This Up2Date improves the support for the upcoming Astaro Command Center V1, improves the report generator and fixes a string vulnerability in “ez-ipupdate”. It also contains a fixes for rare issues with antispam and DSL connections (PPPoA). If you plan to monitor or manage your ASG V5 device with ACC you should install this Up2Date to be prepared 🙂 Up2Date 5.212 Remarks Required previous version is 5.211 Existing configuration will not be changed Middleware will be restarted Active IP and VPN connections will be restarted Depending on the speed of the CPU the Up2Date installation will take a few minutes New/Changed/Improved Improved Support for upcoming Astaro Command Center V1 Improved report generator when using uninitialized values Fixed ez-ipupdate format string vulnerability Bugfix (please refer to the known issue list on http://www.astaro.com/kb ) ID1831 PPPoA daemon not terminated correctly ID3750 Spamassassin may fill up root partition Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version
[Middle] Up2Date 6.101
Urgency: Middle (low, Middle, HIGH) Size: 44 Mbyte (44,469,614 bytes) md5sum: 6205b73271e989913e11ca453b79f2aa Up2Date 6.101 Remarks Required previous version is 6.100 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Improved SurfProtection communication to URL database Updated Device Agent for Command Center Disabled SSLv2 Cipher Suite for WebAdmin (possible vulnerability) Bugfixes (please refer to the LIST OF KNOWN ISSUES on http://www.astaro.com/kb ) ID3090 Cannot delete VLAN interface when using alias ID3162 Issue on AV engine page with certain licenses ID3169 Autogenerated IPSec key objects with DN as VPN ID do not work ID3170 VPN subsystem may crash when using many roadwarriors ID3195 Download manager fails on certain downloads ID3207 Some VPN tunnels fail to come up automatically ID3213 L2TP authentication does not work with '#' symbol in the password ID3219 Java Applet errors with HTTP Proxy ID3220 LDAP port resets to default 389 Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date. An extra browser window will show the progress of the Up2Date process and the System Administrator will receive a notification email once the Up2Date process has finished successfully
[Middle] Up2Date 6.100
Urgency: Middle (low, Middle, HIGH) Size: 83 Mbyte (83,387,607 bytes) md5sum: ec5c84cc48165558ca06e8b6d585ee69 Up2Date 6.100 Remarks Required previous version is 6.004 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Improved Virus Protection – Added ClamAV as a second software Anti-Virus engine – Added Sensory as a hardware based Anti-Virus scan engine (for Astaro Security Gateway appliances only) Improved Spam Protection – Added User Spam Releasing feature in Daily Spam Digest – Added email scanning based on URL filtering – Added real time anti spam pattern Integrated manuals into WebAdmin – Added possibility to view manuals directly in WebAdmin Added support for Command Center – a new centralized tool for monitoring and administration Bugfix (please refer to the LIST OF KNOWN ISSUES on http://www.astaro.com/kb ) ID2743 Daily Spam Digest not correctly calculated ID2857 Adding rules to large packetfilter rulesets ID2981 HA interface is selectable as member of the bridge ID3016 Service definitions in policy routing not updated ID3024 No dots in NT domain names allowed ID3053 L2TP login fails with special password ID3057 Timebased packetfilter does not interrupt exiting connections ID3116 HA Heartbeat is dropped by snort Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date
[Middle] Up2Date 4.028
Urgency: Middle (low, Middle, HIGH) Size: 7MB (7,555,524 byte) md5sum: d45678cb7429b80952a1c2c374954053 Up2Date 4.028 Remarks Required previous version is 4.027 Existing configuration will not be change !!! ATTENTION – FIREWALL WILL REBOOT AFTER UP2DATE !!! New/Changed/Improved PPTP Remote DoS Vulnerability fixed Bugfixes ID0390 Do not delete last interface ID0604 Delete service groups remain in system ID0554 Wrong keys show up when editing IPsec connections D ownload Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version.
[Middle] Up2Date 6.002
Urgency: Middle (low, Middle, HIGH) Size: 29MB (29,724,836 bytes) md5sum: 8a98b4101826fe6281af6faacf069ffe Up2Date 6.002 Remarks Required previous version is 6.001 Existing configuration will not be changed Middleware will be restarted Active IP and VPN connections will be restarted Depending on the speed of the CPU the Up2Date installation will take a few minutes Bugfix (please refer to the LIST OF KNOWN ISSUES on http://www.astaro.com/kb ) ID2090 Windows Update does not work with NTLM authentication ID2802 Some reports stop working after deleting local logfiles ID2849 IPsec policies with DH/PFS group X 4096 don't work ID2870 LDAP authentication does not work in a special case ID2874 Factory Reset may not work correctly on slow machines ID2883 PPP Modem disconnect not properly detected ID2917 Problems using PPPoE interfaces with static gateway IP ID2922 IPS cannot be enabled on some firewalls Fix for the “HTTP CONNECT Unauthorized Access Weakness” reported on Bugtraq Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date
[Low] Up2Date 5.204
Urgency: low (low, Middle, HIGH) Size: 38MB (38,841,138 bytes) md5sum: 78e46cd95c9a1388d3a88f6198d6a75b Up2Date 5.204  Remarks Required previous version is 5.203 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Added DHCP Relay option Added TFTP Connection tracking helper Bugfix  (please refer to the known issue list on http://docs.astaro.org ) Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date
Next ASL V6 BETA ISO
Astaro is pleased to announce the availability of the second Astaro Security Linux V6 BETA and invites you to test it! Please check here the detailed first announcement . New eDirectory Support (completed now, including group and container support, HTTP profile assignments based on eDirectory groups) Fixed Reporting not working completely IPsec encryption/hash algorithms incomplete IPsec Connections – Status viewer PPTP/L2TP Roadwarriors using DHCP Server eDirectory support not yet completed NTLM/LDAP/Radius Authentication for HTTP Proxy ASC Config export Lots of small fixes in WebAdmin and backend (all known issue stuff and a lot more…) Changed Redirect for Allowed Networks in Transparent HTTP Proxy Removed most of the debugging code Policy Routing for local services enabled (needs SNAT) Hardware detection – We are highly interested in your feedback about your used hardware!!! Limitations With the provided ISO image there are maybe some limitations (remember: its a BETA 🙂 Please check the Known Issue List (http://docs.astaro.org) before you test ASL V6 BETA! Astaro does not recommend to use ASL V6 BETA in productive environments but for home use. There is no manual for ASL V6 BETA and the Online Help may still contain some gaps. It is possible to import configuration backup files from ASL V5.2X and in the end we will support a config import from ASL V6 BETA into the GA version.
ASL V5.1 available
We are pleased to announce Astaro Security Linux V5.1! Updates/Bugfixes Upgrade to SpamAssassin 3.01 with the following powerful extensions: + Razor2 (online database spam check) + DCC (online database spam check) + SURBL (spam realtime blocklist) Backend bugfixes for backup converter/licensing/logging/reporting Overall system performance increase new kernel with bugfixed conntrack code New Features Additional features for better junk mail control: + Greylisting (Advanced spam blocking method) + BATV reverse path signing (Block virus and spam backscatter) + Checking SPF records (Joe-Job/Phishing protection) SNMP trap support Bandwidth monitoring capabilities with notifications if bandwidth usage exceeds/below defined percentage Improved Proxy Content Manager Daily proxy content manager digest sent by email for every user  Backup files from ASL V5.027 will work on ASL V5.1, backup files from the public BETA will work on the final V5.1 too.
Pre-announcement of ASL V5.100
We are pleased to invite you to test the upcoming public BETA of Astaro Security Linux V5.100 Updates/Bugfixes Upgrade to SpamAssassin 3.01 with the following powerful extensions: + Razor2 (online database spam check) + DCC (online database spam check) + SURBL (spam realtime blocklist) Backend bugfixes for backup converter/licensing/logging/reporting Overall system performance increase New Features Additional features for better junk mail control: + Greylisting (Advanced spam blocking method) + BATV reverse path signing (Block virus and spam backscatter) + Checking SPF records (Joe-Job/Phishing protection) SNMP trap support Bandwidth monitoring capabilities with notifications if bandwidth usage exceeds/below defined percentage Improved Proxy Content Manager Daily proxy content manager digest sent by email for every user We are planning to publish the public BETA ISO image on Friday, November 19th, on our download servers and mirros. It will be announced here.
[Middle] Up2Date 5.027
Urgency: Middle(low, Middle, HIGH) Size:27MB (27,347,507 bytes) md5sum: c57ab1a335b70a8d082d2a14654a24e7 Up2Date 5.027 Remarks Required previous version is 5.026 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Added new kernel with a lot of bugfixes Added extra e100/e1000 drivers with NAPI support (the new intel modules are 'optional' which means they are not used by default.