UCS 4.0-1 Release Notes

Release notes for the installation and update of Univention Corporate Server (UCS) 4.0-1

Table of Contents

1. Release highlights
2. Notes on the update
2.1. Recommended update order for environments with more than one UCS server
2.2. UCS installation DVDs only available for 64 bit
3. Preparation of update
4. Postprocessing of the update
5. Further notes on selected packages
5.1. Network-based installation of UCS
5.2. Collection of usage statistics
5.3. Scope of security support for WebKit, Konqueror and QtWebKit
5.4. Recommended browsers for the access to Univention Management Console
6. Changelog
6.1. General
6.2. Basic system services
6.2.1. Linux kernel and firmware packages
6.2.2. Other system services
6.3. Domain services
6.3.1. LDAP schema changes
6.3.2. Listener/Notifier domain replication
6.3.3. DNS server
6.4. Univention Management Console
6.4.1. Univention Management Console web interface
6.4.2. Univention Management Console server
6.4.3. Univention App Center
6.4.4. Basic settings / Appliance mode
6.4.5. Users module
6.4.6. Univention Directory Reports
6.4.7. Computers module
6.4.8. DNS module
6.4.9. License module
6.4.10. System diagnostic module
6.4.11. Online update module
6.4.12. Policies
6.4.13. Printers module
6.4.14. Other modules
6.4.15. Univention Directory Manager command line interface and related tools
6.5. Software deployment
6.5.1. Software monitor
6.5.2. Software deployment command line tools
6.6. Univention base libraries
6.7. System services
6.7.1. Spam/virus detection and countermeasures
6.7.2. Printing services
6.7.3. SSL
6.7.4. Univention System Info
6.7.5. Apache
6.7.6. Other services
6.8. Virtualization
6.8.1. Univention Virtual Machine Manager (UVMM)
6.9. Services for Windows
6.9.1. Samba
6.9.2. Univention AD Takeover
6.9.3. Univention S4 Connector
6.9.4. Univention Active Directory Connection
6.10. Other changes

§Chapter 1. Release highlights

With Univention Corporate Server 4.0-1, the first point release of Univention Corporate Server (UCS) 4.0 is now available. It provides various improvements and bugfixes. An overview of the most important changes:

  • The Debian Wheezy point update 7.8 has been integrated.

  • The Free for personal use edition license has been extended to 50 users and 50 clients.

  • Improvements in the appliance mode allow a simpler system installation and setup of UCS systems.

  • Joining an Active Directory domain has been simplified.

  • Multiple bugfixes and improvements related to Samba, e.g. in the printer support and when using Microsoft SharePoint.

  • Several enhancements and bugfixes in design and usability of the Univention Management Console.

§Chapter 2. Notes on the update

During the update some services in the domain may not be available, i.e. the update should occur in a maintenance window. It is recommended to test the update in a separate test environment prior to the actual update. The test environment should be identical to the production environment. Depending on the system performance, network connection and the installed software the update takes between 20 minutes and several hours.

§2.1. Recommended update order for environments with more than one UCS server

In environments with more than one UCS system, the update order of the UCS systems must be borne in mind:

The authoritative version of the LDAP directory service is maintained on the master domain controller and replicated on all the remaining LDAP servers of the UCS domain. As changes to the LDAP schemes can occur during release updates, the master domain controller must always be the first system to be updated during a release update.

§2.2. UCS installation DVDs only available for 64 bit

Starting with UCS 4.0 UCS, installation DVDs are only provided for the x86 64 bit architecture (amd64). Existing 32 bit UCS 3 systems can still be updated to UCS 4.0 through the online repository or by using update DVDs. The 32 bit architecture will be supported over the entire UCS 4 maintenance.

§Chapter 3. Preparation of update

It must be checked whether sufficient disk space is available. A standard installation requires a minimum of 6 GB of disk space. Depending on the scope of the existing installation, the update will require about another 2 GB of disk space for downloading and installing all packages.

For the update, a login should be performed on the system's local console as user root, and the update should be initiated there. Alternatively, the update can be conducted using Univention Management Console.

Remote updating via SSH is not recommended as this may result in the update procedure being cancelled, e.g., if the network connection is interrupted. In consequence, this can affect the system severely. If updating should occur over a network connection nevertheless, it must be verified that the update continues despite disconnection from the network. This can be done, e.g., using the tools screen and at. These tools are installed on all system roles by default.

§Chapter 4. Postprocessing of the update

Following the update, new or updated join scripts need to be executed. This can be done in two ways: Either using the UMC module Domain join or by running the command univention-run-join-scripts as user root.

The configuration of the UCS DNS name server BIND was prone to open resolver attacks, which are used to launch Distributed Denial of Service (DDoS) attacks against other hosts of the internet. To prevent such abuse the default configuration will be changed to allow 'recursive queries' only from IP addresses of the private address ranges, link-local address ranges, localhost and local networks. If the name servers need to be queried from any other hosts outside those network, they must be configured using the Univention Configuration Registry variable dns/allow/query/cache. This change gets only applied for newly installed domain controllers. See SDB 1298 for additional details to convert existing installations.

Subsequently the UCS system needs to be restarted.

§Chapter 5. Further notes on selected packages

§5.1. Network-based installation of UCS

The profile-based UCS network installation is not yet available in UCS 4.0-1. It will be provided at a later date. Please refer to our issue tracker for further details: Bug 35537.

§5.2. Collection of usage statistics

Anonymous usage statistics on the use of Univention Management Console are collected when using the free for personal use version of UCS (which is generally used for evaluating UCS). The modules opened are logged in an instance of the web traffic analysis tool Piwik. This makes it possible for Univention to tailor the development of Univention Management Console better to customer needs and carry out usability improvements.

This logging is only performed when the free-for-personal-use license is used. The license status can be verified via the menu entry License -> License information of the user menu in the upper right corner of Univention Management Console. If Free for personal use edition is listed under LDAP base, this version is in use. When a regular UCS license is used, no usage statistics are collected.

Independent of the license used, the statistics generation can be deactivated by setting the Univention Configuration Registry variable umc/web/piwik to false.

§5.3. Scope of security support for WebKit, Konqueror and QtWebKit

WebKit, Konqueror and QtWebKit are shipped in the maintained branch of the UCS repository, but not covered with security support. WebKit is primarily used for displaying HTML help pages etc. Firefox should be used as web browser.

§5.4. Recommended browsers for the access to Univention Management Console

Univention Management Console uses numerous JavaScript and CSS functions to display the web interface. Cookies need to be permitted in the browser. The following browsers are recommended:

  • Chrome as of version 33

  • Firefox as of version 24

  • Internet Explorer as of version 9

  • Safari and Safari Mobile as of version 7

Users with older browsers may experience display or performance problems.

§Chapter 6. Changelog

Listed are the changes since UCS 4.0-0:

§6.1. General

§6.2. Basic system services

§6.2.1. Linux kernel and firmware packages

  • The Linux kernel has been updated to 3.16.7-ckt2. It provides many bugfixes and fixes several vulnerabilities (Bug 36969).

§6.2.2. Other system services

  • The file system check now ignores clock skew problems, which previously required manual user interaction (Bug 36233).

§6.3. Domain services

§6.3.1. LDAP schema changes

  • The object class msGPOContainer has been extended to support the new attribute msNTSecurityDescriptor (Bug 36979).
  • The univentionUserTemplate object class has been adapted to include all attributes from the person, organizationalPerson and inetOrgPerson standard LDAP schemas (Bug 35775).

§6.3.2. Listener/Notifier domain replication

  • Fix the shutdown of Univention Directory Listener if a failed.ldif file exists (Bug 37291).

§6.3.3. DNS server

  • The configuration of the UCS DNS name server BIND9 was prone to open resolver attacks, which are used to launch Distributed Denial of Service (DDoS) attacks against other hosts of the internet. To prevent such abuse the default configuration will be changed to allow 'recursive queries' only from IP addresses of the private address ranges, link-local address ranges, localhost and local networks. If the name servers need to be queried from any other hosts outside those network, they must be configured using the Univention Configuration Registry variable dns/allow/query/cache. This change gets only applied for newly installed domain controllers. See SDB 1298 for additional details (Bug 37553).

§6.4. Univention Management Console

§6.4.1. Univention Management Console web interface

  • The UMC requires JavaScript. If it is disabled in the web browser, a warning message is displayed. The styling of the notification has been improved (Bug 36338). Also, display a warning if an Internet Explorer version earlier than version 9 is used (it mis-renders SVG graphics) (Bug 36914)
  • Added an arrow to the UMC grids that indicates which column is used for sorting (Bug 36357).
  • Several buttons are now properly aligned to corresponding input fields (Bug 36291).
  • The Favorites category button now fades in and out, depending on whether favorite modules are chosen or not (Bug 36787).
  • A exception was logged in the JavaScript console if the grid was resized and if notifications were hidden. This has been removed (Bug 36645).
  • Fixed a bug which prevented that UMC components could write into their logfiles (Bug 37317).
  • The icon on the policy reference button is now shown (Bug 36291).
  • The LocationMatch directive of Apache is now only configured for the UMC (Bug 37518).
  • Don't let Firefox ask for resending POST form data when logging out of UMC (Bug 36445).
  • Fix an endless login animation if the login fails due to a stopped UMC server (Bug 36636).
  • Fix the error message which is shown if no network connection is possible on client side (Bug 36680).
  • Fix the visibility of error messages when a login dialogue is opened (Bug 36400).
  • The notification while changing objects which are part of an Active Directory domain has been placed in a more visible area (Bug 36732).
  • The error message if the connection to the LDAP server fails has been extended (Bug 35719).
  • The get_exception_method() has been removed. Error information are now provided by the UDM base exception itself (Bug 35273, Bug 30088). Exceptions are not re-raised anymore as this hides important error information in traceback feedback reports (Bug 32979).
  • It is now prevented that a search with a given attribute name can raise a bad search filter exception (Bug 28383).
  • An error message is now shown when trying to operate on non-existing objects (Bug 34246).
  • Searching for an invalid object type will not raise an exception anymore. Opening a non-existent object (e.g. object was moved / deleted) now shows an error message instead of raising an exception (Bug 35350).
  • Error handling has been improved in case a UDM module could not be identified (Bug 34680).
  • Inform about automatically set default values when opening a object (Bug 36700).
  • Error handling of UDM modules has been improved by adding default methods which contain information about the current edited object type (Bug 34985).
  • Unnecessary scrollbars have been removed from the UCS installer software selection (Bug 37730).

§6.4.2. Univention Management Console server

  • Fix an error regarding the error handling of closed UMC module process sockets (Bug 37036).
  • The JavaScript method umc.tools.umcpProgressSubCommand did not send the UMCP flavour along with a request and could therefore fail due to insufficient permissions (Bug 36875).
  • Fix error if the UMC server and the UMC module try to close the module process at the same time (Bug 35231).
  • Fix a server crash caused by corrupted translation files (Bug 36658).
  • The UMCP command udm/layout failed if a DN was given which could not be identified as a UDM object (Bug 29231).
  • Allows UMC modules to set the response status when the module initialization fails. This is required to show the login dialogue after a password change (Bug 34353).
  • The query of the LDAP DN of the user logging into the UMC has been fixed. Previously users without a POSIX account were not found (Bug 37178).
  • Fixed the handling of crashed UMC module processes (Bug 37367).
  • Add the UMCP flavour to error information when a traceback occurs (Bug 37169).
  • Connections to the LDAP server weren't closed after the session timeout. This caused a UMC server crash due to max open file limits (Bug 37453).
  • Mask passwords when logging changed properties at debug level 4 (Bug 36591).
  • Enhance the look of various error messages (Bug 36291).
  • Fixed error handling when renaming the currently logged in user (Bug 35280).
  • Additional exceptions during the creation of UDM objects are now handled (Bug 20044).
  • Ask for closing the detail page if changes to the object have been done (Bug 30088).

§6.4.3. Univention App Center

  • If the details of a package are opened which is not longer available (e.g. the repository has been removed), an error occurred. This has been fixed (Bug 37403).
  • The translation file for installed apps modules may have been corrupted during a release update. This has been fixed (Bug 37571).
  • Extended one command to allow searching for multiple components at once (needed for updater module) (Bug 37364).
  • The checkbox Use unmaintained repositories is now placed above the Apply changes button (Bug 36457).
  • After trying to install a software component in the repository settings module a white page occurred which prevented installation (Bug 36868).

§6.4.4. Basic settings / Appliance mode

  • The Firefox address bar is now always hidden (Bug 35583).
  • If the DNS lookup of the master domain controller fails during a UCS domain join, a warning message is now displayed (Bug 34238).
  • When joining into an Active Directory domain, log messages from the Active Directory join were not logged (Bug 37049).
  • The default keyboard layout for German has been corrected (Bug 36936).
  • The branding of the appliance wizard can now be customised via the Univention Configuration Registry variables umc/web/appliance/name and umc/web/appliance/logo (Bug 37488).
  • The wizard failed if the system had more than four physical network devices. This has been fixed (Bug 37001, Bug 36884).
  • The wizard now shows information about how to reach the system and UMC after the configuration process (Bug 36938).
  • In text mode or after aborting the configuration, a message is shown to the user how the UMC can be accessed after reboot (Bug 36968).
  • The DNS error message when selecting a system role is now prompted as an alert dialogue (Bug 36940).
  • The DNS domain check when selecting a system role has been adjusted to correctly determine an UCS domain (Bug 36440).
  • If the UCS system has not been configured yet, a corresponding message is shown during login at console/via SSH asking the user to use the UMC to complete configuration. (Bug 36971).
  • Some text field descriptions have been adapted (Bug 36723).
  • Only system setup scripts belonging to the current module are now executed when changing settings via the modules for changing certificate, language and network settings (Bug 36939).
  • A DHCP lease may be now requested in the UCS setup wizard via unmarking and remarking the DHCP checkbox on the network page (Bug 36665).
  • The syntax check for the LDAP base has been adjusted to be more specific (Bug 36334).
  • The search for system locales has been adjusted such that wildcards are implicitly used (Bug 29922).
  • The configuration of keyboard model and keyboard variant has been corrected (Bug 37105).
  • It is now possible to prevent domain joining. The profile variable start/join was previously not evaluated (Bug 36701).
  • Reset join credentials if they are incorrect (Bug 36876).
  • The DHCP query in the Network settings dialogue has been fixed (Bug 35851).
  • The package removal in appliance mode has been corrected (Bug 36874).
  • Fix the configuration of primary devices and bond-miimon in bonding network devices (Bug 36340, Bug 36342).
  • The gateway input field is not required anymore. This allows to set up systems without connection to the internet (Bug 36586).
  • Fix base system deployment if no domainname is specified (Bug 36873).

§6.4.5. Users module

  • Users without the POSIX option are now able to change their password in the Univention Management Console (Bug 31828).
  • Fixed setting of the user expiry date if a user account is disabled (Bug 36330).
  • Fixed the removal of the account expiry date of a user (Bug 25279).
  • A PNG file can now be specified as user photo. It will be internally converted into JPEG (Bug 36273).
  • The user properties CtxBrokenSession, CtxReconnectSession and CtxRASDialin now have default values. They prevented changes via UMC when not having sufficient LDAP permission to change these attributes (Bug 29884, Bug 37592).

§6.4.6. Univention Directory Reports

  • Fixed a problem which prevented the creation of reports in some circumstances (Bug 36234).

§6.4.7. Computers module

  • Automatic IP assignment for a network will now show an error message if there is no more IP available to use instead of a traceback (Bug 33527).

§6.4.8. DNS module

  • Setting the attribute DNS time to an empty value does not trigger an error anymore (Bug 33256).

§6.4.9. License module

  • Internal "hidden" users are now ignored in the license check (Bug 37654).
  • The Free for personal use edition license has been extended to 50 users and 50 clients. Existing license keys need to be updated, please see SDB 1295 for details (Bug 37448).

§6.4.10. System diagnostic module

  • Added a plugin which checks the package status (Bug 35861).
  • Fixed the timeout value for pinging the gateway. It blocked the diagnosis if the gateway was not reachable (Bug 37032).

§6.4.11. Online update module

  • List all App Center apps (or other components) blocking a release update (Bug 37364). The message shown has been improved (Bug 37363).
  • The dialogue showing the list of packages to be updated/installed is now limited in its maximum height (Bug 36291).
  • Adapted the link to the new errata overview page (Bug 33539).
  • Open the Software update module upon UMC startup during release updates and show a information dialogue about the current update process (Bug 37357).
  • The hints and warning messages before or during the execution of a UCS update have been clarified (Bug 37360).
  • In some situations the software upgrade didn't show any update progress. This has been fixed (Bug 37564).

§6.4.12. Policies

  • The Release policy has been renamed into Automatic updates and its property descriptions have been improved (Bug 33190).
  • It is now possible to change the password of a user after setting an empty password length in the referenced password policy (Bug 8429).

§6.4.13. Printers module

  • The Samba share option force printername was activated implicitly during modifications of existing print shares. Now it only gets activated on new print shares and if the UCR variable samba/force_printername is not set to no or false (Bug 37123).

§6.4.14. Other modules

  • Close the progress bar for server shutdown if no permission exists to shutdown the server (Bug 36992).
  • After changing the own password a login dialogue is shown if a LDAP connection needs to be re-established (Bug 34353).
  • Remove references to the network object when deleting it (Bug 35099).

§6.4.15. Univention Directory Manager command line interface and related tools

  • Added support for the following operators in a UDM filter: <, <, <=, >=. (Bug 36970).

§6.5. Software deployment

  • When executing a maintenance or release policy, a requested reboot is now only performed once all updates have been performed (Bug 37231).
  • Detect broken HTTP proxies like DansGuardian, which block downloading the Packages files and updater scripts while still signalling success (Bug 37345).
  • Old Samba TDB files are now handled in the pre-update script (Bug 37534).
  • The update scripts have been adjusted to UCS 4.0-1 (Bug 37661).
  • The Scalix schema check have been removed from the pre-update script (Bug 37145).

§6.5.1. Software monitor

  • It is now possible again to search for UCS systems (Bug 35700).
  • Translations of some error messages have been fixed (Bug 35700).
  • The connection to the PostgreSQL server is re-established in case of an error (Bug 35700).

§6.5.2. Software deployment command line tools

  • When using univention-upgrade all components blocking an update are now displayed (Bug 37349).
  • The available Univention App Center apps can now be queried on the command line by running univention-add-app with the parameter --list (Bug 37153).

§6.6. Univention base libraries

  • A new script univention-install-joinscript has been added. It can be used when developing packages for UCS that ship with a join script (Bug 32525).
  • Fix a segmentation fault in univention-debug when reopening the logfile (Bug 37317).

§6.7. System services

§6.7.1. Spam/virus detection and countermeasures

  • An obsolete cron job (/etc/cron.daily/amavisd-new) has been removed (Bug 36928).
  • The new Univention Configuration Registry variable variable mail/antispam/headertag can be used to define a string to prepend to subject header field for SPAM messages. If the variable is unset (default), the subject is not modified (Bug 36664).
  • The AMaViS service was always listed as stopped in the System services module of the Univention Management Console. This has been fixed (Bug 36998).

§6.7.2. Printing services

  • The permissions for the pykotadmin.conf Univention Configuration Registry template have been fixed (Bug 36859).

§6.7.3. SSL

  • Prior to the generation of the CA, the system time is updated. A timeout of 15 seconds has been added to the use of rdate to query the current time from a NTP time server, as this sometimes stalls endlessly (Bug 36934, Bug 36935, Bug 36937).

§6.7.4. Univention System Info

  • Fix error during parsing of univention-system-info output (Bug 36923).
  • Fix the domain where archive uploads are sent to (Bug 31192).
  • Improve error handling (Bug 33092).
  • Fix uploading of archive for specific dmidecode versions (Bug 37384).

§6.7.5. Apache

  • This update disables the insecure SSL protocol v3. It is possible to override this by setting the Univention Configuration Registry variable apache2/ssl/v3 to true before or after the update (Bug 36232).

§6.7.6. Other services

  • The startup mode of the MySQL database can now be configured via the Univention Configuration Registry variable mysql/autostart (Bug 13811).
  • The new Univention Configuration Registry variable mail/saslauthd/cache/timeout (default 1800) has been added to define the saslauthd expiration time of the authentication cache (in seconds) (Bug 36949).

§6.8. Virtualization

§6.8.1. Univention Virtual Machine Manager (UVMM)

  • If no connection to the UVMM daemon is possible, an error message is now displayed instead of a traceback (Bug 33963).
  • Fix loading the kernel module bridge during initial installation (Bug 37215).
  • The timeout for the libvirtd liveness check has been raised to 30 seconds (if the Univention Configuration Registry variable libvirt/check/timeout hadn't been modified locally (Bug 36605).
  • Add a time stamp to the output of the libvirt-check.sh script output (Bug 35069).
  • Temporary files for noVNC token files are now created on the same partition to fix a problem with cross-device renaming (Bug 36988). Also, fix the noVNC links for VMs running on localhost (Bug 36105).
  • Display a HTTPS link for the first public and private IP of cloud instances (Bug 36905).
  • Add tooltips displaying the security group and key pair in the instance wizard (Bug 36906).
  • Fix header button of the cloud connection wizard to close only wizard and not the full module (Bug 36585).
  • Add a progress bar while waiting for modifications of the state of a virtual instance (Bug 36380).
  • Update the information of running cloud instances more often after adding, changing the state or deleting an instance (Bug 37301).
  • Handle failure to stop UVMMd during update more gracefully (Bug 36927).
  • Add a time stamp to the UVMMd check script output (Bug 37040) and log the complete output (Bug 34352).
  • Ignore errors reading UVMM profiles (Bug 34542).

§6.9. Services for Windows

§6.9.1. Samba

  • The SharePoint document search showed no results due to failing group membership check This has been fixed (Bug 37233).
  • Quick successions of restarting Samba through init script restart could leave behind a single unresponsive samba process. This has been fixed (Bug 37343).
  • The default for the Samba print server architecture was 32 bits. Now on newly installed systems the print server architecture is determined by the host architecture. Additionally the smb.conf parameter spoolss: architecture can be adjusted manually by setting the new Univention Configuration Registry variable samba/spoolss/architecture (see man smb.conf). On updated systems this UCR variable is maintained to keep the old default (Bug 34068, Bug 37476).
  • A potential issue during the in-place migration from Samba 3 to Samba 4 has been fixed (Bug 36395).

§6.9.2. Univention AD Takeover

  • Several spelling mistakes have been fixed (Bug 35199).

§6.9.3. Univention S4 Connector

  • LDAP base DNs with uppercase letters caused synchronization rejects. This has been fixed (Bug 33110).
  • GPO Security Descriptors can now be synchronized between OpenLDAP and the Samba directory service. By default this is not activated, an upcoming errata update for UCS@school 4.0 will make use of this feature (Bug 36980).
  • Ignore cn=Subschema and warn if Univention Directory Listener didn't pass a entryUUID (Bug 36981).

§6.9.4. Univention Active Directory Connection

  • Check that the join account is member of the Domain Admins group in Active Directory (Bug 35562, Bug 37168).
  • Don't fail if dynamic DNS update are disabled in the Active Directory domain (Bug 35870).
  • Handle renames of the Administrator account in Active Directory (Bug 36776) and in UCS (Bug 36778).
  • Support direct unconditional clock synchronization with the Active Directory server (Bug 37481, Bug 36406).
  • LDAP base DNs with uppercase letters caused synchronization rejects. This has been fixed (Bug 37450).

§6.10. Other changes

  • The following packages have been added to the maintained package repository (Bug 36467, Bug 36735, Bug 36609, Bug 37669, Bug 37288, Bug 36583):

    • altermime
    • asterisk-config
    • asterisk-core-sounds-en-gsm
    • asterisk-modules
    • asterisk-moh-opsound-gsm
    • asterisk-voicemail
    • asterisk
    • autopoint
    • dahdi-linux
    • dahdi
    • docutils-doc
    • freetds-common
    • fxload
    • libalgorithm-diff-perl
    • libalgorithm-diff-xs-perl
    • libalgorithm-merge-perl
    • libapache2-mod-python
    • libapache2-svn
    • libart-2.0-2
    • libboost-thread1.49.0
    • libcorosync4
    • libfile-fcntllock-perl
    • libid3tag0
    • libjansson4
    • libmail-sendmail-perl
    • libopenais3
    • libopenr2-3
    • libpri1.4
    • libsox-fmt-mp3
    • libss7-1
    • openjdk-7-jdk
    • php-mdb2-driver-mysql
    • php-net-ldap2
    • php-net-url2
    • php5-sqlite
    • python-clearsilver
    • python-genshi
    • python-jinja2
    • python-renderpm
    • python-reportlab-accel
    • python-utidylib
    • ripole
    • smarty3
    • sox
    • trac
    • vpb-driver-source
    • asterisk-modules
    • libcoroipcc4
    • libfile-fcntllock-perl
    • libgmime-2.6-0
    • libiksemel3
    • libmail-sendmail-perl
    • libopencore-amrnb0
    • libopencore-amrwb0
    • libpri1.4
    • libresample1
    • libsaclm3
    • libsaevt3
    • libsox2
    • libsox-fmt-alsa
    • libsox-fmt-base
    • libsox-fmt-mp3
    • libsybdb5
    • libtonezone2.0
    • libvpb0
    • python-feedparser
    • python-libxslt1
    • python-mock
    • python-openid
    • python-passlib
    • python-psycopg2
    • python-pybabel
    • python-pychart
    • python-pydot
    • python-pypdf
    • python-unittest2
    • python-vatnumber
    • python-vobject
    • python-werkzeug
    • antiword
    • python-babel
  • This update silences the PHP cron job, which is cleaning up old PHP session files. Due to a mis-configuration from previous upgrades it was sending emails containing error messages every 30 minutes. This has been fixed (Bug 36621).
  • Timestamps were added to store the start and end times of individual join scripts in join.log (Bug 36290).
  • A traceback in ucslint module 0001 has been fixed. This traceback could appear if there were problems while reading the join scripts of the source package (Bug 37688).