This time we had a short cycle and only a few updated packages, but I really wanted to get the 2.3.4 release out the door. It fixes not only the annoying build error that affected many people but also includes another fix for the Range header DoS vulnerability in the Apache webserver.
- apache: Security update to 2.2.21 fixes CVE-2011-3192.
- imapd: The build error in imapd was fixed.
- kolab-webadmin: The ActiveSync configuration is back again.
- kolab-z-push: New version with bugfixes for various Nokia phones.
- z-push: New upstream version with many bugfixes.
For a complete list of changes please refer to the release notes.
The upgrade form 2.3.1 is straight forward, there is nothing special you need to care about. If you are upgrading from 2.2.4, please follow the instructions to upgrade from 2.2.4 to 2.3.0 as outlined in the 1st.README file.
Documentation and OpenPKG packages are available as shown on the download page. Binary packages for Debian GNU/Linux 6.0 (Squeeze/stable) and 5.0 (Lenny/oldstable) on x86 platforms can be found next to the sources. As soon as they have synced, you can also use the mirrors.
You can check the integrity of the downloaded files by importing our file distribution key and verify the OpenPGP signature and SHA1 checksums:
$ wget https://ssl.intevation.de/Intevation-Distribution-Key.asc $ gpg --import Intevation-Distribution-Key.asc $ gpg --verify SHA1SUMS.sig $ sha1sum -c SHA1SUMS
Please report bugs in our bug tracker.