2014-04-03

Software Version 6.1.4

Future-proof SSL encryption with Perfect Forward Secrecy

Encryption of the SSL and SSH connections hardend

• Enable Perfect Forward Secrecy (PFS) for SSL encryption. This prevents the subsequent decryption of intercepted data if the private key becomes known.
• Strong encryption is available for HTTPS, IMAPS, POP3S, SMTP submission and ActiveSync protocols
• For existing systems, the hardened SSL encryption can be activated under "System > Web Interface > Security" under the "Encryption strength" menu item. New installations use the strong encryption automatically.

New version of the web server and proxy antivirus

• Files larger than 2 GB can now be downloaded via the proxy
• Web interface acceleration, web groupware, proxy antivirus and ActiveSync

More improvements

• Notification emails from the fax system now use the postmaster address as sender
• Spam filter adapted to changed spam characteristics
• Simplified representation of the licensed functions under "Information > License"
• Improving security on the Linux base system (freetype-2.4.12: CVE-2014-2240 and CVE-2014-2241, net-snmp-5.7.2.1: CVE-2014-2284, python3: CVE-2014-1912, samba-3.6.23: CVE-2013-4496, socat 1.7.2.3: CVE-2014-0019)
• Linux basic services update (kernel-3.4.84, httpd-2.4.9, openssh-6.6p1, openssl-1.0.1f, tcpdump-4.5.1)

Back to overview