EFA 3.0.1.1 Security update released
Posted: 06 May 2016 01:39
We would also like to thank everyone for their support and contributions to this project. 
The following issues have been fixed in 3.0.1.1:
Issue #201 Bug - Deprecated release-msg.cgi (deployed)
Issue #253 Bug - EFA-Backup ssl folder (deployed)
Issue #260 Bug - Header in Apache Settings wrong (deployed)
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn (deployed)
Issue #273 Security - MailWatch Configuration Vulnerability
Issue #274 Bug - Broken menu options in 3.0.1.0
Please review the RELEASENOTES prior to updating for important information:
https://raw.githubusercontent.com/E-F-A ... LEASENOTES
It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.
1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, immediately roll back to snapshot
4) Report failure at https://forum.efa-project.org
The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.1.1
EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.
The following issues have been fixed in 3.0.1.1:
Issue #201 Bug - Deprecated release-msg.cgi (deployed)
Issue #253 Bug - EFA-Backup ssl folder (deployed)
Issue #260 Bug - Header in Apache Settings wrong (deployed)
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn (deployed)
Issue #273 Security - MailWatch Configuration Vulnerability
Issue #274 Bug - Broken menu options in 3.0.1.0
Please review the RELEASENOTES prior to updating for important information:
https://raw.githubusercontent.com/E-F-A ... LEASENOTES
It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.
1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, immediately roll back to snapshot
4) Report failure at https://forum.efa-project.org
Code: Select all
sudo /usr/local/sbin/EFA-Update -check
sudo /usr/local/sbin/EFA-Update -update
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.1.1
EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.