Univention Corporate Server (UCS) 5.0-7, the seventh patch-level release for Univention Corporate Server (UCS) 5.0, is now available. It encompasses all errata, bug fixes, and security updates released since version 5.0-6, including updates for OpenSSH, MariaDB, and the Linux kernel. Additionally, an exciting new feature has been introduced: the blocking of previously used values in UDM.
UCS 5.0-7 is available for update in the “Software Update” module and can be downloaded from our download area.
Table of Contents
Blocklist for UDM
A new feature in UCS is “blocklists” for the Univention Directory Manager (UDM). This feature allows UDM to block previously used values for specific attributes. One possible use case would be preventing the unintentional reuse of an email address, which could potentially lead to one user accessing another user’s emails: a user had the email address “smith@company.com,” then leaves the company, and their account is deleted. Shortly after, a new user “smith” is created. Now, UDM can prevent the creation because “smith@company.com” would be used as the email address again.
Blocking old email addresses occurs automatically when the feature is activated (it is initially deactivated) and the corresponding blocklists are created. The blocklists can also be managed with a UMC module.
The feature is documented here.
Further Package Updates
We have brought 29 security updates from Debian to UCS, as well as over 50 updates for Univention’s own packages. This includes support for special characters for certain objects in UDM, such as the “+” in the name of a container, which previously caused problems in the AD connector. Additionally, we have resolved issues with DNS lookups in the system setup, and in the Fetchmail integration, the configuration file creation has been made significantly more stable.
We have increased the robustness and speed of joining new UCS systems to a domain with updates in the Samba4 connector, LDAP replication, and the Univention Directory Listener. Particularly, large environments should benefit from these changes. Additionally, the initial steps have been taken to make our packages “Kubernetes-ready”. Aspects such as logging or database connections need to be handled differently in various environments.
Patchlevel Releases every three months
UCS 5.0-7 can now be deployed, while we will continue to provide security updates for UCS 5.0-6 for another 12 weeks. However, administrators of UCS 5.0-5 should update now as we have discontinued maintenance for this release.
The next patch-level release – UCS 5.0-8 – will be released in early to mid-June 2024.
More information can also be found in our release notes and in our help article on installation.