Difference between revisions of "Zimbra Releases/8.7.11/P11"

m
m
Line 72: Line 72:
 
* d. ZCS must be restarted to changes to take effect. Type
 
* d. ZCS must be restarted to changes to take effect. Type
 
  zmcontrol restart
 
  zmcontrol restart
 
Please refer below steps for zimbra-chat package installation on Redhat and Ubuntu platforms:
 
 
===Redhat===
 
<div id="install">
 
'''Install/Upgrade zimbra-chat on mailstore node for FOSS and NETWORK'''
 
* As root, Type below command.
 
yum clean metadata
 
yum check-update
 
yum install zimbra-chat
 
* Switch to user zimbra
 
su – zimbra
 
* Zimbra mailbox service must be restarted to changes to take effect. Type below command:
 
zmmailboxdctl restart
 
</div>
 
 
=== Ubuntu ===
 
'''Install/Upgrade zimbra-chat on mailstore node for FOSS and NETWORK'''
 
* As root, Type below command.
 
apt-get update
 
apt-get install zimbra-chat
 
* Switch to user zimbra
 
su – zimbra
 
* Zimbra mailbox service must be restarted to changes to take effect. Type
 
zmmailboxdctl restart
 
  
 
'''Note:''' For users who have the web-client open and are running the FOSS edition, the refresh notice might state that you have changed to the NETWORK Edition; however, your feature set will remain FOSS only.
 
'''Note:''' For users who have the web-client open and are running the FOSS edition, the refresh notice might state that you have changed to the NETWORK Edition; however, your feature set will remain FOSS only.

Revision as of 12:23, 12 April 2019

Zimbra Collaboration 8.7.11 Patch 11 GA Release

Check out the "Security Fixes" and "Software changes" for this version of Zimbra Collaboration below.As always, you’re encouraged to tell us what you think in the Forum, or open a support ticket.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
109129 Insecure object deserialization - IMAP [CWE-502] CVE-2019-6981 5.4 Major 8.7.11 Patch11
109127 SSRF vulnerability - ProxyServlet [CWE-918 / CWE-807] CVE-2019-9621 4.0 Minor 8.6.0 Patch14

Software changes

Fixed Issues

Fixed session time out when deleting mails.
Fixed the CPU usage spike observed when viewing mails.

Before Installing the Patch

Before installing the patch, consider the following:

  • Zimbra Collaboration patches can be found at https://www.zimbra.com/downloads/zimbra-collaboration/
  • Patches are cumulative, and delivered as a TGZ file.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to user zimbra before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.

Install the Patch

Note: This patch should be installed only on all mailbox nodes running in your environment.

1. Before you begin, confirm you have the following:

  • Zimbra Collaboration 8.7.11 GA installed
  • Zimbra Collaboration 8.7.11 Patch 11 TGZ file

2. Copy the patch.tgz file(s) to your server.

3. Install Zimbra Collaboration 8.7.11 Patch 11

  • a. Log in as root and cd to the directory where the tar file is saved. Type
tar xzf zcs-patch-8.7.11_GA_XXX.tgz
cd zcs-patch-8.7.11_GA_XXX
  • b. As root, install the patch. Type
./installPatch.sh
  • c. Switch to user zimbra
su – zimbra
  • d. ZCS must be restarted to changes to take effect. Type
zmcontrol restart
Note: For users who have the web-client open and are running the FOSS edition, the refresh notice might state that you have changed to the NETWORK Edition; however, your feature set will remain FOSS only.
Jump to: navigation, search