Zimbra Releases/8.8.11/P4: Difference between revisions

(Created page with "=Zimbra Collaboration 8.8.11 Patch 4 GA Release= <div class="col-md-9"> Check out the '''"Security Fixes"''' and '''"Software Changes"''' for this...")
 
mNo edit summary
Line 22: Line 22:
   <td style="text-align: center; ">4.0</td>
   <td style="text-align: center; ">4.0</td>
   <td style="text-align: center; ">Minor</td>
   <td style="text-align: center; ">Minor</td>
   <td style="text-align: center; ">8.6.0 Patch14</td>
   <td style="text-align: center; ">8.8.11 Patch4</td>
</tr>
</tr>
<tr>
<tr>
Line 30: Line 30:
   <td style="text-align: center; ">4.0</td>
   <td style="text-align: center; ">4.0</td>
   <td style="text-align: center; ">Minor</td>
   <td style="text-align: center; ">Minor</td>
   <td style="text-align: center; ">8.6.0 Patch14</td>
   <td style="text-align: center; ">8.8.11 Patch4</td>
</tr>
</tr>
</table>
</table>

Revision as of 12:55, 12 April 2019

Zimbra Collaboration 8.8.11 Patch 4 GA Release

Check out the "Security Fixes" and "Software Changes" for this version of Zimbra Collaboration below. Please refer "Patch Installation" section for Patch Installation instructions. As always, you’re encouraged to tell us what you think in the Forums, or open a support ticket to report issues.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
109096 Blind SSRF vulnerability - Feed [CWE-918] CVE-2019-6981 4.0 Minor 8.8.11 Patch4
109127 SSRF vulnerability - ProxyServlet [CWE-918 / CWE-807] CVE-2019-9621 4.0 Minor 8.8.11 Patch4

Software changes

Fixed Issues

Fixed the CPU usage spike observed when viewing mails.

Patch Installation

Note on fixes in this Patch: Please read this section before proceeding with Patch4 installation.

  • This patch includes fixes on MTA and Proxy.
  • Latest core packages can be installed by installing zimbra-patch package.
  • As proxy package is add on package, it should be installed only on Proxy node. Zimbra version checked on Proxy node with "zmcontrol -v" command will show version as 'Patch 8.8.11_P4 Proxy'. Similarly, MTA patch is add on package, it should be installed only on MTA node and version can be checked with "zmcontrol -v". Command will show version as 'Patch 8.8.11_P4 mta'.
  • If Proxy/MTA services are on mailbox node, admin can install mta and proxy patches first and then zimbra-patch. In this case, "zmcontrol -v" would show version as 'Patch 8.8.11_P4'.

Before Installing the Patch

Before installing the patch, consider the following:

  • Patches are cumulative.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to user zimbra before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
  • Important Note for ZCS Setup with Local ZCS repository: Customers who have setup local ZCS repository should first update the local repository by following instructions in wiki

Install the Patch

  • Please make note that, installing zimbra-patch package only updates the Zimbra core packages.

8.8.11 Patch 4 Packages

Below are the latest available packages:

Package Name                  Version
FOSS:
zimbra-patch              ->  8.8.11.1554699443.p4-1
zimbra-chat               ->  2.0.2.1546498111-1
zimbra-common-core-jar    ->  8.8.11.1554633662-1
zimbra-proxy-components   ->  1.0.3-1zimbra8.7b1
zimbra-nginx              ->  1.7.1-1zimbra8.7b12
zimbra-mta-patch          ->  8.8.11.1551122329.p3
zimbra-proxy-patch        ->  8.8.11.1550839189.p3
zimbra-mbox-webclient-war ->  8.8.11.1550576235-1
Zimbra-drive              ->  1.0.12.1553795496-1

NETWORK:
zimbra-patch              ->  8.8.11.1554699443.p4-2
zimbra-network-modules-ng ->  4.0.4.1553791753-1
zimbra-zco                ->  8.8.11.1.0.0.1546517612-1
zimbra-docs               ->  3.0.0.1544425929-1
zimbra-drive-ng           ->  1.0.12.1553795496-1
Zimbra-talk               ->  3.0.4.1554991858-1

Please refer below steps for 8.8.11 Patch 4 installation on Redhat and Ubuntu platforms:

Redhat

1. Installing zimbra packages individually

Install/Upgrade zimbra-proxy-components on Proxy node for FOSS and NETWORK

  • As root. Type below command
yum clean metadata 
yum check-update 
yum install zimbra-proxy-components
  • Restart proxy as zimbra user
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-proxy-patch on Proxy node for FOSS and NETWORK

  • As root. Type below command
yum install zimbra-proxy-patch
  • Restart proxy as zimbra user
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade zimbra-mta-patch on MTA node for FOSS and NETWORK

  • As root. Type below command
yum install zimbra-mta-patch
  • Restart amavisd as zimbra user
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type below command:
yum install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Install/Upgrade zimbra-chat for FOSS

  • As root, Type below command.
yum install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • As root, Type below command.
yum clean metadata 
yum check-update 
yum install zimbra-network-modules-ng
yum install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-docs (NETWORK Only)

  • As root, Type below command.
yum install zimbra-docs
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-drive-ng (Beta) (NETWORK Only)

  • As root, Type below command.
yum install zimbra-drive-ng
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart
zxsuite config global set attribute isDriveEnabledOnStartup value true
zxsuite drive doStartService module

Upgrade OpenLDAP on LDAP node for FOSS and NETWORK

  • As root. Type below command:
yum install zimbra-ldap-components
  • Restart ldap as zimbra user
su - zimbra
ldap restart

2. Installing zimbra packages with system package upgrades

  • As root, type below command to clear yum cache
yum clean metadata
  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 8810 patch repository
yum check-update
  • As root, type below command to update most available packages.
yum update
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Ubuntu

1. Installing zimbra packages individually

Install/Upgrade zimbra-proxy-components on Proxy node for FOSS and NETWORK

  • As root. Type below command
apt-get install zimbra-proxy-components
  • Restart proxy as zimbra user
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-proxy-patch on Proxy node for FOSS and NETWORK

  • As root. Type below command
apt-get install zimbra-proxy-patch
  • Restart proxy as zimbra user
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade zimbra-mta-patch on MTA node for FOSS and NETWORK

  • As root. Type below command
apt-get install zimbra-mta-patch
  • Restart amavisd as zimbra user
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type below command:
apt-get update
apt-get install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart

Install/Upgrade zimbra-chat for FOSS

  • As root, Type below command.
apt-get install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart

Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • As root. Type below command.
apt-get update
apt-get install zimbra-network-modules-ng
apt-get install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-docs (NETWORK Only)

  • As root, Type below command.
apt-get install zimbra-docs
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart


Install/Upgrade zimbra-drive-ng (Beta) (NETWORK Only)

  • As root, Type below command.
apt-get install zimbra-drive-ng
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type below command:
zmmailboxdctl restart
zxsuite config global set attribute isDriveEnabledOnStartup value true
zxsuite drive doStartService module

Upgrade OpenLDAP on LDAP node for FOSS and NETWORK

  • As root. Type below command:
apt-get install zimbra-ldap-components
  • Restart ldap as zimbra user
su - zimbra
ldap restart

2. Installing zimbra packages with system package upgrades

  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 889 patch repository
apt-get update
  • As root, type below command to update most available packages
apt-get upgrade

OR

  • As root, type below command to update all available packages plus any kernel updates.
apt-get dist-upgrade
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type below command:
zmcontrol restart
Jump to: navigation, search