Zimbra Releases/8.7.11/P14

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.


Zimbra Collaboration ZCS 8.7.11 Patch 14 GA Release

Check out the Security Fixes, What's New, and Fixed Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
109174 Non-Persistent XSS CWE-79 CVE-2019-12427 4.3 Minor 8.7.11 P14
12356 Upgraded ClamAV to 0.101.4 CVE-2019-12625 - - 8.7.11 P14

What's New

ZCS Make CSS display attribute configurable in OWASP. This will let customers to have better control over the HTML rendering elements.

Fixed Issues

ZCS <img> tags that were being removed following the OWASP upgrade are now retained.
ZCS BCC headers are no longer included in S/MIME Signed emails.
ZCS Updated the timezone information to the latest available at https://www.iana.org/time-zones
ZCS When using 2FA, the LDAP zimbraAppSpecificPassword attribute retained stale records of previous app logins, which could affect Admin Console performance and application login times. Now, only the most recent authentication event is kept.


Patch Installation

Before Installing the Patch

Before installing the patch, consider the following:

  • Zimbra Collaboration patches can be found at https://www.zimbra.com/downloads/zimbra-collaboration/
  • Patches are cumulative and delivered as a TGZ file.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to user zimbra before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.

Install the Patch

Note: This patch should be installed only on all mailbox nodes running in your environment.

1. Before you begin, confirm you have the following:

  • Zimbra Collaboration 8.7.11 GA installed
  • Zimbra Collaboration 8.7.11 Patch 14 TGZ file

2. Copy the patch.tgz file(s) to your server.

3. Install Zimbra Collaboration 8.7.11 Patch 14

  • a. Log in as root and cd to the directory where the tar file is saved. Type
tar xzf zcs-patch-8.7.11_GA_XXX.tgz
cd zcs-patch-8.7.11_GA_XXX
  • b. As root, install the patch. Type
./installPatch.sh
  • c. Switch to user zimbra
su – zimbra
  • d. ZCS must be restarted to changes to take effect. Type
zmcontrol restart

Please refer below steps for zimbra-chat package installation on Redhat and Ubuntu platforms:

Redhat

Install/Upgrade zimbra-chat on mailstore node for FOSS and NETWORK

  • As root, Type below command.
yum clean metadata 
yum check-update 
yum install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart

Install/Upgrade zimbra-mta-components on MTA node for FOSS and NETWORK

  • As root, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata
yum check-update
  • Then install the package:
yum install zimbra-mta-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Ubuntu

Install/Upgrade zimbra-chat on mailstore node for FOSS and NETWORK

  • As root, install package:
apt-get update
apt-get install zimbra-chat
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Install/Upgrade zimbra-mta-components on MTA node for FOSS and NETWORK

  • As root, install package
apt-get install zimbra-mta-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Ubuntu

Install/Upgrade zimbra-chat on mailstore node for FOSS and NETWORK

  • As root, Type below command.
apt-get update
apt-get install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart

Note: For users who have the web-client open and are running the FOSS edition, the refresh notice might state that you have changed to the NETWORK Edition; however, your feature set will remain FOSS only.

Jump to: navigation, search