Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

Livesearch
spaceKeyWIKI
sizelarge
placeholderSearch for information

 

 

 


Upgrading to Kopano Groupware Core 8.5.

7

8 - containing important security fix

An new version of Kopano Groupware Core, 8.5.7 8 is released on April 19th, which contains a resolution for two vulnerabilities, and updating requires some extra attention, as the update is not a regular one, it can require some extra steps to upgrade your installation from any previous version to this new release.

About the issues
These issues were discovered while investigating a report by a customer that a server became slower after an upgrade. Our developers discovered that the issue was caused by an unexpectedly large number of items in one of the database tables (the 'names' table). Further investigation made clear that this is a vulnerability which in some cases has a small chance to cause a corruption or data loss in the Kopano Server database. These vulnerabilities have been identified in all previous versions of the software, going back even before the 8.0 release (pre-Kopano).

Aside from the fixing of the issue in question, the discovery led to the registration of vulnerability identifiers. The vulnerabilities have been identified as CVE-2018-8950 and CVE-2018-8951. Note that these vulnerabilities have not yet been published - but will be soon after the release of the version that contains the fix.

Applying the fix
This new release resolves the issue in code, but it also requires a database schema change. In some cases, this database schema can not be applied because the Kopano Server has found unexpected entries in the names table. This needs to be resolved with the new kopano-dbadm utility (built specifically to resolve this issue). We strongly recommend you to create a dump of the database before applying the fix (sqldump).

While applying the fix with kopano-dbadm can take some time in larger environments, you can also 'ignore' the schema upgrade by starting the Kopano Server with a special flag. If you choose to do so, we recommend to plan running the script to fix the issue as soon as possible in order to prevent future corruption of data.

More information

More information about the upgrade and fixes can be found here:





Installation

Children Display
depth1
pageInstallation
sortcreation
reversetrue

Migration

Children Display
depth2
pageMigration and import
sorttitle

Integration

Children Display
depth2
pageIntegration
sorttitle

Troubleshooting and debugging

Children Display
depth2
pageTroubleshooting and debugging
sorttitle

Client Configuration

Children Display
depth2
pageClient Configuration
sorttitle

Tuning

Children Display
depth2
pageTuning

General Info

Children Display
depth2
pageGeneral Info
sorttitle

Scripts and Tools

Children Display
depth2
pageScripts and Tools
sorttitle

 How-to articles

Children Display
depth2
pageHow-to articles
sorttitle

HideElements
metastrue
commentstrue
childpagestrue
watchtrue
likestrue