User contributions for Plobbes
24 May 2017
- 19:5519:55, 24 May 2017 diff hist +141 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Stephan Kaag for 8.7.10 bug 107878 XSS
- 19:5019:50, 24 May 2017 diff hist +364 Zimbra Security Advisories Add details for CVE-2017-8783 (bug 107878) Persistent XSS [CWE-79] fixed in 8.7.10
- 19:3019:30, 24 May 2017 diff hist +190 Zimbra Releases/8.7.10 Moved security fixes to their own section
19 May 2017
- 13:3813:38, 19 May 2017 diff hist +63 m Zimbra Security Advisories add link for CVE-2016-3403
11 May 2017
- 19:5319:53, 11 May 2017 diff hist −19 m Zimbra Releases/8.6 Patch 8 Note: CVE-2015-6542 is being marked as a reservation duplicate of CVE-2016-3403 by Mitre.
- 19:5119:51, 11 May 2017 diff hist −21 m Zimbra Security Advisories Note: CVE-2015-6542 is being marked as a reservation duplicate of CVE-2016-3403 by Mitre.
4 May 2017
- 19:2519:25, 4 May 2017 diff hist +63 m Zimbra Security Advisories No edit summary
30 March 2017
- 21:1021:10, 30 March 2017 diff hist 0 m Zimbra Security Advisories No edit summary
- 21:0621:06, 30 March 2017 diff hist +1,550 Security Center added note on CVE-2017-6813 and CVE-2017-6821 fixed in 8.7.6
- 20:5120:51, 30 March 2017 diff hist +728 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: added CVE-2017-6813 and CVE-2017-6821 fixed in 8.7.6
28 March 2017
- 14:5714:57, 28 March 2017 diff hist +34 Zimbra Releases/8.7.1 Add details for CVE-2017-7288 Persistent XSS [CWE-79] in Security Fixes
- 14:5314:53, 28 March 2017 diff hist +12 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories
27 March 2017
- 21:0521:05, 27 March 2017 diff hist +97 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Sammy Forgit for 8.7.1 bug 106612 XSS
- 21:0421:04, 27 March 2017 diff hist +326 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: 8.7.1 add 106612 - Sammy Forgit
1 March 2017
- 20:3820:38, 1 March 2017 diff hist +1,288 Security Center added note on limited XXE in ZCS < 8.7.4 (CVE-2016-9924)
- 20:2420:24, 1 March 2017 diff hist +330 Zimbra Security Advisories added bug 106811 - XXE CWE-611 fixed in 8.7.4 - credit to Alastair Gray
1 February 2017
- 04:2904:29, 1 February 2017 diff hist −10 Zimbra Security Advisories add/show CWE-674 description for bug 102029 →Zimbra Collaboration - Security Vulnerability Advisories
- 04:2304:23, 1 February 2017 diff hist −10 Zimbra Security Advisories Added CSRF [CWE-502] description for 8.6.0 Patch8 fixes →Zimbra Collaboration - Security Vulnerability Advisories
- 04:0404:04, 1 February 2017 diff hist +80 Zimbra Security Advisories 8.6.0 Patch8 updates →Zimbra Collaboration - Security Vulnerability Advisories
30 January 2017
- 20:5320:53, 30 January 2017 diff hist +530 Security/Collab Added a brief explanation on JSESSIONID sometimes appearing in a URL
25 January 2017
- 22:0322:03, 25 January 2017 diff hist +886 Sudoers updates for 8.5 current
- 21:4921:49, 25 January 2017 diff hist +12 m Security/Collab No edit summary
- 21:4621:46, 25 January 2017 diff hist +1,054 Security/Collab added - explain the relationship between the '''UNIX user/group''' '''zimbra''' and '''root'''
18 January 2017
- 22:1322:13, 18 January 2017 diff hist +494 Security/Collab added note on Cookies JSESSIONID and ZM_AUTH_TOKEN / bug 91298
12 January 2017
- 02:0202:02, 12 January 2017 diff hist +1,591 Security Center add note on CVE-2016-3403 (bug 100899 / bug 100885) public disclosure
6 January 2017
- 18:2918:29, 6 January 2017 diff hist +88 m Zimbra Security Advisories Updates for bugs: added 100885, which is a dup of 100899 (CSRF in Admin console); Fix CVSS score 6.8 => 5.8; Covers CVE-2015-6542 as well as CVE-2016-3403
12 December 2016
- 16:0716:07, 12 December 2016 diff hist +33 m Zimbra Security Center Acknowledgements No edit summary
1 December 2016
- 22:0322:03, 1 December 2016 diff hist +54 Zimbra Security Center Acknowledgements added Mohit Rawat
- 21:3021:30, 1 December 2016 diff hist +79 Zimbra Security Center Acknowledgements added ANAS LAABAB
15 November 2016
- 20:5120:51, 15 November 2016 diff hist +48 m Zimbra Security Center Acknowledgements added LinkedIn link for Alastair Gray
- 19:2019:20, 15 November 2016 diff hist +49 Zimbra Security Center Acknowledgements No edit summary
7 September 2016
- 21:2221:22, 7 September 2016 diff hist −26 m Security Center Update text referencing the security center.
- 21:1721:17, 7 September 2016 diff hist −293 Reporting Security Issues Some content updates, but also refer more things over to the updated Security Center. current
- 20:5020:50, 7 September 2016 diff hist +54 m Reporting Vulnerabilities to Zimbra →3. Support Case: added a note about emailing support
1 September 2016
- 01:0501:05, 1 September 2016 diff hist +36 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add url for Akash Saxena
30 August 2016
- 03:4503:45, 30 August 2016 diff hist +56 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add Akash Saxena
15 July 2016
- 05:3305:33, 15 July 2016 diff hist −86 Zimbra Security Advisories add generic xss and csrf description in summary
9 July 2016
- 06:1406:14, 9 July 2016 diff hist +4,100 Zimbra Security Advisories link scores to nist calculator, other minor updates
8 July 2016
- 05:3005:30, 8 July 2016 diff hist +5,550 Zimbra Security Advisories Updates for ZCS 8.7.0 release and other whitespace cleanup along with a few CWE references
- 04:3404:34, 8 July 2016 diff hist +120 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Nam Habach and Netragard
- 03:5303:53, 8 July 2016 diff hist +55 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add Peter Nguyen
23 June 2016
- 03:1903:19, 23 June 2016 diff hist +2,036 Security Center add note on ransomware targeting ZCS
17 June 2016
- 12:4312:43, 17 June 2016 diff hist +77 Zimbra Security Center Acknowledgements added Kevin Michael Joensen from secu.dk
14 June 2016
- 18:4118:41, 14 June 2016 diff hist +3,275 Security Center Workaround for CVE-2016-2107
20 May 2016
- 19:5919:59, 20 May 2016 diff hist +136 Security Center add a link to Security/Collab to make that content slightly more discoverable
2 May 2016
- 19:2919:29, 2 May 2016 diff hist +76 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements
1 April 2016
- 01:3801:38, 1 April 2016 diff hist +9 SecureConfiguration →Undesirable Content: add docm and rar
25 March 2016
- 18:4218:42, 25 March 2016 diff hist +51 Ports →Internal Access
- 16:5316:53, 25 March 2016 diff hist +11 m Ports →System Access and Intra-Node Communication
- 16:3816:38, 25 March 2016 diff hist +89 m Ports →System Access and Intra-Node Communication: add link for zimbraAttachmentsScanURL
- 14:5114:51, 25 March 2016 diff hist +106 Ports →System Access and Intra-Node Communication
- 14:4314:43, 25 March 2016 diff hist +540 Ports lots of updates adding references to config keys and interfaces bound to by default
- 13:1013:10, 25 March 2016 diff hist +47 Ports →Intra-Node Communication
- 13:0513:05, 25 March 2016 diff hist +90 Ports →Intra-Node Communication: add DNS
- 00:2200:22, 25 March 2016 diff hist +56 Ports →Intra-Node Communication
- 00:1800:18, 25 March 2016 diff hist +48 Ports →Internal Access
- 00:0900:09, 25 March 2016 diff hist −2 Ports →Intra-Node Communication
24 March 2016
- 20:5820:58, 24 March 2016 diff hist +85 Ports →Intra-Node Communication
- 20:5320:53, 24 March 2016 diff hist +55 Ports →Intra-Node Communication
- 20:4520:45, 24 March 2016 diff hist +1,122 Ports →Default Ports Used by Zimbra: added WIP IntraNode Communication section
8 March 2016
- 17:2417:24, 8 March 2016 diff hist +138 Performance Tuning Guidelines for Large Deployments No edit summary
- 15:3915:39, 8 March 2016 diff hist +132 SecureConfiguration →End-to-End Encryption
- 04:3804:38, 8 March 2016 diff hist +29 Zimbra Security Center Acknowledgements No edit summary
- 04:2904:29, 8 March 2016 diff hist +51 Zimbra Security Center Acknowledgements No edit summary
3 March 2016
- 15:2415:24, 3 March 2016 diff hist +1 How to obtain an A+ in the Qualys SSL Labs Security Test No edit summary
1 March 2016
- 21:3421:34, 1 March 2016 diff hist 0 m Security Center No edit summary
- 21:2721:27, 1 March 2016 diff hist +1,368 Security Center Added quick note on DROWN / CVE-2016-0800
25 February 2016
- 18:1518:15, 25 February 2016 diff hist +22 Zimbra Security Advisories updates for 83547
18 February 2016
- 19:4219:42, 18 February 2016 diff hist +89 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements
- 14:3214:32, 18 February 2016 diff hist +583 Security/Collab →Odds and Ends: add note on OS patches
12 February 2016
- 20:2920:29, 12 February 2016 diff hist −344 Anti-spam Strategies removed 'untested rbl' listing, fixed a few minor typos and made some changes for consistency
- 20:0820:08, 12 February 2016 diff hist −274 Anti-spam Strategies formatting cleanup, prefer https over http where possible
- 17:2417:24, 12 February 2016 diff hist +110 SecureConfiguration →Undesirable Content: add link to anti spam strategies page
11 February 2016
- 14:5414:54, 11 February 2016 diff hist +70 m SecureConfiguration →Undesirable Content
- 14:3714:37, 11 February 2016 diff hist +347 SecureConfiguration Added Undesirable Content section
9 February 2016
- 21:2121:21, 9 February 2016 diff hist −502 Zimbra Outlook PST Import Wizard Tips updated really outdated 'ram requirement' memory tuning info to point to the perf tuning guide instead current
8 February 2016
- 22:1022:10, 8 February 2016 diff hist +464 Security/Collab Perhaps the start of a pseudo faq?
- 20:4720:47, 8 February 2016 diff hist −1 m Authentication/OpenIDConsumer sync w/8.7 current
5 February 2016
- 21:0721:07, 5 February 2016 diff hist −721 How to obtain an A+ in the Qualys SSL Labs Security Test update info as it relates to 8.7 and update language/wording
- 18:5918:59, 5 February 2016 diff hist +258 SecureConfiguration migrated external ldap authentication from TLS/STARTTLS localconfig values page
- 18:5618:56, 5 February 2016 diff hist −628 TLS/STARTTLS Localconfig Values moved related external auth settings to SecureConfiguration / best practices page current
- 18:5318:53, 5 February 2016 diff hist −50 SecureConfiguration →End-to-End Encryption: update working use inline links
- 18:4918:49, 5 February 2016 diff hist +181 SecureConfiguration reorder items a little and reorganize a bit along with some wording changes
- 18:2318:23, 5 February 2016 diff hist +491 TLS/STARTTLS Localconfig Values added History section, reformatted, updated descriptions and headings too
- 16:1816:18, 5 February 2016 diff hist +1,069 Administration Console and CLI Certificate Tools →ZCS Administration Console Certificates Tools: added notes on CN and subjectAltName usage
- 15:3615:36, 5 February 2016 diff hist +9 Administration Console and CLI Certificate Tools →ZCS Administration Console Certificates Tools
- 15:3415:34, 5 February 2016 diff hist +144 m Administration Console and CLI Certificate Tools minor cleanup to match latest zmcertmgr docs for 8.7, remove a level of headers too
- 14:5414:54, 5 February 2016 diff hist −2 m SecureConfiguration No edit summary
- 05:5305:53, 5 February 2016 diff hist +924 Administration Console and CLI Certificate Tools Updates for zmcertmgr rewrite in 8.7 and no longer running as root; cleanup usage table and other minor typos
3 February 2016
- 21:5021:50, 3 February 2016 diff hist +322 Security Center No edit summary
2 February 2016
- 18:4718:47, 2 February 2016 diff hist −76 Building Zimbra using Git Remove ZimbraME reference
1 February 2016
- 20:5920:59, 1 February 2016 diff hist +67 Zimbra Security Center Acknowledgements An update for 2015
- 20:5920:59, 1 February 2016 diff hist +75 Zimbra Security Advisories Additional details made public along with a few other reporter updates
12 January 2016
- 16:5916:59, 12 January 2016 diff hist +23 Zimbra Security Center Acknowledgements No edit summary
11 January 2016
- 22:1122:11, 11 January 2016 diff hist +20 Zimbra Security Center Acknowledgements No edit summary
- 02:5002:50, 11 January 2016 diff hist +68 Zimbra Security Center Acknowledgements No edit summary
8 January 2016
- 15:4215:42, 8 January 2016 diff hist +134 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements
7 January 2016
- 14:5314:53, 7 January 2016 diff hist +56 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements
24 December 2015
- 05:1405:14, 24 December 2015 diff hist +95 m Security Center minor wording update, and add a direct link to security advisories page
- 05:0705:07, 24 December 2015 diff hist +1,334 Security Center added ZCS 8.6.0 Patch 5 entry