2017-12-14

Software Version 6.4.13

Advanced filter settings for PDF files

• Exceptions for encrypted PDF files per sender and recipient group configurable in email attachment filter
• Three security levels can be set: "Deliver email unchanged", "Change subject" or "Quarantine email", the release takes place after verification by the recipient
• Configurable in the menu "Services > Email filter > Attachment > Filter lists" under "Encrypted archives: Lock"

Further improvements

• New protections in email attachment filter detect malicious DDE formulas and OLE objects in Office files
• Proxy with authentication now supports DIGEST-MD5 encrypted password verification method. Can be activated under "Services > Proxy > Settings".
• Extension of the antivirus cloud to reduce false detections. When operating behind a firewall, outgoing access via HTTPS to the host "avfpc.intra2net.com" is required
• SAVAPI Antivirus Engine Update
• Certificate expiration can now be monitored via SNMP
• Import of private keys in PKCS#12 format fixed
• Updated version of Samba server for file sharing and remote drop. Please check after the update if the backup is performed correctly
• Requesting server-side delivery notifications (DSN) for emails disabled
• Cumulative security update fixes 66 vulnerabilities
  (ImageMagick-7.0.7-11, c-ares: 1.13.0: CVE-2017-1000381, curl-7.57.0: CVE-2017-7407, CVE-2017-1000254, CVE-2017-8817 und CVE-2017-8818, elfutils-0.169: CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612 und CVE-2017-7613, expat-2.2.4: CVE-2017-9233 und CVE-2016-9063, freetype-2.6.5, glibc-2.17: CVE-2016-4429 und CVE-2017-12133, CVE-2017-1000366 und CVE-2017-15670, httpd-2.4.29: CVE-2017-9798, kernel-3.14.79: CVE-2017-11473, CVE-2017-11176, CVE-2017-7533, CVE-2017-7308, CVE-2017-1000111, CVE-2017-1000365, CVE-2017-1000364, CVE-2017-7616, CVE-2017-7645, CVE-2017-7895, CVE-2017-1000112, CVE-2017-16939, CVE-2017-16994, CVE-2017-11600 und CVE-2017-8824, libgcrypt-1.8.1: CVE-2017-7526, libgd-2.2.5: CVE-2017-6362 und CVE-2017-7890, libpng-1.6.32, libtiff-4.0.9, openssl-1.0.2n: CVE-2017-3735 und CVE-2017-3737, pcre-8.41: CVE-2017-6004, CVE-2017-7244 und CVE-2017-7186, php-5.6.32, php-horde-Horde_Form-2.0.6: XSS-Lücke, php-horde-Horde_Url-2.2.2: XSS-Lücke, poppler-0.57: CVE-2017-14520, CVE-2017-14517, CVE-2017-14518, CVE-2017-14519, CVE-2017-14617, CVE-2017-14926, CVE-2017-14927, CVE-2017-14928, CVE-2017-14929 und CVE-2017-15565, rsync-3.1.2: CVE-2014-9512, samba-4.7.3: CVE-2017-14746 und CVE-2017-15275, sqlite-3.14.2: CVE-2017-7000 und CVE-2017-10989, util-linux-2.28.2: CVE-2017-2616)
• Updating Linux basic services
  (authconfig-7.0.1, bash-4.4.12, bind-9.10.6, binutils-2.29.1, coreutils-8.28, findutils-4.6.0, gettext-0.19.8.1, grub2-2.02, krb5-1.15.2, libarchive-3.2.2, libtool-2.4.6, memtest86+-5.0.1, microcode_ctl-2.1-13, mISDN-2.0.36, mISDNuser-2.0.22, python-oledump-0.0.30, python-oletools-0.52.9, python-pyro-4.63, python-serpent-1.23, savapi-4.7.0, squid-3.5.27, tmux-2.6)

Back to overview