Difference between revisions of "Zimbra Releases/8.8.10/P7"

(- updated CVE-2019-6980 to 5.4 after discussions)
m (8.8.10 Patch 7 Packages)
 
Line 90: Line 90:
 
  '''Package Name'''                  '''Version'''
 
  '''Package Name'''                  '''Version'''
 
  FOSS:
 
  FOSS:
  zimbra-patch              ->  8.8.10.1551121351.p7-1
+
  zimbra-patch              ->  8.8.10.1552045069.p7-1
 
  zimbra-chat              ->  2.0.2.1546498111-1
 
  zimbra-chat              ->  2.0.2.1546498111-1
 
  zimbra-common-core-jar    ->  8.8.10.1550743009-1
 
  zimbra-common-core-jar    ->  8.8.10.1550743009-1
  zimbra-mbox-webclient-war ->  8.8.10.1550576405-1
+
  zimbra-mbox-webclient-war ->  8.8.10.1552042405-1
 
  zimbra-network-store      ->  8.8.10.1542096286-1
 
  zimbra-network-store      ->  8.8.10.1542096286-1
 
  zimbra-ldap-components    ->  1.0.2-1zimbra8.7b1
 
  zimbra-ldap-components    ->  1.0.2-1zimbra8.7b1
Line 100: Line 100:
 
   
 
   
 
  NETWORK:
 
  NETWORK:
  zimbra-patch              ->  8.8.10.1551121351.p7-2
+
  zimbra-patch              ->  8.8.10.1552045069.p7-2
 
  zimbra-network-modules-ng ->  3.0.7.1550249955-1
 
  zimbra-network-modules-ng ->  3.0.7.1550249955-1
 
  zimbra-docs              ->  2.0.2.1542045176-1
 
  zimbra-docs              ->  2.0.2.1542045176-1

Latest revision as of 19:05, 8 March 2019

Zimbra Collaboration 8.8.10 Patch 7 GA Release

Check out the "Security Fixes","Fixed Issues", "Zimbra NG Changelog" for this version of Zimbra Collaboration. Please refer "Patch Installation" section for Patch Installation instructions. Also, check "Nginx Bug Fix" for the recent Nginx bug fix. As always, you’re encouraged to tell us what you think in the Forums, or open a support ticket to report issues.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
109097 Insecure object deserialization - IMAP [CWE-502] CVE-2019-6980 5.4 Major 8.8.10 Patch 7

Software changes

Fixed Issues

  • Fixed an issue with viewing HTML emails in chrome 73
  • Fixed login issue in ajax client on Edge 44 browser
  • zimbraMtaBlockedExtension is now working when sending a file with trailing spaces

Zimbra NG Changelog

Admin Zimlet:
  • Fixed error handling in the restore wizard if the date is not correct
Mobile:
  • Fixed appointment syncing between android devices and Zimbra account which previously shifted by 1 hour
Backup:
  • Fixed restore operation when target account does not exists
Drive Zimlet:
  • Items remains selected after changing view
Drive Server:
  • Fixed inconsistent data in Drive share cluster service

Patch Installation

Note on fixes in this Patch: Please read this section before proceeding with Patch7 installation.

  • This patch includes fixes on MTA.
  • Latest core packages can be installed by installing zimbra-patch package.
  • MTA patch is add on package, it should be installed only on MTA node and version can be checked with "zmcontrol -v". Command will show version as 'Patch 8.8.10_P7 mta'.
  • If MTA services are on mailbox node, admin can install mta patch first and then zimbra-patch. In this case, "zmcontrol -v" would show version as 'Patch 8.8.10_P7'.

Before Installing the Patch

Before installing the patch, consider the following:

  • Patches are cumulative.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to user zimbra before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
  • Important Note for ZCS Setup with Local ZCS repository: Customers who have setup local ZCS repository should first update the local repository by following instructions in wiki

Install the Patch

  • Please make note that, installing zimbra-patch package only updates the Zimbra core packages.

8.8.10 Patch 7 Packages

Below are the latest available packages:

Package Name                  Version
FOSS:
zimbra-patch              ->  8.8.10.1552045069.p7-1
zimbra-chat               ->  2.0.2.1546498111-1
zimbra-common-core-jar    ->  8.8.10.1550743009-1
zimbra-mbox-webclient-war ->  8.8.10.1552042405-1
zimbra-network-store      ->  8.8.10.1542096286-1
zimbra-ldap-components    ->  1.0.2-1zimbra8.7b1
zimbra-drive              ->  1.0.12.1542291479
zimbra-mta-patch          ->  8.8.10.1551121351.p7

NETWORK:
zimbra-patch              ->  8.8.10.1552045069.p7-2
zimbra-network-modules-ng ->  3.0.7.1550249955-1
zimbra-docs               ->  2.0.2.1542045176-1
zimbra-talk               ->  3.0.3.1540571542-1
zimbra-drive-ng           ->  1.0.3.1548323480-1

Please refer below steps for 8.8.10 Patch 7 installation on Redhat and Ubuntu platforms:

Redhat

1. Installing zimbra packages individually

Install/Upgrade zimbra-mta-patch on MTA node for FOSS and NETWORK

  • As root. Type below command
yum clean metadata 
yum check-update 
yum install zimbra-mta-patch
  • Restart amavisd as zimbra user
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type below command:
yum clean metadata 
yum check-update 
yum install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Install/Upgrade zimbra-chat for FOSS

  • As root, Type below command.
yum install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • As root, Type below command.
yum clean metadata 
yum check-update 
yum install zimbra-network-modules-ng
yum install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-docs (NETWORK Only)

  • As root, Type below command.
yum install zimbra-docs
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-drive-ng (Beta) (NETWORK Only)
After installing zimbra-drive-ng package on machine already having old drive, we can see two tabs with same name "Drive" corresponding to open drive and latest drive. This is known issue and we are working on it.

  • As root, Type below command.
yum install zimbra-drive-ng
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart
zxsuite config global set attribute isDriveEnabledOnStartup value true
zxsuite drive doStartService module

Upgrade OpenLDAP on LDAP node for FOSS and NETWORK

  • As root. Type below command:
yum install zimbra-ldap-components
  • Restart ldap as zimbra user
su - zimbra
ldap restart

2. Installing zimbra packages with system package upgrades

  • As root, type below command to clear yum cache
yum clean metadata
  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 8810 patch repository
yum check-update
  • As root, type below command to update most available packages.
yum update
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Ubuntu

1. Installing zimbra packages individually

Install/Upgrade zimbra-mta-patch on MTA node for FOSS and NETWORK

  • As root. Type below command
apt-get update
apt-get install zimbra-mta-patch
  • Restart amavisd as zimbra user
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type below command:
apt-get update
apt-get install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Install/Upgrade zimbra-chat for FOSS

  • As root, Type below command.
apt-get install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart

Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • As root. Type below command.
apt-get update
apt-get install zimbra-network-modules-ng
apt-get install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-docs (NETWORK Only)

  • As root, Type below command.
apt-get install zimbra-docs
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-drive-ng (Beta) (NETWORK Only)
After installing zimbra-drive-ng package on machine already having open drive, we can see two tabs with same name "Drive" corresponding to open drive and latest drive. This is known issue and we are working on it.

  • As root, Type below command.
apt-get install zimbra-drive-ng
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart
zxsuite config global set attribute isDriveEnabledOnStartup value true
zxsuite drive doStartService module

Upgrade OpenLDAP on LDAP node for FOSS and NETWORK

  • As root. Type below command:
apt-get install zimbra-ldap-components
  • Restart ldap as zimbra user
su - zimbra
ldap restart

2. Installing zimbra packages with system package upgrades

  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 889 patch repository
apt-get update
  • As root, type below command to update most available packages
apt-get upgrade

OR

  • As root, type below command to update all available packages plus any kernel updates.
apt-get dist-upgrade
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Nginx Bug Fix

We have fixed critical Proxy/Nginx bug where Proxy does not failover correctly in certain conditions. This fix is in zimbra-nginx package which is not available with this Patch installation. To get latest zimbra-nginx package, please follow steps from wiki https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.11/nginx_hotfix
Jump to: navigation, search