to be updated for CVS
	                 HEAD)
	kolab/issue3298 (kolab2.schema uses wrong enterprise number in some
	                 attributes)

    - kolab-fbview-1.2.0-20081212

	A new package replacing the older horde-* packages.

	kolab/issue765  (openpkg "junk" warnings)

    - kolab-webadmin-2.2.1-20081212

	Added acknowledgments for OpenSSL and PHP.

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue2596 (Kolab's login page title is not bookmark friendly)
	kolab/issue3230 (opportunity to delete freebusy value)
	kolab/issue3262 (web admin: versions page needs to be updated for CVS
	                 HEAD)

    - kolab-webclient-1.2.0-20081212

	A new package replacing the older horde-* packages.

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue614  (Events from deleted/renamed calendar folder
	                 still show up in free/busy list)
	kolab/issue2249 ([horde/kronolith] Kronolith is unable to
	                 trigger a free/busy update on a folder rename)
	kolab/issue3037 (Free/Busy List interaction for Horde broken)
	kolab/issue3205 (FB in horde while creating events)
	kolab/issue3241 (Horde: Can't accept invitation)
	kolab/issue3243 (Store web client user preferences in files, not in
	                 LDAP)
	kolab/issue3284 (Webclient or resmgr might send invitations that Outlook
	                 2003 does not understand (unquoted CN with Umlauts))
	kolab/issue3292 (Sharing Default Groupware Resources does not work in
	                 Webclient)

    - openldap-2.3.43-20081212

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue2902 (OpenLDAP/slapd: CVE-2008-2952 remote denial of
	                 service)
	kolab/issue3302 (Kolab fails to build on Ubuntu 8.10 (Intrepid Ibex))

    - perl-kolab-2.2.1-20081212

	kolab_bootstrap: Quote s[l]urpd to prevent shell expansion.

	template META: RUNONCHANGE is now triggered when creating a file
	and is now also catching special config files (postfix, slapd, ...)

	template META: warning for incorrect keys

	template META: support to define the comment character

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue1671 (Improving the warning about kolab templates within
	                 configuration files)
	kolab/issue1755 (syncrepl support (for OpenLDAP >=2.4.6))
	kolab/issue2981 (kolab_bootstrap: re-use kolabconf code to read the
	                 config file)
	kolab/issue3006 (Surround the horde schema include in
	                 slapd.conf.template with @@@ conditionals)
	                 Remark: this actually added only the code that allows
	                 to use @@@if exists(<file)@@@ inside a config file
	kolab/issue3152 (keep syncrepl cookie on disk between sessions)
	kolab/issue3224 (perl-kolab has been restructured)

    - php-5.2.8-20081209_kolab

	New upstream version, fixes various security issues.

	Added full sqlite support.

    - php-smarty-2.6.20-20081212

	New upstream version.

	kolab/issue765  (openpkg "junk" warnings)
	kolab/issue2559 (CVE-2008-1066: php-smarty needs to be upgraded)

    - sqlite-3.6.4-20081212

	New package, required by the kolab-webclient.
	(includes sqlite 3.6.4 and sqlite 2.8.17)

	kolab/issue765  (openpkg "junk" warnings)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Removed:

	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_Sieve-1.1.5-1
	fbview-horde-3.2_rc3-20080605
	fbview-kronolith-2.2_rc2-20080710
	horde-framework-kolab-3.2_rc3-20080405
	horde-imp-kolab-4.2_rc3-20080710
	horde-ingo-kolab-1.2_rc2-20080710
	horde-kolab-3.2_rc3-20080707
	horde-kolab-client-0.99-20080405
	horde-kronolith-kolab-2.2_rc2-20080710
	horde-mnemo-kolab-2.2_rc2-20080710
	horde-nag-kolab-2.2_rc2-20080710
	horde-passwd-kolab-3.0.1-20080710
	horde-turba-kolab-2.2_rc3-20080710
	kolab-filter-2.2.0-20080709
	kolab-freebusy-2.2.0-20080709
	kolabconf-2.2.0-20080709
	php-channel-horde-1.0-1
	php-kolab-2.2.0-20080711

      Added:

	Horde_Argv-0.1.0-20081209
	Horde_Auth-0.1.1-20081209
	Horde_Browser-0.0.2-20081209
	Horde_CLI-0.0.2-20081209
	Horde_Cache-0.0.2-20081209
	Horde_Cipher-0.0.2-20081209
	Horde_DOM-0.1.0-20081209
	Horde_DataTree-0.0.3-20081209
	Horde_Date-0.1.0-20081209
	Horde_Framework-0.0.2-20081209
	Horde_Group-0.1.0-20081209
	Horde_History-0.0.2-20081209
	Horde_LDAP-0.0.2-20081209
	Horde_MIME-0.0.2-20081209
	Horde_NLS-0.0.2-20081209
	Horde_Perms-0.1.0-20081209
	Horde_Secret-0.0.2-20081209
	Horde_Serialize-0.0.2-20081209
	Horde_SessionObjects-0.0.2-20081209
	Horde_Util-0.1.0-20081209
	Horde_iCalendar-0.1.0-20081209
	Kolab_Filter-0.1.3-20081212
	Kolab_Format-1.0.0-20081212
	Kolab_FreeBusy-0.1.2-20081212
	Kolab_Server-0.2.0.20081114-20081114
	Kolab_Storage-0.3.0-20081205
	PEAR-Horde-Channel-1.0-20081210
	PEAR-Mail_mimeDecode-1.5.0-20081209
	PEAR-PHPUnit-Channel-1.0-20081012
	PHPUnit-3.3.3-1
	kolab-fbview-1.2.0-20081212
	kolab-webclient-1.2.0-20081212
	sqlite-3.6.4-20081212

      Updated:

	PEAR-HTTP_Request-1.4.3-1
	PEAR-Log-1.11.2-1
	PEAR-Net_SMTP-1.3.1-1
	PEAR-Net_Socket-1.0.9-1
	clamav-0.94.2-20081212
	kolab-webadmin-2.2.1-20081212
	kolabd-2.2.1-20081212
	openldap-2.3.43-20081212
	perl-kolab-2.2.1-20081212
	php-smarty-2.6.20-20081212

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-Mail-1.1.14-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_URL-1.0.15-1

    - OpenPKG packages:

      Added:

	gawk-3.1.6-20080101

      Updated:

	apache-2.2.10-20081111
	apache-php-5.2.8-20081209_kolab
	bzip2-1.0.5-20080318
	gmp-4.2.2-20080101_kolab
	php-5.2.8-20081209_kolab

      Unchanged:

	amavisd-2.5.3-20080101
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	imapd-2.3.11-20080101_kolab4
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101_kolab
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-rc-3 and 2.2.0

    - clamav-0.93.3-20080708

	New upstream version, fixes denial of service.

    - fbview-horde-3.2_rc3-20080605

	Allow login if public imap service is disabled.

    - fbview-kronolith-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-imp-kolab-4.2_rc3-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-ingo-kolab-1.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-kolab-3.2_rc3-20080707

	Allow login if public imap service is disabled.

	kolab/issue2831 (SECURITY: <horde-3.2.1 affected by XSS issue)

    - horde-kronolith-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-mnemo-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-nag-kolab-2.2_rc2-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-passwd-kolab-3.0.1-20080710

	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - horde-turba-kolab-2.2_rc3-20080710

	kolab/issue2832 (SECURITY: <turba-2.2.1 affected by XSS issue)
	kolab/issue2872 (Building horde packages fails if different version
	                 already installed)

    - install-kolab.sh

	Adjusted version number.

	Install fbview-kronolith and horde-kolab-client by default, unless
	excluded with "-x fbview-kronolith" or "-x horde-kolab-client".

	Removed obsolete options -F/-H/-i.

	kolab/issue2727 (install-kolab.sh: tar uses -O which is not
	                 implemented in Solaris' tar)
	kolab/issue2747 (Installation of ix86 binaries fails on amd64 system)

    - kolabconf-2.2.0-20080709

	Adjusted version number.

    - kolabd-2.2.0-20080709

	Adjusted version number (and fixed typo).

	Removed unused fbview.conf.template file.

	kolab_bootstrap: Use Net::Domain to determine fqdn more reliably
	and make sure suggested domain name contains a dot.

	kolab.conf, quotawarning and templates are owned by kolab instead of
	kolab-n to improve security, and kolab.conf is marked as (noreplace)
	so it does not overwrite the existing config file during upgrades.

	Updated check of free ports during kolab_bootstrap.

	kolab/issue1895 (switch from virtual_maps to virtual_alias_maps)
	kolab/issue2855 (Can create folder while logging in as user without
	                 domain name)

    - kolab-filter-2.2.0-20080709

	Adjusted version number.

    - kolab-freebusy-2.2.0-20080709

	Adjusted version number.

    - kolab-webadmin-2.2.0-20080709

	Adjusted version number.

	Fix deleting of domains and kolab hosts.

	kolab/issue2739 (Some characters are not allowed in users
	                 fax-/phonenumbers despite the description
	                 in the error)

    - perl-kolab-2.2.0-20080709

	Adjusted version number.

	kolab/issue2517 (group accounts lead to more rights than necessary for
	                 the "calendar" user)
	kolab/issue2760 (Deleting shared folders does not work)
	kolab/issue2827 (Deleting users does not work reliably)

    - php-kolab-2.2.0-20080711

	Adjusted version number.

	kolab/issue2660 (Invitation for event series not accept automatically)
	kolab/issue2734 (Automatic ressources decline changed overlapping event
	                 time)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	fbview-horde-3.2_rc3-20080605
	fbview-kronolith-2.2_rc2-20080710
	horde-imp-kolab-4.2_rc3-20080710
	horde-ingo-kolab-1.2_rc2-20080710
	horde-kolab-3.2_rc3-20080707
	horde-kronolith-kolab-2.2_rc2-20080710
	horde-mnemo-kolab-2.2_rc2-20080710
	horde-nag-kolab-2.2_rc2-20080710
	horde-passwd-kolab-3.0.1-20080710
	horde-turba-kolab-2.2_rc3-20080710
	kolab-filter-2.2.0-20080709
	kolab-freebusy-2.2.0-20080709
	kolab-webadmin-2.2.0-20080709
	kolabconf-2.2.0-20080709
	kolabd-2.2.0-20080709
	perl-kolab-2.2.0-20080709
	php-kolab-2.2.0-20080711

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	horde-framework-kolab-3.2_rc3-20080405
	horde-kolab-client-0.99-20080405
	openldap-2.3.41-20080424
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	clamav-0.93.3-20080708

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.6-20080514_kolab
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	imapd-2.3.11-20080101_kolab4
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.6-20080514_kolab
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101_kolab
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-rc-2 and 2.2-rc-3

    - apache-php-5.2.6-20080514_kolab

	New upstream version, fixes various security issues.

	kolab/issue2519 (Add functionality PHP : GetMYRIGHT)

    - clamav-0.93-20080414

	New upstream version, fixes various security issues.

    - fbview-horde-3.2_rc3-20080523

	Removed manager password from fbview config file.

	kolab/issue2134 ([Horde]Unable to send message with attachments)

    - fbview-kronolith-2.2_rc2-20080523

	New upstream package with adjusted patches.

    - install-kolab.sh

	kolab/issue2371 (install-kolab.sh script incompatible with /bin/sh of
	                 e.g. Solaris 10)
	kolab/issue2591 (NTLM support in Cyrus SASL)
	kolab/issue2686 (unquoted wildcards in install-kolab.sh)

    - horde-framework-kolab-3.2_rc3-20080405

	Rename .xpfb to .pxfb.

	kolab/issue2587 (ifb retrieval does not work for aliases anymore)
	kolab/issue2588 (whole day event with show-time-as free gets into the
	                 pfb)

    - horde-kolab-3.2_rc3-20080405

	kolab/issue2134 ([Horde]Unable to send message with attachments)

    - imapd-2.3.11-20080101_kolab4

	kolab/issue1824 (cyrus-imapd segfaults on x86_64)
	kolab/issue2443 (kontact aborts sieve when imapd sends capabilities
	                 after starttls)

    - kolabd-2.1.99-20080521

	Rename .xpfb to .pxfb and xfb-readable to pxfb-readable-for

	kolab/issue2244 (SpamAssassin uses DNS blacklists)
	kolab/issue2436 (delprune setting in cyrus.conf)
	kolab/issue2586 (SPAM filtering: HELO_LOCALHOST score default too high)

    - kolab-filter-2.2.rc3-20080521

	Rename .xpfb to .pxfb.

    - kolab-freebusy-2.2.rc3-20080521

	kolab/issue2536 (generatefb.php doesn't work with folders containing
	                 umlauts)

    - kolab-webadmin-2.1.99-20080521

	Fixes for XHTML strict

	kolab/issue2505 (update of the french translation for kolab-server)
	kolab/issue2538 (Make the location of the Smarty compile directory
	                 configurable)
	kolab/issue2569 (rename of services to settings makes welcome screen
	                 fail)
	kolab/issue2575 (Make background of favicon transparent)

    - openldap-2.3.41-20080424

	New upstream version, fixes various security issues.

    - perl-kolab-2.2.rc3-20080521

	Added Fedora-DS backend (inactive by default)

	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)

    - php-5.2.6-20080514_kolab

	New upstream version, fixes various security issues.

	kolab/issue2519 (Add functionality PHP : GetMYRIGHT)

    - php-kolab-2.2.rc3-20080521

	Rename .xpfb to .pxfb.

	kolab/issue2549 (Resource manager creates events in wrong account)

    - postfix-2.4.6-20080101_kolab

	kolab/issue2346 (Compilation of postfix fails on CentOS 5.1 64Bit)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	fbview-horde-3.2_rc3-20080523
	fbview-kronolith-2.2_rc2-20080523
	horde-framework-kolab-3.2_rc3-20080405
	horde-imp-kolab-4.2_rc3-20080405
	horde-ingo-kolab-1.2_rc2-20080405
	horde-kolab-3.2_rc3-20080405
	horde-kolab-client-0.99-20080405
	horde-kronolith-kolab-2.2_rc2-20080405
	horde-mnemo-kolab-2.2_rc2-20080405
	horde-nag-kolab-2.2_rc2-20080405
	horde-passwd-kolab-3.0.1-20080405
	horde-turba-kolab-2.2_rc3-20080405
	kolab-filter-2.2.rc3-20080521
	kolab-freebusy-2.2.rc3-20080521
	kolab-webadmin-2.1.99-20080521
	kolabconf-2.2.rc3-20080521
	kolabd-2.1.99-20080521
	openldap-2.3.41-20080424
	perl-kolab-2.2.rc3-20080521
	php-kolab-2.2.rc3-20080521

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	apache-php-5.2.6-20080514_kolab
	clamav-0.93-20080414
	imapd-2.3.11-20080101_kolab4
	php-5.2.6-20080514_kolab
	postfix-2.4.6-20080101_kolab

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-rc-1 and 2.2-rc-2

    - clamav-0.92.1-20080213

	New upstream version, fixes various security issues.

    - horde-framework-kolab-3.2_rc1-20080311

	kolab/issue2521 (an event breaking lib/Horde/Kolab/Freebusy.php)

    - imapd-2.3.11-20080101_kolab2

	kolab/issue2535 (group:distributionlist at example.com doesn't work for
	                 Cyrus IMAP ACLs)
	kolab/issue2541 (openpkg rpm -e imapd removes annotations.db and
	                 mailboxes.db)

    - kolabconf-2.2.rc2-20080314

	kolab/issue1550 (Masquerade problem)
	kolab/issue2446 (Make the used syslog facility configureable)

    - kolabd-2.1.99-20080314

	kolabdcachetool: Fix location of graveyard caches.

	Enforce SSL for horde and fbview and corrected Location entries.

	Use https for freebusy look-ups by the resmgr (resmgr didn't work
	when "FreeBusy Service via HTTP" was disabled).

	kolab/issue1693 (Automatically trigger f/b cache regeneration)
	kolab/issue2350 (Email from buggy Lotus notes client not accepted by
	                 Cyrus)
	kolab/issue2358 (mismatch between cyrus-admins and cyrus-admin)
	kolab/issue2446 (Make the used syslog facility configureable)
	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)
	kolab/issue2507 (move session_vars.php to sysconfig directory)

    - kolab-freebusy-2.2.rc2-20080314

	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-webadmin-2.1.99-20080314

	Corrections in the Dutch translation.

	Better LDAP filter when listing admins and maintainers.

	kolab/issue2203 (About Kolab does not list new server components)
	kolab/issue2329 (Domain Maintainer cannot create users)
	kolab/issue2437 (Change name of service tab to settings)
	kolab/issue2505 (update of the french translation for kolab-server)
	kolab/issue2507 (move session_vars.php to sysconfig directory)

    - perl-kolab-2.2.rc2-20080314

	kolab/issue2358 (mismatch between cyrus-admins and cyrus-admin)
	kolab/issue2478 (kolabd memory leak)

    - php-kolab-2.2.rc2-20080314

	Fixed determination of calendar folder owner.  Resmgr wasn't
	able to trigger freebusy list generation.

	kolab/issue1272 (From: header in vacation messages is marked as
	                 "Untrusted")
	kolab/issue1693 (Automatically trigger f/b cache regeneration)
	kolab/issue2466 (How should Kolab Filter handle mails from privileged
	                 networks?)
	kolab/issue2467 (Kolab Filter ignores configuration in 2.2 RC1)
	kolab/issue2487 (Incorrect variable name $fbfilename within
	                 Freebusy/Cache.php)
	kolab/issue2495 (The reply to an invitation with umlauts of a group
	                 account doesn't display the umlauts.)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	horde-framework-kolab-3.2_rc1-20080311
	kolab-filter-2.2.rc2-20080314
	kolab-freebusy-2.2.rc2-20080314
	kolab-webadmin-2.1.99-20080314
	kolabconf-2.2.rc2-20080314
	kolabd-2.1.99-20080314
	perl-kolab-2.2.rc2-20080314
	php-kolab-2.2.rc2-20080314

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_rc1-20071128
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	clamav-0.92.1-20080213
	imapd-2.3.11-20080101_kolab2

      Unchanged:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.5-20080114
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	db-4.5.20.2-20070628
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openldap-2.3.39-20071130
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-locale-5.10.0-20080112
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-text-5.10.0-20080101
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.5-20080114
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101


Changes between 2.2-beta-3 and 2.2-rc-1

    All packages except for openldap and db were upgraded to OpenPKG-CURRENT
    (as of 20080118). The new imapd package was modified to behave like in
    previous server releases, i.e. to not send capabilities after STARTTLS,
    see kolab/issue2443 for details.

    - kolabconf-2.2.rc1-20080204

	Added missing newlines in kolabconf -h

    - kolabd-2.1.99-20080204

	deluser: add missing @ to bindir variable

	Updates for SUSE (support for <= 10.1 is completely dropped)

	kolab/issue26   (Allow to bind to specific IPs)

    - kolab-filter-2.2.rc1-20080204

	kolab/issue2425 (Undefined variable: reject_forged_from_header
	                 reported in fatal.log)

    - kolab-webadmin-2.1.99-20080204

	Fixed some variable initialisations.

	Correction in the Dutch translation.

	Link to favicon.ico so it is still used when running the web interface
	with a different path prefix.

	kolab/issue2439 (Explanation in the section Mail Filter Settings on
	                 the services tab not clear)

    - perl-kolab-2.2.rc1-20080204

	kolab/issue2411 (perl error in LDAP.pm)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Updated:

	imapd-2.3.11-20080101_kolab
	kolab-filter-2.2.rc1-20080204
	kolab-freebusy-2.2.rc1-20080204
	kolab-webadmin-2.1.99-20080204
	kolabconf-2.2.rc1-20080204
	kolabd-2.1.99-20080204
	openldap-2.3.39-20071130
	perl-kolab-2.2.rc1-20080204
	php-kolab-2.2.rc1-20080204

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-framework-kolab-3.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_rc1-20071128
	php-channel-horde-1.0-1
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Added:

	perl-locale-5.10.0-20080112
	perl-text-5.10.0-20080101

      Updated:

	amavisd-2.5.3-20080101
	apache-2.2.8-20080118
	apache-php-5.2.5-20080114
	apr-1.2.12-20080101
	autoconf-2.61-20080101
	automake-1.10-20080101
	bc-1.06-20080101
	binutils-2.18-20080101
	bison-2.3-20080101
	bzip2-1.0.4-20080101
	clamav-0.92-20080101
	config-20060923-20080101
	curl-7.17.1-20080101
	diffutils-2.8.7-20080101
	expat-2.0.1-20080101
	file-4.23-20080101
	flex-2.5.34-20080101
	freetype-2.3.5-20080101
	fsl-1.7.0-20080101
	gcc-4.2.2-20080101
	gd-2.0.35-20080101
	gettext-0.17-20080101
	gmp-4.2.2-20080101
	grep-2.5.3-20080101
	groff-1.19.2-20080101
	gzip-1.3.12-20080101
	imap-2006k-20080101
	jpeg-6b-20080101
	libiconv-1.12-20080101
	libmcrypt-2.5.8-20080101
	libxml-2.6.31-20080111
	libxslt-1.1.22-20080101
	lzo-2.02-20080101
	m4-1.4.9-20080101
	make-3.81-20080101
	mhash-0.9.9-20080101
	mm-1.4.2-20080101
	ncurses-5.6.20080112-20080113
	openpkg-20071227-20071227
	openpkg-tools-1.4.6-20071231
	openssl-0.9.8g-20080101
	pcre-7.5-20080110
	perl-5.10.0-20080103
	perl-comp-5.10.0-20080110
	perl-conv-5.10.0-20080101
	perl-crypto-5.10.0-20080101
	perl-db-5.10.0-20080118
	perl-dns-5.10.0-20080101
	perl-ds-5.10.0-20080104
	perl-ldap-5.10.0-20080101
	perl-mail-5.10.0-20080117
	perl-module-5.10.0-20080101
	perl-net-5.10.0-20080101
	perl-openpkg-5.10.0-20080109
	perl-parse-5.10.0-20080117
	perl-ssl-5.10.0-20080101
	perl-stats-5.10.0-20080101
	perl-sys-5.10.0-20080101
	perl-term-5.10.0-20080116
	perl-time-5.10.0-20080101
	perl-util-5.10.0-20080116
	perl-www-5.10.0-20080103
	perl-xml-5.10.0-20080101
	php-5.2.5-20080114
	pkgconfig-0.23-20080117
	png-1.2.24-20080101
	postfix-2.4.6-20080101
	procmail-3.22-20080101
	readline-5.2.12-20080101
	sasl-2.1.22-20080101
	sed-4.1.5-20080101
	spamassassin-3.2.4-20080107
	texinfo-4.11-20080101
	zlib-1.2.3-20080101

      Unchanged:

	db-4.5.20.2-20070628


Changes between 2.2-beta-2 and 2.2-beta-3:

    All packages except for openldap and db were upgraded to OpenPKG-CURRENT
    (as of 20071206). The package openldap-2.3.39-20071130 was created to
    fix security issues (CVE-2007-5707 and CVE-2007-5708) without upgrading
    to OpenLDAP 2.4.

    - kolabconf-2.2.beta3-20071207

	Fix the install location for kolabconf for the newest MakeMaker.

    - kolabd-2.1.99-20071203

	freebusy_logfile is now freebusy_logdir.

	Updated the template for the restructured kolab-freebusy package.

	Allow postfix smtp and smtps to bind to a specific IP, too.

	Support for the extended free/busy concept.

	Removed resource password handling which is unused since server 2.1.

	kolab/issue2134 ([Horde] Unable to send message with attachments)
	kolab/issue2206 (Multiple deliveries to distribution lists)
	kolab/issue2225 (notifyd logging going into fsl.log)
	kolab/issue2236 (Apache UID access broken)

    - kolab-filter-2.2.beta3-20071203

	Adapted to the restructured php-kolab/Kolab_Filter package.

	Removed resource password handling which is unused since server 2.1.

	kolab/issue2174 (Automatic Invitation Policy not working with invites
	                 as attachment)
	kolab/issue2177 (Better logging in kolabfilter and kolabmailboxfilter)

    - kolab-freebusy-2.2.beta3-20071130

	A fully restructured free/busy with the most recent free/busy
	concept implemented.

	kolab/issue799 (pfb php script cannot handle umlaut and dots in
	                foldernames correctly)
	kolab/issue898 (pfbs from several servers, are not combined into .ifb)

    - kolab-webadmin-2.1.99-20071203

	Improved some message strings.

	Updated German translations.

	Removed resource password handling which is unused since server 2.1.

	Removed obsolete explanation about enabling legacy services.

	kolab/issue1711 (extra space after first name when editing users or
	                 admins)
	kolab/issue1912 (some field descriptions missing in web admin
	                 interface)

    - perl-kolab-2.2.beta3-20071130

	Show component and log level when sending debug log to stdout.

	kolab/issue1313 (resmngr cannot create calendar folder in multidomain
	                 setup)

    - php-kolab-2.2.beta3-20071207

	A fully restructured free/busy with the most recent free/busy
	concept implemented.

	Restructured Kolab_Filter package with the focus on error
	handling and unit testing.

	Fix removal of the empty line between header and body. Added a
	unit test for that.

	kolab/issue1313 (resmngr cannot create calendar folder in multidomain
	                 setup)

    - horde-framework-kolab-3.2_rc1-20071129

	New functionality required for kolab-freebusy.

	Support for the extended free/busy concept.

	kolab/issue2128 (Building horde-framework-kolab without http access
	                 fails)
	kolab/issue2134 ([Horde] Unable to send message with attachments)
	kolab/issue2135 ([horde/turba] Turba should support some more contact
	                 attributes)
	kolab/issue2138 (Horde creates events in main inbox)
	kolab/issue2144 (Calendar items of shared calendar not appearing)

    - horde-kolab-3.2_rc1-20071201

	kolab/issue2101 ([horde] can't delete categories)

    - horde-kronolith-kolab-2.2_rc1-20071129

	kolab/issue2138 (Horde creates events in main inbox)

    - horde-turba-kolab-2.2_rc1-20071128

	kolab/issue2040 (Horde: resouces are not displayed in address book)
	kolab/issue2135 ([horde/turba] Turba should support some more contact
	                 attributes)

    - fbview-kronolith-2.2_rc1-20071129

	Support for the extended free/busy concept.


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Removed:

	kolab-horde-framework (now horde-framework-kolab)

      Added:

	php-channel-horde-1.0-1

      Updated:

	fbview-horde-3.2_rc1-20071201
	fbview-kronolith-2.2_rc1-20071129
	horde-framework-kolab-3.2_rc1-20071129
	horde-imp-kolab-4.2_rc1-20071128
	horde-ingo-kolab-1.2_rc1-20071128
	horde-kolab-3.2_rc1-20071201
	horde-kronolith-kolab-2.2_rc1-20071129
	horde-mnemo-kolab-2.2_rc1-20071128
	horde-nag-kolab-2.2_rc1-20071128
	horde-turba-kolab-2.2_rc1-20071128
	kolab-filter-2.2.beta3-20071203
	kolab-freebusy-2.2.beta3-20071130
	kolab-webadmin-2.1.99-20071203
	kolabconf-2.2.beta3-20071207
	kolabd-2.1.99-20071203
	openldap-2.3.39-20071130
	perl-kolab-2.2.beta3-20071130
	php-kolab-2.2.beta3-20071207

      Unchanged:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	horde-kolab-client-0.99-20071002
	horde-passwd-kolab-3.0.1-20071001
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Updated:

	apache-2.2.6-20071121
	apache-php-5.2.5-20071206
	apr-1.2.12-20071126
	binutils-2.18-20071111
	curl-7.17.1-20071030
	flex-2.5.33-20071104
	fsl-1.7.0-20071027
	gcc-4.2.2-20071031
	gettext-0.17-20071107
	gmp-4.2.2-20071107
	imap-2006j2-20071028
	imapd-2.3.10-20071206
	libiconv-1.12-20071112
	libxml-2.6.30-20071205
	ncurses-5.6.20071201-20071202
	openpkg-20071030-20071030
	openssl-0.9.8g-20071104
	pcre-7.4-20071101
	perl-5.8.8-20071108
	perl-comp-5.8.8-20071201
	perl-crypto-5.8.8-20071110
	perl-db-5.8.8-20071029
	perl-ds-5.8.8-20071114
	perl-mail-5.8.8-20071206
	perl-module-5.8.8-20071206
	perl-net-5.8.8-20071203
	perl-parse-5.8.8-20071129
	perl-ssl-5.8.8-20071026
	perl-stats-5.8.8-20071204
	perl-sys-5.8.8-20071124
	perl-time-5.8.8-20071204
	perl-util-5.8.8-20071203
	perl-www-5.8.8-20071201
	perl-xml-5.8.8-20071121
	php-5.2.5-20071206
	png-1.2.23-20071109
	postfix-2.4.6-20071027
	procmail-3.22-20071027
	sasl-2.1.22-20071206
	spamassassin-3.2.3-20071027

      Unchanged:

	amavisd-2.5.2-20070907
	autoconf-2.61-20070711
	automake-1.10-20061111
	bc-1.06-20061013
	bison-2.3-20070312
	bzip2-1.0.4-20070507
	clamav-0.91.2-20070907
	config-20060923-20061013
	db-4.5.20.2-20070628
	diffutils-2.8.7-20071005
	expat-2.0.1-20070629
	file-4.21-20070829
	freetype-2.3.5-20070720
	gd-2.0.35-20071011
	grep-2.5.3-20070829
	groff-1.19.2-20070113
	gzip-1.3.12-20070623
	jpeg-6b-20070507
	libmcrypt-2.5.8-20070720
	libxslt-1.1.22-20070824
	lzo-2.02-20061013
	m4-1.4.9-20070818
	make-3.81-20061013
	mhash-0.9.9-20070807
	mm-1.4.2-20061013
	openpkg-tools-1.4.5-20070624
	perl-conv-5.8.8-20070526
	perl-dns-5.8.8-20070920
	perl-ldap-5.8.8-20070916
	perl-openpkg-5.8.8-20061013
	perl-term-5.8.8-20070924
	pkgconfig-0.22-20070720
	readline-5.2.7-20070927
	sed-4.1.5-20061013
	texinfo-4.11-20070911
	zlib-1.2.3-20070507


Changes between 2.2-beta-1 and 2.2-beta-2:

    - perl-kolab-2.2.beta2-20071018

	Removed the Kolab-Mailer module.

	Removed "dirserv"-support.

	Replaced path reference to the kolabconf script by a
	configuration variable.

	Replaced statedir path with function argument.

	Replaced several variables originally rewritten during the
	make cycle with values in a central configuration file.

	Converted the package into a standard perl library package.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - php-kolab-2.2.beta2-20071018

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue1637 (Recurrency issues)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolabconf-2.2.beta2-20071018

	New package that holds the kolabconf script.

	Added mechanism to allow config variable replacement in the META
	section.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1879 (kolabconf poor error message in buildCyrusConfig)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolabd-2.1.99-20071018

	Added "discard" service to the postfix master.cf configuration.

	Removed "dirserv"-support.

	Replaced path reference to the kolabconf script by a
	configuration variable.

	Replaced statedir path with function argument in Kolab::LDAP::startup.

	Replaced several variables originally rewritten during the
	make cycle with values in a central configuration file.

	Moved kolabconf into its own package.

	Fixed the apache configuration for the new fbview packages

	Switched from displaying php errors to logging them
	(recommended for production servers).

	Disabled spamd, hourly instead of daily clamav updates.

	Added "with_horde" support.

	Added LDAP attributes 'kolabAllowSMTPRecipient' and
	'kolabPolicyDaemon' in preparation for kolab/issue1340.

	The emailserver_socket is stored in $(libexecdir) and not in
	$(libdir). This fixes an x86_64 issue.

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1025 (loading policy bank "MYUSERS": unknown field
	                 "mynetworks")
	kolab/issue1686 (Remove WebDAV Support)
	kolab/issue1796 (httpd.conf : MISSING Include
	                 "/kolab/etc/apache/apache.d/*.conf")
	kolab/issue1804 (Several files apparently missing in kolabd package)
	kolab/issue1805 (Uncleaned files in kolabd source package)
	kolab/issue1811 (Spurious files in CVS, kolabd directory)
	kolab/issue1861 (imapd.conf.template: primary domain listed twice in
	                 loginrealms)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)
	kolab/issue1895 (switch from virtual_maps to virtual_alias_maps)
	kolab/issue2038 (additional sieve extensions)

    - kolab-filter-2.2.beta2-20071018

	kolab/issue26   (Allow to bind to specific IPs)
	kolab/issue1606 (Allow to run kolab-resource-handlers with PHP cgi)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)

    - kolab-webadmin-2.1.99-20071018

	Clarify web admin description for HTTP FreeBusy switch
	(with updated German translation)

	kolab/issue932  (Illegal values in webadmin cause LDAP errors)
	kolab/issue934  (Remove FTP FreeBusy Service (proftpd))
	kolab/issue1162 (Misplaced title field in webinterface)
	kolab/issue1246 (Permission handling in the webadmin frontend)
	kolab/issue1611 ([webadmin] page.tpl use no valid XHTML)
	kolab/issue1694 (Unable to modify the folder type of an already
	                 created shared folder)
	kolab/issue1781 (Spanish PO File Translation)
	kolab/issue1797 (kolab-webadmin source package missing PO files)
	kolab/issue1800 (kolab-webadmin debian dist_conf smarty location)
	kolab/issue1845 (incorrect check mailForDn for ldap results)
	kolab/issue1862 (dist_conf/kolab: Use settings from OpenPKG
	                 installation)


    Packages in the OpenPKG based Kolab server release:

    - Kolab packages:

      Removed:

	kolab-horde-fbview (now fbview-horde, fbview-kronolith)
	kolab-resource-handlers (now kolab-filter, kolab-freebusy, php-kolab)

      Added:

	PEAR-Auth_SASL-1.0.2-1
	PEAR-Date-1.4.7-1
	PEAR-HTTP_Request-1.4.1-1
	PEAR-Log-1.9.9-1
	PEAR-Mail-1.1.14-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Mail_Mime-1.3.1-1
	PEAR-Net_IMAP-1.1.0beta1-1
	PEAR-Net_LMTP-1.0.1-1
	PEAR-Net_SMTP-1.2.10-1
	PEAR-Net_Sieve-1.1.5-1
	PEAR-Net_Socket-1.0.6-1
	PEAR-Net_URL-1.0.15-1
	fbview-horde-3.2_alpha-20071013
	fbview-kronolith-2.2_alpha-20071001
	horde-framework-kolab-3.2_ALPHA-20071004
	horde-imp-kolab-4.2_alpha-20071004
	horde-ingo-kolab-1.2_alpha-20071004
	horde-kolab-3.2_alpha-20071013
	horde-kolab-client-0.99-20071002
	horde-kolab-client-0.99-20071002
	horde-kronolith-kolab-2.2_alpha-20071004
	horde-mnemo-kolab-2.2_alpha-20071001
	horde-nag-kolab-2.2_alpha-20071004
	horde-passwd-kolab-3.0.1-20071001
	horde-turba-kolab-2.2_alpha-20071002
	kolab-filter-2.2.beta2-20071018
	kolab-freebusy-2.2.beta2-20071018
	kolabconf-2.2.beta2-20071018
	php-kolab-2.2.beta2-20071018

      Updated:

	kolab-webadmin-2.1.99-20071018
	kolabd-2.1.99-20071018
	perl-kolab-2.2.beta2-20071018

      Unchanged:

	kolab-horde-framework-2.1.99-20070607
	php-smarty-2.6.18-20070607

    - OpenPKG packages:

      Removed:

	apache2 (renamed to apache)
	apache2-php (renamed to apache-php)
	getopt (was needed by proftpd)
	proftpd (obsolete)
	pth (openldap is now built without pth)
	sharutils (no package requires this)

      Added:

	apache-2.2.6-20070910
	apache-php-5.2.4-20071015
	apr-1.2.11-20070907
	freetype-2.3.5-20070720
	gd-2.0.35-20071011
	jpeg-6b-20070507
	libmcrypt-2.5.8-20070720
	mhash-0.9.9-20070807
	png-1.2.22-20071014

      Updated:

	amavisd-2.5.2-20070907
	autoconf-2.61-20070711
	binutils-2.18-20070829
	clamav-0.91.2-20070907
	curl-7.17.0-20071009
	db-4.5.20.2-20070628
	diffutils-2.8.7-20071005
	expat-2.0.1-20070629
	file-4.21-20070829
	gcc-4.2.2-20071016
	gettext-0.16.1-20070930
	grep-2.5.3-20070829
	gzip-1.3.12-20070623
	imap-2006j2-20071012
	imapd-2.3.9-20071015
	libxml-2.6.30-20070824
	libxslt-1.1.22-20070824
	m4-1.4.9-20070818
	ncurses-5.6.20071013-20071014
	openldap-2.3.38-20071012
	openpkg-20071018-20071018
	openpkg-tools-1.4.5-20070624
	openssl-0.9.8f-20071017
	pcre-7.4-20070921
	perl-5.8.8-20071011
	perl-comp-5.8.8-20071005
	perl-crypto-5.8.8-20070929
	perl-db-5.8.8-20070711
	perl-dns-5.8.8-20070920
	perl-ds-5.8.8-20071008
	perl-ldap-5.8.8-20070916
	perl-mail-5.8.8-20070928
	perl-module-5.8.8-20070928
	perl-net-5.8.8-20070829
	perl-parse-5.8.8-20071018
	perl-ssl-5.8.8-20071017
	perl-stats-5.8.8-20070708
	perl-sys-5.8.8-20071018
	perl-term-5.8.8-20070924
	perl-time-5.8.8-20071006
	perl-util-5.8.8-20071015
	perl-www-5.8.8-20071010
	perl-xml-5.8.8-20070929
	php-5.2.4-20071012
	pkgconfig-0.22-20070720
	postfix-2.4.5-20070908
	procmail-3.22-20070720
	readline-5.2.7-20070927
	sasl-2.1.22-20071009
	spamassassin-3.2.3-20070810
	texinfo-4.11-20070911

      Unchanged:

	automake-1.10-20061111
	bc-1.06-20061013
	bison-2.3-20070312
	bzip2-1.0.4-20070507
	config-20060923-20061013
	flex-2.5.33-20070507
	fsl-1.7.0-20070316
	gmp-4.2.1-20061222
	groff-1.19.2-20070113
	libiconv-1.11-20061013
	lzo-2.02-20061013
	make-3.81-20061013
	mm-1.4.2-20061013
	perl-conv-5.8.8-20070526
	perl-openpkg-5.8.8-20061013
	sed-4.1.5-20061013
	zlib-1.2.3-20070507


Changes between 2.1.0 and 2.2-beta1:

    All components except for OpenLDAP were upgraded to
    OpenPKG-CURRENT (as of 20070608), most noteworthy:

	amavisd 2.5.1
	apache 2.2.4
	imapd 2.3.8
	php 5.2.3
	postfix 2.4.3
	spamassassin 3.2.0

    - perl-kolab-5.8.8-20070608

	kolab/issue1679 (Update template META mechanism to support service
	                 restarts)

    - kolabd-2.1.99-20070612

	kolab/issue919  (kolab server has problems with some characters in
	                 passwords)
	kolab/issue1126 (ldap_simple_bind() failed and Domain/Realm not
	                 available) - partial fix
	kolab/issue1679 (Update template META mechanism to support service
	                 restarts)
	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-resource-handlers-2.1.99-20070612

	added location to xpfb events

	kolab/issue1693 (Automatically trigger f/b cache regeneration)

    - kolab-webadmin-2.1.99-20070607

	kolab/issue1610 (Use <label> for forms in webadmin)
	kolab/issue1615 (Use <label> also for login page)
	kolab/issue1618 (Add missing headings)
	kolab/issue1619 (Add CSS file for printing)
	kolab/issue1620 (fix invalid XHTML in form.class.php)
	kolab/issue1742 (Do not modify the objectclasses of an existing object)
	kolab/issue1744 (No "User Deleted, awaiting cleanup" for admins and
	                 domain maintainers)


-------------------------------------------------------------------------------

Differences between Kolab 2.0 and 2.1:

    - Simple multi-domain support

	The Kolab server can now accept mail for multiple email domains.
	There is also a new class of maintainers which are only allowed
	to manage settings for a subset of the mail domains of the kolab
	server.

    - Hashed IMAP spool

	The default imapd configuration has been changed to enable the
	hashimapspool option, which allows the Cyrus IMAP server to run
	more efficiently especially when you have many mailboxes.

    - Improvements, bugfixes and upgraded software components

	The 2.1 release received many improvements and bugfixes for issues
	found in the 2.0 versions and during the long beta and rc phase.
	Additionally many software components have been upgraded to new
	upstream versions.


Changes between 2.1-rc-2 and 2.1.0:

    - Documentation

	Documented workaround for libdb3 conflict in README.1st

	Added instructions for automatically upgrading the free/busy cache.

    - amavisd-2.3.3-2.5.0_kolab

	kolab/issue1447 (Virus Scanning: Inserted note when partially scanned
	                 ugly)

    - kolabd-2.1.0-20070510

	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1560 (postfix modifies message/rfc822 MIME parts)
	kolab/issue1608 (A patch for kolabd to include the horde LDAP schema)

    - kolab-resource-handlers-2.1.0-20070510

	Generate a single To: header listing all recipients when forwarding
	encapsulated iCal messages.

	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1422 (Dummy freebusy info)

    - kolab-webadmin-2.1.0-20070510

	kolab/issue1616 (Use different cursor for <label> tags)
	kolab/issue1617 (fix small inconsistency in german translation)


Changes between 2.1-rc-1 and 2.1-rc-2:

    - apache-1.3.33-2.5.6_kolab2

	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)

    - clamav-0.90.2-20070413_kolab

	New upstream version, fixes various security issues.

    - file-4.15-2.5.0_kolab2

	Fix for security issue described in CVE-2007-1536:
	buffer overflow, remotely exploitable due to the usage of file in
	amavisd-new

    - fsl-1.7.0-20070303

	New upstream version.

	kolab/issue1172 (Cyrus Imapd dies when logfile exceeds 2 GiB)

    - php-4.4.0-2.5.2_kolab2

	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)

    - spamassassin-3.1.0-2.5.1_kolab

	Fix for security issue described in CVE-2007-0451:
	possible DoS due to incredibly long URIs found in the message content

	Disabled external DNS and URI blacklists, because some of these
	services require payment if used for many mailboxes.

	Ignore headers inserted on the receiving side for bayes filtering.

    - perl-kolab-5.8.7-20070420

	Added debug option for verbose logging to stderr.

    - kolabd-2.1.0-20070420

	Fix the path to the freebusy directory for non-OpenPKG installations.

	Fix usage of tar and modification of rc.conf during slave setup for
	non-OpenPKG installations.

	Don't pass notifications and quarantined mails through amavisd-new.

	Updated configuration templates for ClamAV 0.90

	Updated openldap monitor configuration.

	Updated cyrus imapd configuration to use cyr_expire.

	kolab/issue954  (kolab server rejects mails that should be marked
	                 untrusted)
	kolab/issue1538 (outlook invitation forwarding broken in Kolab server
	                 2.1)
	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)
	kolab/issue1609 ("kolab --help" tries to execute *all* commands)
	kolab/issue1638 (kolabconf generates broken resmgr.conf)
	kolab/issue1680 (/kolab/bin/kolab fix)

    - kolab-horde-fbview-2.1.0-20070420

	Updated version number, no other changes since 2.1rc1

    - kolab-resource-handlers-2.1.0-20070420

	Improved logging for opening pfbcache.db

	kolab/issue954  (kolab server rejects mails that should be marked
	                 untrusted)
	kolab/issue1538 (outlook invitation forwarding broken in Kolab server
	                 2.1)
	kolab/issue1607 (need to replace gdbm for pfbcache, because of license
	                 clash gdbm vs php)
	kolab/issue1659 (Freebusy assumes that all day events last exactly one
	                 day)

    - kolab-webadmin-2.1.0-20070420

	Updated Dutch and German translations.

	kolab/issue1457 (updated French translation)
	kolab/issue1612 (modify user ignores account type)
	kolab/issue1614 (ldap_add() - Constraint violation on change user
	                 account type)
	kolab/issue1630 (Domain maintainer can see distribution lists from
	                 other domains)
	kolab/issue1652 (Import users from ldif and LDAP Constraint violation)
	kolab/issue1654 (New LDAP overlay prevents modification of
	                 distribution lists)
	kolab/issue1663 (It is possible to create domain maintainers without
	                 domains)
	kolab/issue1670 (Renaming a domain maintainer twice within the same
	                 form fails)


Changes between 2.1-beta-4 and 2.1-rc-1:

    - kolabd-2.0.99-20070205

	kolab/issue1335 (pfbcache.db locking problems)
	kolab/issue1507 (Public viewable phpinfo() and more in Server default
	                 installation)
	kolab/issue1550 (Masquerade problem, corrected template)
	kolab/issue1563 (freebusy.conf template doesn't match freebusy.conf
	                 from package)
	kolab/issue1575 (Openldap enhanced data integrity)

    - kolab-webadmin-2.0.99-20070205

	Disabled Spanish language selection from web admin interface, because
	of missing translation.

	kolab/issue1479 ("Type" of shared folder can only be modified in 2nd
	                 try)
	kolab/issue1486 ("About Kolab" in Webinterface needs work over)
	kolab/issue1539 (extension to the opening text, when the manager logs
	                 in for the 1st time)
	kolab/issue1559 (Domain Maintainer cannot delete "his" users)
	kolab/issue1586 ("Required field" not translated to German in web
	                 admin)
	kolab/issue1592 (LANGUAGE variable overrides web admin language
	                 selection)


Changes between 2.1-beta-3 and 2.1-beta-4:

    - clamav-0.88.7-20061211

	bypass virus detection (CVE-2006-6406),
	denial of service, remotely exploitable (CVE-2006-6481)
	(http://kolab.org/security/kolab-vendor-notice-14.txt)

    - kolabd-2.0.99-20070117

	Updated proftpd.conf template: LDAPHomedirOnDemand(Prefix) is
	now named LDAPGenerateHomedir(Prefix).

	Set imapidlepoll to 5 seconds in imapd.conf.template.in.

	kolab/issue1433 (Some files in /kolab/etc/postfix have wrong ownership)
	kolab/issue1484 (Warnings using openldap = 2.3.27-2.20061018_kolab)
	kolab/issue1487 (amavisd.conf mynetworks incomplete)
	kolab/issue1531 (amavisd.conf local_domains only contains primary
	                 domain)
	kolab/issue1532 (Set "duplicatesuppression: 0" in imapd.conf.template?)

    - kolab-horde-fbview-2.0.99-20070112

	Improvements to the week view (part of kolab/issue666)

	Removed dangerous php scripts (part of kolab/issue1507)

    - kolab-resource-handlers-2.0.99-20070117

	kolab/issue1490 (freebusy cache written to /kolab/kolab/...)
	kolab/issue1512 (No FB information for resource accounts)
	kolab/issue1558 (kolab-webadmin and php 5.2.0)

    - kolab-webadmin-2.0.99-20070117

	kolab/issue1013 (user passwords sha1 encoded without salt)
	kolab/issue1262 (Setting quota to 4096+ MB breaks message delivery)
	kolab/issue1418 (fields visible even when attribute_access is "hidden"
	                 in session_vars.php)
	kolab/issue1540 (Typo on kolab/admin/service page)
	kolab/issue1555 (Login screen shows error msg for no good reason)

    - openldap-2.3.29-2.20061110_kolab

	New upstream version, fixes CVE-2006-5779 (Bugtraq ID 20939)

    - perl-kolab-5.8.7-20070117

	Only print warning about missing configuration variable if relevant.

	kolab/issue1550 (Masquerade problem)


Changes between 2.1-beta-2 and 2.1-beta-3:

    - openpkg-2.5.4-2.5.4

	New upstream version.

    - apache-1.3.33-2.5.6

	denial of service and possibly arbitrary code execution via crafted
	URLs that are not properly handled using certain rewrite rules.
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html

    - gzip-1.3.5-2.5.1

	denial of service, arbitrary code execution
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html

    - curl-7.15.0-2.5.2

	buffer overflow
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.012-curl.html

    - openssl-0.9.8a-2.5.4

	denial of service, may allow execution of arbitrary code
	(http://kolab.org/security/kolab-vendor-notice-12.txt)

    - clamav-0.88.5-2.20061018

	buffer overflow, remotely exploitable (CVE-2006-4018)
	(http://kolab.org/security/kolab-vendor-notice-10.txt)

	heap overflow, remotely exploitable (CVE-2006-4182),
	denial of service, remotely exploitable (CVE-2006-5295)
	(http://kolab.org/security/kolab-vendor-notice-13.txt)

    - file-4.15-2.5.0_kolab

	kolab/issue1458 (Password protected .sxw files can be banned by
	                 amavisd, as a result of the file command)

    - openldap-2.3.27-2.20061018_kolab

	New upstream version, fixes CVE-2006-4600 (Bugtraq ID 19832)
	and other problems.

	kolab/issue1229 (Master openldap's slurpd fails to start after
	                 adding slave)
	kolab/issue1431 (Slave cannot access master ldap server via SSL)

    - imapd-2.2.12-2.5.0_kolab2

	Fix folder structure for foldernames with non-alphanumeric characters,
	when using skiplist as the database backend for mailboxes.db.

    - perl-kolab-5.8.7-20061110

	kolab/issue1194 (serious performance problem on high number of users)

    - kolabd-2.0.99-20061110

	Added missing relay service for postfix.

	Changed main.cf masquerading defaults so email to
	user at machine.example.org is actually delivered.

	Use mailbox_transport instead of local_transport for
	kolabmailboxfilter to work around issue825.

	Removed doubled attribute cyrus-autocreatequota.

	Added indexes for delegate and delete.

	Updated freebusy.conf template for freebusy IMAP caching.

	Changed imapd.conf template to use berkeley db instead of
	skiplist for annotations.db and mailboxes.db as a workaround
	for kolab/issue840 (Annotations needs to be more robust).

	kolab/issue824  (kolabmailboxfilter run once for each recipient)
	kolab/issue1264 (Add support for sieve based notifications)
	kolab/issue1273 (Sending as delegate broken in Kolab server 2.1)
	kolab/issue1428 (Fixed locking issue)
	kolab/issue1433 (Some files in /kolab/etc/postfix have wrong ownership)

    - kolab-webadmin-2.0.99-20061110

	Fixes for setting folder type of shared folders.

	Guard against large number of users.

	kolab/issue1457 (updated French translation)

    - kolab-resource-handlers-2.0.99-20061110

	Improvements and fixes for freebusy IMAP caching.

	kolab/issue815  (invitation replies vanish in resmgr)
	kolab/issue957  (All-day events from Outlook don't show up in freebusy)
	kolab/issue974  (Localize the text for rewritten From: headers)
	kolab/issue1042 (empty lines at the end of mails delivered via LMTP)
	kolab/issue1352 (resmgr can create wrong range dates)
	kolab/issue1387 (resmgr replies to replies creating mail loop)
	kolab/issue1422 (Dummy freebusy info)


Changes between 2.1-beta-1 and 2.1-beta-2:

    OpenPKG updates:

      openpkg-2.5.2-2.5.2
      openpkg-registry-0.2.7-20060223
      libxslt-1.1.15-2.5.1
      php-smarty-2.6.10-20051003
      clamav-0.88.2-20060524

      binutils-2.16.1-2.5.1
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.009-binutils.html

      openldap-2.3.11-2.5.1
	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.008-openldap.html


    Kolab updates:

      More distconf changes by Richard Bos and Markus Huewe.

      - perl-kolab-5.8.7-20060619

	kolab/issue1194 (kolabd quota performance)
	kolab/issue1220 (postfix permissions)
	kolab/issue1237 (Handling of @@@var@@@ in Conf.pm (Gunnar Wrobel))

      - kolabd-2.0.99-20060619

	* The default imapd configuration has been changed to enable the
	  hashimapspool option.  This affects the upgrade procedure.
	  See 1st.README for upgrade instructions.

	* amavis now logs to /kolab/var/amavisd/amavisd.log.  This is
	  part of the fix for Issue1015

	kolab/issue1015 (fixing logging and logrotate for amavisd)
	kolab/issue1089 (enable hashimapspool for imapd to cope with many users)
	kolab/issue1101 (allowapop: no; disable apop access to imapd by default)
	kolab/issue1105 (fix compilation of kolabd on FreeBSD)
	kolab/issue1257 (wrong attribute name for imap quota)

      - kolab-webadmin-2.0.99-20060619

	* patch from Tobias Koenig in order to support setting of
	  foldertype for public folders

	kolab/issue848 (Modifying address book entry may break distribution list)
	kolab/issue1106 (email validation in webgui)
	kolab/issue1214 (number of days for vacation messages on webinterface)
	kolab/issue1263 (Bug in the shared folders folder-type code) [Wrobel]

      - kolab-resource-handlers-2.0.99-20060619

	* create empty pfbcache.db if missing

	kolab/issue973 (quoting and rewriting From header)
	kolab/issue966 (Wrong CN for resource accounts)
	kolab/issue1042 (server modifies email content)
	kolab/issue1195 (error message in bounce)
	kolab/issue1243 (rewriting fails when "From:" contains quoted printable)
	kolab/issue1245 (rewriting problems on folded Header "From:"-line)


$Id: release-notes.txt,v 1.348 2008/12/12 18:05:34 thomas Exp $
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
Url : http://kolab.org/pipermail/kolab-announce/attachments/20081212/7d077f3f/attachment-0001.bin