Changelog for Univention Corporate Server (UCS) 5.2-1#
General#
Univention Corporate Server 5.2-1 includes all security updates issued for UCS 5.2-0:
avahi (CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473) (Bug #57914)
bind9 (CVE-2024-11187, CVE-2024-12705) (Bug #57926)
firefox-esr (CVE-2024-11704, CVE-2025-0237, CVE-2025-0238, CVE-2025-0239, CVE-2025-0240, CVE-2025-0241, CVE-2025-0242, CVE-2025-0243, CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012, CVE-2025-1013, CVE-2025-1014, CVE-2025-1016, CVE-2025-1017) (Bug #57919, Bug #57950)
git (CVE-2024-50349, CVE-2024-52006) (Bug #57911)
glib2.0 (CVE-2024-52533) (Bug #57920)
gnutls28 (CVE-2024-12133, CVE-2024-12243) (Bug #57969)
gsl (CVE-2020-35357) (Bug #57923)
intel-microcode (CVE-2024-21820, CVE-2024-21853, CVE-2024-23918) (Bug #57916)
jinja2 (CVE-2024-22195, CVE-2024-34064) (Bug #57927)
libsoup2.4 (CVE-2024-52530, CVE-2024-52531, CVE-2024-52532) (Bug #57924)
libtasn1-6 (CVE-2024-12133) (Bug #57966)
linux (CVE-2022-49034, CVE-2023-52916, CVE-2024-26595, CVE-2024-27407, CVE-2024-35870, CVE-2024-35956, CVE-2024-36479, CVE-2024-36899, CVE-2024-37021, CVE-2024-41014, CVE-2024-42252, CVE-2024-42315, CVE-2024-42319, CVE-2024-43098, CVE-2024-44950, CVE-2024-45828, CVE-2024-46809, CVE-2024-46841, CVE-2024-46896, CVE-2024-47143, CVE-2024-47408, CVE-2024-47745, CVE-2024-48881, CVE-2024-49571, CVE-2024-49861, CVE-2024-49891, CVE-2024-49897, CVE-2024-49898, CVE-2024-49899, CVE-2024-49909, CVE-2024-49911, CVE-2024-49915, CVE-2024-49917, CVE-2024-49925, CVE-2024-49929, CVE-2024-49934, CVE-2024-49939, CVE-2024-49951, CVE-2024-49994, CVE-2024-49996, CVE-2024-50014, CVE-2024-50047, CVE-2024-50051, CVE-2024-50055, CVE-2024-50121, CVE-2024-50146, CVE-2024-50164, CVE-2024-50248, CVE-2024-50258, CVE-2024-50275, CVE-2024-50304, CVE-2024-52332, CVE-2024-53099, CVE-2024-53105, CVE-2024-53124, CVE-2024-53125, CVE-2024-53128, CVE-2024-53141, CVE-2024-53142, CVE-2024-53145, CVE-2024-53146, CVE-2024-53148, CVE-2024-53150, CVE-2024-53151, CVE-2024-53154, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53164, CVE-2024-53165, CVE-2024-53170, CVE-2024-53171, CVE-2024-53172, CVE-2024-53173, CVE-2024-53174, CVE-2024-53175, CVE-2024-53180, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53190, CVE-2024-53194, CVE-2024-53196, CVE-2024-53197, CVE-2024-53198, CVE-2024-53206, CVE-2024-53207, CVE-2024-53208, CVE-2024-53210, CVE-2024-53213, CVE-2024-53214, CVE-2024-53215, CVE-2024-53217, CVE-2024-53220, CVE-2024-53226, CVE-2024-53227, CVE-2024-53229, CVE-2024-53230, CVE-2024-53231, CVE-2024-53233, CVE-2024-53237, CVE-2024-53239, CVE-2024-53240, CVE-2024-53241, CVE-2024-53680, CVE-2024-53685, CVE-2024-53690, CVE-2024-55881, CVE-2024-55916, CVE-2024-56369, CVE-2024-56531, CVE-2024-56532, CVE-2024-56533, CVE-2024-56539, CVE-2024-56546, CVE-2024-56548, CVE-2024-56551, CVE-2024-56557, CVE-2024-56558, CVE-2024-56562, CVE-2024-56567, CVE-2024-56568, CVE-2024-56569, CVE-2024-56570, CVE-2024-56571, CVE-2024-56572, CVE-2024-56574, CVE-2024-56575, CVE-2024-56576, CVE-2024-56578, CVE-2024-56579, CVE-2024-56581, CVE-2024-56582, CVE-2024-56584, CVE-2024-56585, CVE-2024-56586, CVE-2024-56587, CVE-2024-56589, CVE-2024-56590, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56599, CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603, CVE-2024-56604, CVE-2024-56605, CVE-2024-56606, CVE-2024-56608, CVE-2024-56610, CVE-2024-56614, CVE-2024-56615, CVE-2024-56616, CVE-2024-56619, CVE-2024-56622, CVE-2024-56623, CVE-2024-56625, CVE-2024-56626, CVE-2024-56627, CVE-2024-56628, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631, CVE-2024-56633, CVE-2024-56634, CVE-2024-56636, CVE-2024-56637, CVE-2024-56640, CVE-2024-56642, CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56648, CVE-2024-56650, CVE-2024-56651, CVE-2024-56658, CVE-2024-56659, CVE-2024-56660, CVE-2024-56661, CVE-2024-56662, CVE-2024-56663, CVE-2024-56664, CVE-2024-56665, CVE-2024-56670, CVE-2024-56672, CVE-2024-56675, CVE-2024-56677, CVE-2024-56678, CVE-2024-56679, CVE-2024-56681, CVE-2024-56683, CVE-2024-56687, CVE-2024-56688, CVE-2024-56690, CVE-2024-56691, CVE-2024-56693, CVE-2024-56694, CVE-2024-56698, CVE-2024-56700, CVE-2024-56701, CVE-2024-56703, CVE-2024-56704, CVE-2024-56705, CVE-2024-56707, CVE-2024-56708, CVE-2024-56709, CVE-2024-56715, CVE-2024-56716, CVE-2024-56717, CVE-2024-56718, CVE-2024-56720, CVE-2024-56722, CVE-2024-56723, CVE-2024-56724, CVE-2024-56725, CVE-2024-56726, CVE-2024-56727, CVE-2024-56728, CVE-2024-56739, CVE-2024-56741, CVE-2024-56745, CVE-2024-56746, CVE-2024-56747, CVE-2024-56748, CVE-2024-56751, CVE-2024-56754, CVE-2024-56755, CVE-2024-56756, CVE-2024-56759, CVE-2024-56763, CVE-2024-56765, CVE-2024-56766, CVE-2024-56767, CVE-2024-56769, CVE-2024-56770, CVE-2024-56774, CVE-2024-56776, CVE-2024-56777, CVE-2024-56778, CVE-2024-56779, CVE-2024-56780, CVE-2024-56781, CVE-2024-56783, CVE-2024-56785, CVE-2024-56787, CVE-2024-57791, CVE-2024-57792, CVE-2024-57798, CVE-2024-57807, CVE-2024-57838, CVE-2024-57849, CVE-2024-57850, CVE-2024-57874, CVE-2024-57876, CVE-2024-57887, CVE-2024-57892, CVE-2024-57907, CVE-2024-57946) (Bug #57913, Bug #57948)
linux-signed-amd64 (CVE-2023-52916, CVE-2024-27407, CVE-2024-35870, CVE-2024-35956, CVE-2024-36479, CVE-2024-36899, CVE-2024-37021, CVE-2024-41014, CVE-2024-42252, CVE-2024-42315, CVE-2024-44950, CVE-2024-46809, CVE-2024-49861, CVE-2024-49891, CVE-2024-49897, CVE-2024-49898, CVE-2024-49899, CVE-2024-49909, CVE-2024-49911, CVE-2024-49915, CVE-2024-49917, CVE-2024-49925, CVE-2024-49929, CVE-2024-49939, CVE-2024-49951, CVE-2024-49994, CVE-2024-49996, CVE-2024-50014, CVE-2024-50047, CVE-2024-50055, CVE-2024-50121, CVE-2024-50146, CVE-2024-50164, CVE-2024-50248, CVE-2024-50258, CVE-2024-50275, CVE-2024-50304, CVE-2024-53099, CVE-2024-53105, CVE-2024-53124, CVE-2024-53125, CVE-2024-53128, CVE-2024-53141, CVE-2024-53142, CVE-2024-53164, CVE-2024-53170, CVE-2024-53229, CVE-2024-53240, CVE-2024-53241, CVE-2024-53685, CVE-2024-56551, CVE-2024-56582, CVE-2024-56599, CVE-2024-56608, CVE-2024-56631, CVE-2024-56664, CVE-2024-56703, CVE-2024-56709, CVE-2024-56715, CVE-2024-56718, CVE-2024-56759, CVE-2024-57887, CVE-2024-57892, CVE-2024-57907) (Bug #57930, Bug #57948)
nvidia-graphics-drivers (CVE-2024-0126) (Bug #57925)
openjpeg2 (CVE-2021-3575, CVE-2023-39327, CVE-2024-56826, CVE-2024-56827) (Bug #57928)
python-tornado (CVE-2023-28370, CVE-2024-52804) (Bug #57918)
python-urllib3 (CVE-2023-43804, CVE-2023-45803, CVE-2024-37891) (Bug #57931)
python3.11 (CVE-2023-27043, CVE-2024-11168, CVE-2024-6923, CVE-2024-7592, CVE-2024-9287) (Bug #57915)
qemu (CVE-2024-7409) (Bug #57922)
rsync (CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747) (Bug #57932)
setuptools (CVE-2024-6345) (Bug #57917)
tiff (CVE-2023-25433, CVE-2023-26965, CVE-2023-26966, CVE-2023-2908, CVE-2023-3618, CVE-2023-52356, CVE-2024-7006) (Bug #57921)
util-linux (CVE-2024-28085) (Bug #57929)
xen (CVE-2023-28746, CVE-2023-46841, CVE-2023-46842, CVE-2024-2193, CVE-2024-2201, CVE-2024-31142, CVE-2024-31143, CVE-2024-31145, CVE-2024-31146, CVE-2024-45817, CVE-2024-45818, CVE-2024-45819) (Bug #57912)
Univention Corporate Server 5.2-1 includes the following updated packages from Debian 12:
emacs xorg-server base-files criu debootstrap espeak-ng nfs-utils systemd tzdata ucf allow-html-temp ansible-core audiofile bochs cacti chromium cpuinfo debian-installer debian-installer-netboot-images debian-security-support dnsmasqg dpdkg eas4tbsyncg fastnetmong geoclue-2.0g git-lfsg grml-rescuebootg gst-plugins-base1.0g gst-plugins-good1.0g gstreamer1.0g gunicorng icinga2g lemonldap-ngg libebmlg libpgjavag libreofficeg libxstream-javag live-bootg llvm-toolchain-19g lxcg mailmindrg nvidia-open-gpu-kernel-modulesg oarg openafsg openh264g openjdk-17g openscg pam-pkcs11g pam-u2fg pdns-recursorg pgtclg pocog prometheus-node-exporter-collectorsg pypy3g python-asyncsshg python-werkzeugg quicktextg redisg renderdocg ruby-doorkeeperg snapcastg sqlparseg srtg tangog tbsyncg texlive-bing thunderbirdg tomcat10g webkit2gtkg xsaneg zfs-linuxg zookeeperg
Univention Management Console#
User management#
Added the Message-ID header to emails sent through Self Service to prevent rejection by certain email providers (Bug #57512).
Software deployment#
Fixed the link to the 5.2 changelog for the pre-update check (Bug #57973).
System services#
SAML#
Fixed an issue that causes
univention-keycloakto crash on system that were not running UCR (Bug #57964).Fixed the link to the 5.2 changelog in
univention-keycloak-migration-status(Bug #57973).
Proxy services#
You can now manually configure the squid cache settings. Any value other than
ufsin the UCR variablesquid/cache/formatdeactivates the cache configuration insquid.conf. You can add a custom squid cache configuration to the/etc/squid/local.conffile (Bug #57775).