Attention for Ubuntu 18.04 users: Kernel 4.15.0-60 causes kernel panic

This is a short heads-up for users running their mailcow instance on Ubuntu 18.04: Do NOT upgrade to kernel 4.15.0-60 as of now!

Based on various user reports and more extensive testing this specific kernel release triggers a kernel panic and crashes your server. So far we have been able to figure out, this is related when setting a nameserver in the docker-compose.yml file explicitly (which isn’t new in our code). For some strange reason this commit/hotfix fixes the crashes so far.

You can track the progress for this issue here. However please keep in mind that this is a small warning for our Ubuntu users, as there’s currently no final fix available yet. We’ve also filed a Ubuntu bug report already.

Update on 5th September: The issue was confirmed as a valid kernel bug and is already fixed by the Ubuntu team, see the Launchpad issue here. However, there’s no ETA when the new kernel update will be released.

Update on 11th September: The new fixed kernel image 4.15.0-62.69 was released on 9th September.

Security, security and security

So what happened the last few days and weeks? You guessed it! Some important security updates!

To sum it up:
Critical: There was a dovecot security issue fixed which can lead to private information leakage and remote code execution. Read more here.
– ClamAV got updated to v0.101.4 to address zipbomb vulnerability. Read more here.
– A few XSS vulnerabilities in the mailcow UI were fixed.
– Beside the security fixes there were also more mailserver blacklists and spam rules added to improve spam detection.

An update of your mailcow instances is strongly recommended and should be done as soon as possible. Update is possible as usual by executing the update script.

(Telegram users might be wondering: Yes, this is indeed a cross-post from my Telegram News post a few days arlier.)