Downloads MUST be applied from the bottom of the page to the top, as they must be applied in chronlogical order. Application of these patches in improper order will likely result in problems with the Sun Cobalt™ product.

Note: For all previous updates, please see http://ftp.cobalt.sun.com

The md5sums listed below are for the unzipped ISO image files and not for the .gz files

Tar & Unzip Security update 5.0.1

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. See http://www.securityfocus.com/archive/1/196445 for more information.

Reboot Required: No

MD5 Check Sum: cd04708b43ae036522b6fbe4a3a23812

Split-Logs update

This fixes a split_logs bug that prevents statistics from being reported properly. it also ensures that the raq3 has the latest version of analog.

Reboot Required: No

MD5 Check Sum: 1cb908bece2ddee8fe96a3ea834beb25

Cgiwrap update 5.0.1

This package addresses a cross-site scripting vulnerablity with cgiwrap when used with browsers that ignore input before the HTML and BODY tags.

Reboot Required: No

MD5 Check Sum: 86641d66b6fa9f65bdbae463e89b6add

Proftpd Security Update 5.0.1

This patch fixes an upload file permission issue in proftpd. It also adds an extra security measure by preventing some default system accounts from logging in via ftp

Reboot Required: No

MD5 Check Sum: 561ec46397f9d69848621c9291a46de7

Util-linux update 5.0.1

The chfn binary from the util-linux package could be used to gain unauthorized access.

Reboot Required: No

MD5 Check Sum: 472af00288673e91665ce9335e8b0256

Kernel Update 5.0.1 C33

Kernel C33 fixes the "do_try_to_free_pages failed" VM problem under heavy load and also adds support for raw I/O.

Reboot Required: Yes

MD5 Check Sum: 17684f6f40127b440b010fa1378bd67b

Imap Update 5.0.1

This patch fixes a Remote Buffer Overflow in imapd.

Prerequisites : OS Update 5.0

Reboot Required: No

MD5 Check Sum: 9566be2ef40750b125cd801e10fbf184

OS Update 5.0

Prerequisites:

• Kernel C32: RaQ3-All-Kernel-4.0.1-2.2.16C32III-4.pkg
• Glibc update: RaQ3-All-Security-4.0.1-13453.pkg
• Apache & SSL Update: RaQ3-All-Security-4.0.1-1-15787.pkg

• Some FPX elements didn't work on the mainsite with SSL enabled.
• Email format checking on server management's administrator page's.
• Email alert for a full partition had wrong format.
• Mailing list Password field was shown in clear text, now shows "*"s.
• Deleting a user could corrupt mailing list.
• Changing virtual site IP address could cause FPX problems.
• Could not set IP address containing 255 (i.e. 10.6.255.3).
• Incorrect alert text when deleting bandwidth limit.
• Localhost entry is now allowed in DNS settings.
• Incorrect quota set for anonymous FTP.
• Error when going to siteadmin for a virtual site on a different IP address than the main site.
• Disabling APOP didn't disable it correctly for all users.
• Some error icons were not displayed correctly when a page isn't found.
• Leading non-significant zeroes in IP addresses can cause site to be unreachable.
• FPX for virtual site users when there's not enough disk space left.
• Secondary domains that start with a number would display incorrectly in DNS.
• Administrative Email forwarding can now accept valid special characters.
• Suspended user are not re-activated when a suspended site is activated.
• New feature ServerAlias / Email ServerAlias backported from Raq4.
• After Rebooting unit, bandwidth limits would not work.
• Prevent the virtual site's fqdn from being entered as the email server alias.

• RaQ3-All-Kernel-4.0.1-2.2.16C32III-4.pkg
• RaQ3-All-ChiliASP-4.0.1-9844.pkg
• RaQ3-All-System-4.0.1-8372.pkg
• RaQ3-All-System-4.0.1-8572.pkg
• RaQ3-All-System-4.0.1-9259.pkg
• RaQ3-All-System-4.0.1-9447.pkg
• RaQ3-All-System-4.0.1-9819.pkg
• RaQ3-All-System-4.0.1-9882.pkg
• RaQ3-All-System-4.0.1-9925.pkg
• RaQ3-All-System-4.0.1-10659.pkg
• RaQ3-All-System-4.0.1-10765.pkg
• RaQ3-All-System-4.0.1-12854.pkg
• RaQ3-All-System-4.0.1-13993.pkg
• RaQ3-en-System-4.0.7-9229.pkg
• RaQ3-ja-System-4.0.7-9229.pkg
• RaQ3-All-Security-4.0.1-8532.pkg
• RaQ3-All-Security-4.0.4-8762.pkg
• RaQ3-All-Security-4.0.1-8747.pkg
• RaQ3-All-Security-4.0.2-9077.pkg
• RaQ3-All-Security-4.0.1-9078.pkg
• RaQ3-All-Security-4.0.1-9353.pkg
• RaQ3-All-Security-4.0.2-9353.pkg
• RaQ3-All-Security-4.0.3-9353.pkg
• RaQ3-All-Security-4.0.1-9531.pkg
• RaQ3-All-Security-4.0.1-9648.pkg
• RaQ3-All-Security-4.0.2-9648.pkg
• RaQ3-All-Security-4.0.1-9713.pkg
• RaQ3-All-Security-4.0.2-9769.pkg
• RaQ3-All-Security-4.0.1-9878.pkg
• RaQ3-All-Security-4.0.1-9972.pkg
• RaQ3-All-Security-4.0.1-10014.pkg
• RaQ3-All-Security-4.0.1-10098.pkg
• RaQ3-All-Security-4.0.1-10108.pkg
• RaQ3-All-Security-4.0.1-10125.pkg
• RaQ3-All-Security-4.0.1-10260.pkg
• RaQ3-All-Security-4.0.1-10628.pkg
• RaQ3-All-Security-4.0.1-10749.pkg
• RaQ3-All-Security-4.0.1-10750.pkg
• RaQ3-All-Security-4.0.1-13453.pkg
• RaQ3-All-Security-4.0.1-13323.pkg
• RaQ3-All-Security-4.0.1-14559.pkg
• RaQ3-All-Security-4.0.1-15417.pkg

Reboot Required: Yes

MD5 Check Sum: 0a37c3b23af1a16a8cb5296becefebe6

Apache & SSL Update 2.0.1

This patch fixes multiple security issues with the Apache HTTP Server and OpenSSL. For more information please see:
http://online.securityfocus.com/advisories/4254
http://sunsolve.sun.com/retrieve.do?doc=fsalert%2F45509&zone_32=category%3Asecurity

Reboot Required: Yes

MD5 Check Sum: b31690ce793bb02206316e9c43f61274

CGIWrap Update 4.0.1

This package contains an updated CGIWrap that addresses a security issue recently discovered. For more information, please see: http://online.securityfocus.com/bid/3084

Reboot Required: No

MD5 Check Sum: a1223541848269f712228f86e6bdb805

Apache Update 4.0.1

This package contains an updated Apache HTTP Server that addresses a security issue recently discovered. For more information, please see http://httpd.apache.org/info/security_bulletin_20020617.txt

MD5 Check Sum: c2f015c6a1e3768f95df86c42940cbcf

Reboot Required: Yes

TCPDUMP Update 4.0.1

This patch replaces the TCPDUMP network analysis tool with a new version. This version of TCPDUMP contains security fixes for issues that were found in prior releases of TCPDUMP for the Sun Cobalt Server Appliance.

MD5 Check Sum: 045dd7eedcb797bbc5bdb79035baa5fd

Reboot Required: No

Security Bundle 4.0.1

This package upgrades the following programs for security related issues:

• ProFTPd 1.2.4-stackguardC4
• Pine 4.44-C1
• binutils 2.11.90.0.8-12c1r4
• cvs 1.11.1p1-6.2C1r4
• libstdc++ 2.95.3-1c1r4
• GCC 2.95.3-1c1r4
• sed 3.02-9
• zlib 1.1.3-25.7

MD5 Check Sum: 9f881a05deb562563202c637f154e83a

Reboot Required: No

Duplicate Email Alias Update 4.0.1

This patch filters email alias entries preventing duplicate virtusertable entries on your server appliance.

MD5 Check Sum: 4b8fa2cc14766fadda643f734c3041d4

Reboot Required: No

glibc Update 4.0.1

This updates the version of glibc to fix a known vulnerability with file globbing functionality. See the following link for details: http://online.securityfocus.com/bid/3707

MD5 Check Sum: 47020d56c4c08c995b934f108ebec0da

Reboot Required: Yes

DNS Update 4.0.1

This package fixes a number of issues within Sun Cobalt's DNS configuration and management interface and it's interactions with the nameserver. Moreover, after this patch, the administrator will have more options in specifying the method of RFC 2317 style reverse subnet delegation.

MD5 Check Sum: 1eafe1b1a10348ce32d4990126b98a87

Reboot Required: No

Kernel Update 4.0.1

Updates Kernel version to C32 to fix following security alert. http://www.securityfocus.com/advisories/3607/

NOTE: This package is for Sun Cobalt RaQ 3 Non-StaQware systems only. If you have StaQware running, please install kernel update at http://www.cobalt.com/support/download/staqwareraq3.html

MD5 Check Sum: 4e176307b18b559df3e0180f62fca1ed

Reboot Required: Yes

Running Bind as Named Update 4.0.1

This patch addresses an issue with the way named is run on Sun Cobalt server appliances. Currently, named is run with root permissions, this patch adds a user named 'named', and installs new initscripts to startup named with the proper arguments to run as the user named.

MD5 Check Sum: 2b25618a23078adf303a10d0467d67d2

Reboot Required: Yes

Kernel Update 4.0.1

Update Kernel to version C28.

MD5 Check Sum: 3d5d2971906ec2c244c9b32b5b7f044b

Reboot Required: Yes

Poprelayd 2.0-5 Update 4.0.1

This patch upgrades the version of poprelayd to 2.0-5. This version of poprelayd contains various security fixes for issues that were found in poprelayd v1.2.

MD5 Check Sum: 34df29fb6e9d601a0a9c91a40ba93d60

Site Usage UI Update 4.0.1

The Sun Cobalt RaQ 3 Site Usage UI displays multiple/duplicate entries in the "Reports to Generate" scrolling window over a span of months (an entry for each month). This patch fixes this by not providing duplicate entries. This patch also sorts the selections.

MD5 Check Sum: 7bd6d706d297c14037e8c670b714584a

Log Files Update 4.0.1

Log files are currently stored on the root partition of the server. The root partition is small, and systems storing larger than normal log files may be corrupted. This patch corrects the corruption problem by moving the growable log files to the /home partition, which has enough space to handle large files.

MD5 Check Sum: 4c1d41599be981d9c92426c665d52784

telnetd Update 4.0.1

This security patch addresses an issue found in the telnet daemon, where a remote attacker is able to gain access to server appliances if telnet is enabled. Information regarding this update can be found at CERT Coordination Center's website. The URL is: http://www.cert.org/advisories/CA-2001-21.html.

MD5 Check Sum: 57821fff1a9c84a1f4b86ccbadf5566a

Samba Update 4.0.1

This package updates Samba to 2.0.9 in order to repair a locally exploitable security hole in previous versions. The security hole allows a user with a shell account to corrupt local devices (such as raw disks).

MD5 Check Sum: aaff7e7862f263a02046585c8ed4cf16c

Telnet Access Update 4.0.1

This package fixes a security bug that gives all users of a restored (previously suspended) site telnet access.

Prerequisite: Prior to installing this update the update allowing special characters in a new username or user's full name must be installed.

RaQ3-All-System-4.0.1-9925.pkg

MD5 Check Sum: be3bafbacdb5c6ca908390c44de68ac5

Special Characters Update 4.0.1

System problems may occur when using special characters when adding a new username or a user�s full name. This update enables the use of special characters such as �.� in a username and ��� in user�s full names

MD5 Check Sum: de16c9fbe9d4c556926f98b8286b4a47

Reverse Delegation Update 4.0.1

This patch fixes reverse delegations for subnets smaller than a /24. It also adds the ability to have 127.0.0.1 map to the localhost for a domain, and ensures that information relating to Secondary Name Services for networks appears in the web interface properly.

MD5 Check Sum: 17badf0f95c77d0614f869819c25e6dd

analog Update 4.0.2

This security update prevents a buffer overflow exploit via analog using the "alias" command. This package upgrades analog to v4.16-1(C1).

This update requires the newer version of RPM (rpm-3.0.5-9.6x) RaQ3-All-System-4.0.1-9819.pkg

For additional information please refer to http://www.analog.cx/

MD5 Check Sum: 21597b9db09c9465632269d2d6362cf9

ntp Update 4.0.1

The current version of ntp was found to be susceptible to buffer overflow remote root exploits. This package corrects this with updating ntp to xntp 3-5.93-14.

MD5 Check Sum: 99edbe03f39e882e132a2afdf7858c0d

proftpd Update 4.0.1

This patch updates proftpd in response to a CERT alert (CA-2001-07) regarding the current version of proftpd. Additional information on the patch can be located at CERT �s official website.: http://www.cert.org/advisories/CA-2001-07.html

MD5 Check Sum: 58c0855805f5605a94907c0f209ca6b4

Deactivate backup.cgi Update 4.0.1

This update prevents a copy of the backup.cgi from being created.

MD5 Check Sum: a3c3566d215e795524005cb469d10162

VIM Control Codes Update 4.0.1

When a user opened a file in vim-enhanced or vim-X11 with the status line option enable in .vimrc, the commands would be executed as that user. This update will disable the user from embedding malicious VIM control codes into a file.

For additional information please refer to url: http://www.securityfocus.com/templates/archive.pike?list=1&mid=170642

MD5 Check Sum: a5b43601df25592c0b952113d7628691

RPM Update 4.0.1

This package installs a newer version of RPM (rpm-3.0.5-9.6x) and all the associated rpms
RPM: rpm-3.0.5-9.6x.i386.rpm
RPM: rpm-python-3.0.5-9.6x.i386.rpm (not on Sun Cobalt RaQ 3 server appliance)
RPM: rpm-build-3.0.5-9.6x.i386.rpm (not on Sun Cobalt RaQ 3 server appliance)
RPM: rpm-devel-3.0.5-9.6x.i386.rpm
RPM: popt-1.5-9.6x.i386.rpm

MD5 Check Sum: 69b7cbee0e7464d0557b7af89a312c5d

URL Attack Exposure Update 4.0.1

Security fix to remove URL attack exposure from Sun Chili!Soft ASP Samples codebrws.asp script.

This patch will remove the ability for a person to modify the URL when used in conjunction with the codebrws.asp script that ships with the Sun Chili!Soft ASP samples, to view system configuration files.

MD5 Check Sum: b56b317e20a8305140692cd735cb4274

Backup Update 4.0.1

This patch addresses an issue found in backup that allows local users to run arbitrary commands with elevated user privileges.

MD5 Check Sum: 480bd241695347194b55df6592e13b87

vixie-cron Update 4.0.1

Note: If you had installed version 4.0.1 of this patch please install this new version. It was discovered that after rebooting the Sun Cobalt RaQ 3 server appliance with version 4.0.1 some errors would occur. Update 4.0.2 corrects this.

This patch upgrades the version of vixie-cron to 3.0.1-40. This version of vixie-cron addresses the following security issue, which existed in previous versions. A buffer overflow existed in the 'crontab' command: if called by a user with a username longer than 20 characters, it would be possible for that user to gain elevated privileges.

MD5 Check Sum: 75f2b8dc65f0f5ed588bedfbeb8e3b3c

imap Update 4.0.1

This patch upgrades the version of imap. Previous versions of imap are vulnerable to buffer overflow exploits.

Serial Numbers Update 4.0.1

This patch corrects a problem that occurs with updating serial numbers on machines providing DNS for large numbers of domains.

slocate Update 4.0.1

This fixes a security problem with slocate. Previous versions had problems with database parsing code. By using a carefully crafted database, a local user could overwrite some of slocate's internal structures, possibly allowing users to learn locations of files that they normally would not have permissions to locate.

We are just installing redhat rpms for x86'. There was no need to rebuild them.

POP Before SMTP Relaying Update 4.0.7

When activated, a client using a Sun Cobalt RaQ 3 server appliance for a mail server will be denied outgoing email relaying until the client checks the client's incoming email first. After authentication has been established when the client checked the client's incoming mail, outgoing mail relaying is then allowed.

POP-before-SMTP.pdf

If you had installed the "pre-released" version of POP Before SMTP Relay onto your Sun Cobalt RaQ server appliance it will need to be uninstalled prior to installing this official patch. Following the instructions below will effectively uninstall the "pre-released" version.

If you have already installed this official patch please uninstall both versions then install this patch.

1. login as admin.
2. su as root
3. cd to /var/lib/cobalt/uninstallers
4. run the uninstall script for the pre-released version
5. if necessary, run the uninstall script for the official release as well.

Pine Update 4.0.2

Upon abnormal exit, the text editor saves any changes made to the file being edited into a new file in the current working directory labeled filename.save (where filename will correspond to the name of the file being edited, e.g. test.txt will be saved as test.txt.save). When saving this file, the text editor does not check for the file type. A user editing a file in a directory writable by others could be subject to having other files written to if a malicious user were to symbollically link the filename.save file to one of owner/group write access of the user. This would result in the contents of the pico session being written to the symbolically linked file.

This security update installs Pine v4.33-C1 which includes the latest Pico v4.0.

proftpd Update 4.0.1

This package upgrades the version of proftpd to 1.2.0rc3.

User Name Update 4.0.1

This package fixes the deletion of a user name with a period as part of the name deletes other users with similar names.

Log Rotation Update 4.0.1

This patch addresses an issue with how the Sun Cobalt RaQ server appliance handles the rotation of old logs. Whenever a site quota was increased, the ration of log size to site quota was not updated. With this patch, this issue disappears.

Dos Attack Update 4.0.4

This security update prevents a DoS attack by corrupting htpasswd and passwd when a site administrator adds a new user to the system and the "/tmp" directory or the "/" (root) directory is full.

BIND Update 4.0.1

This patch upgrades the version of bind used by DNS to 8.2.3. This version of bind contains various security fixes for security holes that were found in BIND-8.2.2_P5.

NOTE: You may need to restart the DNS service under the control panel after installing this patch.

Domain Names Update 4.0.1

Due to new standards, double dashes are now allowed in domain names. The code has been changed to allow users to have domain names such as abc--123.com.

ncurses Update 4.0.1

There used to be an overflowable buffer in the part of the ncurses library handling cursor movement. Attackers can force a privileged application to use their own termcap file containing a special terminal entry which will trigger the ncurses vulnerability, allowing them to execute arbitrary code with the privileges of the exploited binary.

mtab Update 4.0.1

Prior to this update, it is possible for /etc/mtab to become corrupted after a reboot if the Sun Cobalt RaQ server appliance console output is turned off.

Sun Chili!ASP Interbase Fix

For users of Chili!Soft ASP on RaQ 3 only.

This package contains new ODBC drivers. Prior to this patch, ASP database connections may not have worked correctly after installing RaQ3-All-Security-3.0.1-8061, which is a prerequisite to installing RaQ3-en-Update-OS-4.0. If you experience database connectivity problems after installing RaQ3-All-Security-3.0.1-8061, please install this package to correct the issue.

If you do not have Sun Chili!Soft Version 3.5.2, please contact Sun Chili!Soft Technical Support at tech@chilisoft.com to receive the latest package. You will need to provide a proof of purchase by including the file /home/chiliasp/LICENSE.LIC in the email message.

OS Update 4.0

Prerequisites:

• Point release RaQ3-All-System-3.0.1-6168.pkg (Frontpage Fixes)
• Point release RaQ3-All-Security-3.0.1-8061 (glibc update)

Warning:

To address the problem of mail not returning an error correctly for a virtual site if that user did not exist, a 'catch-all' error is now created. This required the following changes for this new functionality to work.

• system users (such as admin, sys, postmaster, root) for a virtual site are now directed to the cooresponding email account for the system user. Please remove all other aliases for the above users on virtual sites before installing this update
• 'catch-all' email aliases added manually before the update will not function in the same way after the update. Please remove all email domain aliases before installing this update.

• RaQ3-en-OSUpdate-3.0
• RaQ3-All-System-3.0.1-6168
• RaQ3-All-System-3.0.1-5917
• RaQ3-All-Security-3.0.1-6682
• RaQ3-All-Security-3.0.1-6579
• RaQ3-All-Security-3.0.1-6750
• RaQ3-All-Security-3.0.1-6650
• RaQ3-All-System-3.0.1-6262
• RaQ3-en-System-3.0.1-6375
• RaQ3-All-System-3.0.1-6449
• RaQ3-All-System-3.0.1-6453
• RaQ3-All-System-3.0.1-6482
• RaQ3-All-System-3.0.1-7202
• RaQ3-All-System-3.0.1-7686
• RaQ3-All-Security-3.0.1-7819
• RaQ3-En-System-3.0.1-5845
• RaQ3-All-Security-3.0.1-8164
• RaQ3-All-Security-3.0.1-8148
• RaQ3-All-Security-3.0.1-8061
• RaQ3-All-Security-3.0.1-8008
• RaQ3-All-Security-3.0.1-8577

• "Web Access by Domain" is now active when activating under control panel.
• Generate report now removes duplicate entries
• Analog could cause web stats not to be generated.

• Active monitor was updated to not be activated if anonymous ftp goes over quota
• Active monitor was updated to correctly signal low disk space. Prior to this, files owned by admin and root could cause Active monitor to not correctly signal low disk space.
• Messages were updated which were sent to users
• Deleted users were not being deleted correctly in active monitor tables.
• Active monitor does not turn red if you have a cd-rom connected

• UPS can be configured as a slave
• 255 can now be added as part of an IP address

• Disabling Frontpage extensions for a virtual site now disables Frontpage extensions for all users of that site
• Enough available disk space is checked for when configuring Frontpage extensions for users

• Changes to DNS Server will now update all serial numbers of all zones

• Mail lists now sorts usernames
• Users are now able to use the 'newconfig' option of majordomo
• Deleting a user did not delete POP lockfile
• Blank lines in "relay field" are now correctly handled.
• Duplicate entries now checked for in email server parameters
• Email to mailing list will not bounce if message contains majordomo commands

• New shell tools have been included
• New version of proftpd is installed
• Error logs are properly rotated
• Shell access is now denied for users of a suspended site
• 34 character and longer hostnames are now supported with SSL
• syslog was updated to address security exploits.
• traceroute was updated to address security exploit.
• tmpwatch was updated to address security exploits
• bind was updated to address security exploits

glibc Update 3.0.1

This updates the version of glibc. Prior to this update it was possible for local users to gain root access.

Due to the size of this update, please place this package in /home/packages and install via the 'Loaded' option under the 'Install Software' screen.

Note to Chili!Soft Users: If you experience database connectivity problems after installing RaQ3-All-Security-3.0.1-8061, please install casp_interbase_patch_raq3.pkg to correct the issue.

System Update 3.0.1

This update resolves a security issue with Frontpage extensions. Prior to this patch it would be possible to run CGI scripts as a user with higher privilages than the owner of a web site.

OS Update 3.0

Description Of Bugs Fixed And Features Changed:

• Creating a scheduled backup for a virtual site and then deleting the virtual site doesn�t delete the corresponding scheduled backup. This causes false e-mail error messages.
• Adding a virtual site with FrontPage enabled, and then renaming the virtual site does not update the configuration file, causing FrontPage to fail to function for the whole virtual site.
• Doing a selective restore of a backup file leaves behind a temporary copy in /home/tmp instead of deleting it properly.
• Maximum number of allowable POP connections per second is now increased from 40 to 200.
• During startup, a SCSI driver attempts to incorrectly load a kernel timer twice.
• Bandwidth usage statistics are now averaged to increase accuracy.
• User interface display of storage falsely identifies SCSI drives as IDE drives.
• Changing the IP address of the main virtual site through the external LCD panel does not properly update either the user interface database file or the web server configuration file.
• Adding drives larger than 34 gigs causes the kernel to incorrectly identify them as 34 gigs smaller than they actually are.
• SSL encryption is upgraded from 56-bit to 128-bit encryption.
• Prevents a virtual site�s maximum allowed disk space from being created or lowered below a safe level when FrontPage is enabled for the virtual site. When FrontPage is enabled, the maximum allowed disk space for the virtual site must be at least three times the maximum number of users that can be created in a virtual site.
• Creating a catch-all e-mail alias for a user in a domain incorrectly intercepts all e-mail for the domain and sends it to the user with the catch-all e-mail alias. It is also possible for a malicious site administrator to receive all e-mail belonging to another domain.
• Fixes irregularities with bandwidth management functionality.
• Error messages from Active Monitor are now logged in /var/cobalt/adm.log instead of being discarded.
• Creating a scheduled backup, and then viewing the scheduled backup configuration screen incorrectly displays the default settings instead of the currently scheduled backup settings.
• When creating a virtual site, the user interface will incorrectly accept a capital letter within the domain name of the virtual site.
• Creating a DNS reverse lookup entry using subnet masks smaller than Class C will create a duplicate start of authority record within the entry.
• Backups do not properly handle filenames with apostrophes in them.
• Anonymous FTP disk usage that are approaching quota limitations no longer trigger Active Monitor warning lights. Warning messages are still sent to the administrator.
• Web, e-mail and ftp statistics are not being generated under certain conditions. This problem typically occurs on systems with more than 123 virtual sites. When this problem occurs, log rotation also stops functioning.
• Updated the change ownership command to properly reset file permissions.
• The user interface incorrectly displays virtual sites listing alphabetically by hostname only, instead of alphabetically by hostname and domain name.
• Changing either the hostname or the IP address of the main virtual site does not properly update the list of virtual sites displayed in the user interface. This can causes a loss of access to the main administrative interface.
• The user interface incorrectly displays network statistics for the second network interface card on machines with only one network interface card.
• Improved instructions regarding backup procedure on the individual�s site administration page.
• Site administrators are improperly prevented from creating scheduled backup.
• The backup routine improperly allows anyone to run a complete or configuration only backup routine, thereby allowing access to some sensitive configuration files.
• Cron jobs that are scheduled to be run quarter-hourly, half-hourly, and quarter-daily are never run.
• Viewing a raw directory of files or folders through the web server displays missing graphics icons instead of the proper file or folder icons.
• Removing a virtual site with FrontPage enabled does not delete the corresponding configuration file. This prevents the proper re-creation of a virtual site with FrontPage enabled if the virtual site has been deleted once.
• The first user created on a system with a full name, user name or alias which begins with a number incorrectly initializes the user interface database. This prevents all subsequent users from being displayed in the user interface.
• Adding an apostrophe to a user�s vacation message causes the user to disappear from the user interface.
• The real-time clock is not initialized correctly.
• Optimized the memory usage of the web server.
• The ftp service can consumes almost all memory and processor resources if a large number of members belong to one group. This typically occurs for the site administrator group when the total length of the user names in the group are greater than 1024 characters in length.
• The web service normally allows anybody accessing a web site to view a ".htaccess" file or ".htpasswd" file. The web service no longer allows any files that begin with ".ht" from being transmitted via the web.

• Also Includes RaQ3-Security-1.1
• Also Includes RaQ3-Security-1.2
• Also Includes RaQ3-Security-1.3
• Also Includes RaQ3-Security-1.4
• Also Includes RaQ3-Security-1.5
• Also Includes RaQ3-Security-2.2