Zimbra Releases/8.8.15/P23: Difference between revisions
No edit summary |
No edit summary |
||
Line 17: | Line 17: | ||
|style="border: solid #ffffff;"|Open Redirect Vulnerability in preauth servlet. | |style="border: solid #ffffff;"|Open Redirect Vulnerability in preauth servlet. | ||
|style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-34807 CVE-2021-34807] | |style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-34807 CVE-2021-34807] | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| 6.1 | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| Medium | ||
|style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | |style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | ||
|- | |- | ||
|style="border: solid #ffffff;"|Proxy Servlet Open Redirect Vulnerability. | |style="border: solid #ffffff;"|Proxy Servlet Open Redirect Vulnerability. | ||
|style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35209 CVE-2021-35209] | |style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35209 CVE-2021-35209] | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| 6.1 | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| Medium | ||
|style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | |style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | ||
|- | |- | ||
|style="border: solid #ffffff;"|Stored XSS Vulnerability in ZmMailMsgView.java. | |style="border: solid #ffffff;"|Stored XSS Vulnerability in ZmMailMsgView.java. | ||
|style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35208 CVE-2021-35208] | |style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35208 CVE-2021-35208] | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| 5.4 | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| Medium | ||
|style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | |style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | ||
|- | |- | ||
|style="border: solid #ffffff;"|Vulnerability Scanner detects Cross Site Scripting Vulnerability. | |style="border: solid #ffffff;"|Vulnerability Scanner detects Cross Site Scripting Vulnerability. | ||
|style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35207 CVE-2021-35207] | |style="border: solid #ffffff;"| [https://nvd.nist.gov/vuln/detail/CVE-2021-35207 CVE-2021-35207] | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| 6.1 | ||
|style="border: solid #ffffff;text-align:center;"| | |style="border: solid #ffffff;text-align:center;"| Medium | ||
|style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | |style="border: solid #ffffff;text-align:center;"| 8.8.15 P23 | ||
|} | |} |
Revision as of 06:21, 12 July 2021
Zimbra Collaboration Joule 8.8.15 Patch 23 GA Release
Check out the Security Fixes, What's New, Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues.
NOTE: If you are upgrading or migrating from an older version of Zimbra to Zimbra 8.8 Production Ready, please read Things to Know Before Upgrading and First Steps with the Zimbra NG Modules for critical information before you upgrade.
Security Fixes
Summary | CVE-ID | CVSS Score | Zimbra Rating | Fix Patch Version |
---|---|---|---|---|
Open Redirect Vulnerability in preauth servlet. | CVE-2021-34807 | 6.1 | Medium | 8.8.15 P23 |
Proxy Servlet Open Redirect Vulnerability. | CVE-2021-35209 | 6.1 | Medium | 8.8.15 P23 |
Stored XSS Vulnerability in ZmMailMsgView.java. | CVE-2021-35208 | 5.4 | Medium | 8.8.15 P23 |
Vulnerability Scanner detects Cross Site Scripting Vulnerability. | CVE-2021-35207 | 6.1 | Medium | 8.8.15 P23 |
Security Known Issue
- Attention: Zimbra would like to alert its customers that it is possible for them to introduce an SSRF security vulnerability in the Proxy Servlet. If this servlet is configured to allow a particular domain (via zimbraProxyAllowedDomains configuration setting), and that domain resolves to an internal IP address (such as 127.0.0.1), an attacker could possibly access services running on a different port on the same server, which would normally not be exposed publicly. So we urge our customers to review this configuration setting to ensure that there are no vulnerabilities are introduced.
What's New
Announcing Zimbra Video Server GA
- The Zimbra Video Server is a WebRTC stream aggregator that improves Connect’s performance by merging and decoding/re-encoding all streams in a meeting. Refer to the admin guide for instructions on installing the Video Server on the systems.
Deprecation of Zimbra Server on Ubuntu 14.04, Oracle Linux 6 and CentOS/RHEL 6
With a number of supported operating systems entering the end of life, Zimbra will deprecate all Zimbra versions for Ubuntu 14.04, CentOS 6, Redhat 6 and Oracle 6 as of July 31, 2021. At this date, there will no longer be any patch release for 8.8.15 and 9.0.0 on these operating systems.
- Ubuntu 14.04 end of life occurred on April 30, 2019
- CentOS and RHEL 6 end of life occurred on November 30, 2020
- Oracle 6 End of life occurred on October 2020
After July 31, 2021, Zimbra Support will provide best-effort support for the last patch release on the listed operating systems. However, any known or existing bugs will not be addressed and Zimbra Support encourages all customers to follow our recommended upgrade path to a supported OS version at your earliest convenience to ensure no interruption in your support services.
For more information about the direction Zimbra is taking with supporting future operating systems please check our blog.
For questions or guidance with upgrading your operating system please open a support case and our Support team is here to assist you.
Web UX - Admin
- Zimbra now supports Two Factor Authentication (2FA) when logging in to the Administration Console. The user should use the same 2FA mechanism they have setup for their mail login.
Web UX - Classic
- For the Chinese language, the date formats have been fixed and the Classic Web App and Admin Console now will display this data correctly.
Fixed Issues
Web UX - Classic
- The date formats were not the same between the display and the printed forms of an email. It is now made consistent.
- When a user has multiple external accounts and deletes more than two of them at the same time on the preference page, only the last account's folders were deleted (the user had to delete them manually later). This issue is now fixed.
Platform
- Command-line utility zmmboxmove was failing in case the mailbox move operation took more than 100 seconds. With this fix, a new localconfig attribute has been introduced - zimbra_remote_cmd_channel_timeout_min which will control the timeout for mailbox moves. The default value is set to 10 minutes which can be further increased if needed.
- Updating Ciphers and TLS attributes in local config were not getting reflected in LDAP. Due to mismatch of TLS protocol, send/receive of emails were affected and amavisd service failed to connect to LDAP. These issues have been fixed. Updating Ciphers and TLS attributes in local config now correctly gets reflected in LDAP.
NOTE: For this fix to work, TLSv1 needs to be disabled on the server. Restart zmamavisdctl
to make the changes effective:
zmlocalconfig -e amavis_sslversion='!TLSv1' zmamavisdctl restart
Zimbra Connect
- The 'Pin video' action has been fixed and is now visible during a meeting both in grid and in cinema mode.
- Now all the HTTP responses but the 404 error will contain the Content-Type header so Team can be used in conjunction with X-Content-Type-Options: nosniff header.
- In the forward modal window, the conversations with cleared history were wrongly set at the top of the list.
- Instant meeting’s modal windows will is no more shown twice on adding.
- It is now possible for users to create spaces with no user.
- Group invitation is now improved with the new option to allow users to show or hide the previous history of a group chat. Also in Instant meetings when a new user joins a meeting will not be able to see the previous history. On the other hand, in spaces and channels, history will always be visible. Moreover, when a user leaves a conversation or the conversation is deleted, the clear conversation’s data is removed.
- During an instant meeting, on sharing the screen the view automatically changes to cinema and the new screen share session is pinned when Video Server is used.
- In a meeting, users can send two different streams: one for webcam and one for screen share.
- Now, an instant meeting is hosted on the server the user that creates the meeting resides on.
NG Admin
- When the notifications list is empty, a status message is now shown to advise the admins to click the refresh button to update the list. A refresh button has also been added to refresh the list.
NG Backup
- Fixed a bug that prevented the items in the subfolders to be properly restored inside its subfolder when restoring with the doUndelete command.
- The restore inside the source folder is now the default behavior of the doUndelete command.
- Fixed a bug that prevented the backup coherency check operation to properly fix the backup path when missing Drive’s blobs are present.
- The debug logs have been improved, now they log each remote call to the store, and more in detail, now every file upload to remote storage is logged for each folder.
- The handling of errors during a coherency check where the backup is being fixed has been improved, now if it is not possible to move files away from the backup path, an error will be thrown.
- The Real-Time backup now saves account/COS/domain configuration too. On restoring an account/COS/domain, it is now restored also the whole item configuration.
- Clarified the error message that the coherency check operation throws when a missing blob is found in the backup path.
- The Zimbra indexing is now temporarily disabled while performing restore operations such as the external restore and the restore on a new account to improve the restore performances.
- The restore operation has been improved to increase its speed.
- Improvement in the working of restoration of appointments/calendar.
Zimbra Drive
- Fixed a bug that prevented properly generate the extension of the zip file on sending a Drive folder via email in Zimbra Modern Web App.
Known Issues
- None
Patch Installation
Please refer to the steps below to install 8.8.15 Patch 23 on Redhat and Ubuntu platforms:
Before Installing the Patch, consider the following:
- Patches are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to
zimbra
user before using ZCS CLI commands. - Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
- Important! Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release. Please refer to the Patch Installation section to install the packages in its order.
8.8.15 Patch 23 Packages
The package lineup for this release is:
FOSS:
PackageName Version zimbra-patch -> 8.8.15.1624275275.p23-1 zimbra-common-core-jar -> 8.8.15.1624268282-1 zimbra-common-core-libs -> 8.8.15.1623913824-1.u18 zimbra-mbox-conf -> 8.8.15.1568012813-1 zimbra-mbox-service -> 8.8.15.1568694943-1 zimbra-mbox-store-libs -> 8.8.15.1568694943-1 zimbra-mbox-war -> 8.8.15.1618222785-1 zimbra-mbox-admin-console-war -> 8.8.15.1624007059-1 zimbra-mbox-webclient-war -> 8.8.15.1623920145-1 zimbra-drive -> 1.0.13.1576152256-1 zimbra-core-components -> 2.0.9-1zimbra8.8b1 zimbra-openjdk -> 13.0.1-1zimbra8.8b1 zimbra-openssl -> 1.1.1k-1zimbra8.7b4 zimbra-chat -> 3.0.1.1594306000-1 zimbra-proxy-patch -> 8.8.15.1618580915.p21-1 zimbra-mta-patch -> 8.8.15.1624275275.p23-1 zimbra-ldap-components -> 1.0.9-1zimbra8.8b1 zimbra-clamav -> 0.103.2-1zimbra8.8b3 zimbra-perl-mail-spamassassin -> 3.4.5-1zimbra8.8b3 zimbra-spamassassin-rules -> 1.0.0-1zimbra8.8b4 zimbra-nginx -> 1.19.0-1zimbra8.8b3 zimbra-openldap-server -> 2.4.49-1zimbra8.8b4 zimbra-mta-components -> 1.0.13-1zimbra8.8b1 zimbra-proxy-components -> 1.0.8-1zimbra8.8b1
NETWORK:
Package Name Version zimbra-patch -> 8.8.15.1624275275.p23-2 zimbra-mbox-ews-service -> 8.8.15.1590048861-1 zimbra-drive-ng -> 3.0.15.1616091166-1 zimbra-network-modules-ng -> 6.0.24.1622198465-1 zimbra-docs -> 3.0.8.1616090809-1 zimbra-connect -> 1.0.23.1620919295-1 zimbra-zco -> 8.8.15.1899.1622602132-1 zimbra-zimlet-auth -> 1.0.2.1622463729-1
Redhat
Installing Zimbra packages with system package upgrades
- As
root
, first clear the yum cache and check for updates so the server sees there is a newzimbra-patch
package in the patch repository:
yum clean metadata yum check-update
- On mailstore node, install the following packages:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
- Then ask yum to update available packages:
yum update
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing Zimbra packages individually for NETWORK and FOSS
Upgrade OpenLDAP on LDAP node
- As
root
, install the package:
yum install zimbra-ldap-patch
- Restart
ZCS
aszimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-proxy-patch
on Proxy node
- As
root
, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata yum check-update yum install zimbra-proxy-patch
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart zmmemcachedctl restart
Install/Upgrade snmp
if it is installed on Proxy node
yum install zimbra-snmp-components
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart
Install/Upgrade zimbra-mta-components
on MTA node
- As
root
, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata yum check-update
- Then install the package:
yum install zimbra-mta-components
- If
dnscache
is installed, upgrade the package before restarting the services:
yum install zimbra-dnscache-components
- If
snmp
is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-mta-patch
on MTA node
- As
root
, install the package:
yum install zimbra-mta-patch
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, install the package:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs yum install zimbra-patch
- If
apache
is installed, upgrade the package before restarting the services:
yum install zimbra-apache-components
- If
spell
is installed, upgrade the package before restarting the services:
yum install zimbra-spell-components
- If
snmp
is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing NG packages (NETWORK Only)
Uninstall zimbra-talk
on mailstore node
Starting Zimbra 8.8.15 GA, zimbra-connect
replaces zimbra-talk
. Hence, it is important to remove zimbra-talk
before installing zimbra-connect
.
- As
root
, uninstall the packagezimbra-talk
:
yum remove zimbra-talk
Install/Upgrade zimbra-network-modules-ng
, zimbra-connect
, zimbra-zimlet-auth
, zimbra-docs
and zimbra-drive-ng
on mailstore node
yum install zimbra-network-modules-ng yum install zimbra-connect yum install zimbra-zimlet-auth yum install zimbra-docs yum install zimbra-drive-ng
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Install/Upgrade zimbra-chat
for FOSS
- As
root
, install the package:
yum install zimbra-chat
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Ubuntu
Installing zimbra packages with system package upgrades
- As
root
, check for updates so the server checks there is a newzimbra-patch
package in the patch repository:
apt-get update
- On mailstore node, install the following packages:
apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
- Then update available packages:
apt-get upgrade
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing zimbra packages individually for NETWORK and FOSS
Upgrade OpenLDAP on LDAP node
- As
root
, install the package:
apt-get install zimbra-ldap-patch
- Restart
ZCS
aszimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-proxy-patch
on Proxy node
- As
root
, install package
apt-get install zimbra-proxy-patch
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart zmmemcachedctl restart
Install/Upgrade snmp
if it is installed on Proxy node
apt-get install zimbra-snmp-components
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart
Install/Upgrade zimbra-mta-components
on MTA node
- As
root
, install package
apt-get install zimbra-mta-components
- If
snmp
is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-mta-patch
on MTA node
- As
root
, install package
apt-get install zimbra-mta-patch
- If
dnscache
is installed, upgrade the package before restarting the services:
apt-get install zimbra-dnscache-components
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, check for updates and install package:
apt-get update apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs apt-get install zimbra-patch
- If
apache
is installed, upgrade the package before restarting the services:
apt-get install zimbra-apache-components
- If
spell
is installed, upgrade the package before restarting the services:
apt-get install zimbra-spell-components
- If
snmp
is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing NG packages (NETWORK Only)
Uninstall zimbra-talk
on mailstore node
Starting Zimbra 8.8.15 GA, zimbra-connect
replaces zimbra-talk
. Hence, it is important to remove zimbra-talk
before installing zimbra-connect
.
- As
root
, uninstall the packagezimbra-talk
:
apt-get remove zimbra-talk
Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs, zimbra-drive-ng on mailstore node
- As
root
, check for updates and install packages:
apt-get update apt-get install zimbra-network-modules-ng apt-get install zimbra-connect apt-get install zimbra-zimlet-auth apt-get install zimbra-docs apt-get install zimbra-drive-ng
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Install/Upgrade zimbra-chat for FOSS
- As
root
, install package:
apt-get install zimbra-chat
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Upgraded 3rd Party Packages
- OpenSSL and Postfix TLS 1.3 GA Packages
The packages for RHEL6, RHEL7, UBUNTU14, UBUNTU16, UBUNTU18 are:
Package Name Version zimbra-openssl : 1.1.1h-1zimbra8.7b3 zimbra-postfix : 3.5.6-1zimbra8.7b3 zimbra-nginx : 1.19.0-1zimbra8.8b3 zimbra-mariadb : 10.1.25-1zimbra8.7b3 zimbra-heimdal : 1.5.3-1zimbra8.7b3 zimbra-curl : 7.49.1-1zimbra8.7b3 zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2 zimbra-unbound : 1.11.0-1zimbra8.7b2 zimbra-apr-util : 1.6.1-1zimbra8.7b2 zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4 zimbra-net-snmp : 5.8-1zimbra8.7b2 zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3 zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2 zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3 zimbra-openldap : 2.4.49-1zimbra8.8b4 zimbra-opendkim : 2.10.3-1zimbra8.7b5 zimbra-clamav : 0.102.2-1zimbra8.8b3 zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b2 zimbra-perl-net-http : 6.09-1zimbra8.7b3 zimbra-perl-libwww : 6.13-1zimbra8.7b3 zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b3 zimbra-perl-xml-parser : 2.44-1zimbra8.7b3 zimbra-perl-soap-lite : 1.19-1zimbra8.7b3 zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b3 zimbra-perl-xml-simple : 2.25-1zimbra8.7b2 zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3 zimbra-perl-mail-spamassassin : 3.4.4-1zimbra8.8b3 zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b3 zimbra-perl-innotop : 1.9.1-1zimbra8.7b3 zimbra-httpd : 2.4.46-1zimbra8.7b3 zimbra-php : 7.3.25-1zimbra8.7b3 zimbra-postfix-logwatch : 1.40.03-1zimbra8.7b1 zimbra-perl : 1.0.5-1zimbra8.7b1 zimbra-dnscache-components : 1.0.2-1zimbra8.7b1 zimbra-apache-components : 2.0.4-1zimbra8.8b1 zimbra-spell-components : 2.0.4-1zimbra8.8b1 zimbra-snmp-components : 1.0.3-1zimbra8.7b1 zimbra-mta-components : 1.0.11-1zimbra8.8b1 zimbra-core-components : 2.0.7-1zimbra8.8b1 zimbra-proxy-components : 1.0.8-1zimbra8.8b1 zimbra-store-components : 1.0.3-1zimbra8.7b1 zimbra-ldap-components : 1.0.6-1zimbra8.8b1
- OpenSSL and Postfix TLS 1.3 Packages
The GA packages for RHEL8 are:
Package Name Version zimbra-openssl : 1.1.1h-1zimbra8.7b3 zimbra-postfix : 3.5.6-1zimbra8.7b3 zimbra-nginx : 1.19.0-1zimbra8.8b3 zimbra-mariadb : 10.1.25-1zimbra8.7b3 zimbra-heimdal : 1.5.3-1zimbra8.7b3 zimbra-curl : 7.49.1-1zimbra8.7b3 zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2 zimbra-unbound : 1.11.0-1zimbra8.7b2 zimbra-apr-util : 1.6.1-1zimbra8.7b2 zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4 zimbra-net-snmp : 5.8-1zimbra8.7b3 zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3 zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2 zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3 zimbra-openldap : 2.4.49-1zimbra8.8b4 zimbra-opendkim : 2.10.3-1zimbra8.7b5 zimbra-clamav : 0.102.2-1zimbra8.8b3 zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b3 zimbra-perl-net-http : 6.09-1zimbra8.7b4 zimbra-perl-libwww : 6.13-1zimbra8.7b4 zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b4 zimbra-perl-xml-parser : 2.44-1zimbra8.7b4 zimbra-perl-soap-lite : 1.19-1zimbra8.7b4 zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b4 zimbra-perl-xml-simple : 2.25-1zimbra8.7b3 zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3 zimbra-perl-mail-spamassassin : 3.4.4-1zimbra8.8b4 zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b4 zimbra-perl-innotop : 1.9.1-1zimbra8.7b4 zimbra-httpd : 2.4.46-1zimbra8.7b3 zimbra-php : 7.3.25-1zimbra8.7b3 zimbra-perl : 1.0.6-1zimbra8.7b1 zimbra-dnscache-components : 1.0.2-1zimbra8.7b1 zimbra-apache-components : 2.0.4-1zimbra8.8b1 zimbra-spell-components : 2.0.4-1zimbra8.8b1 zimbra-snmp-components : 1.0.3-1zimbra8.7b1 zimbra-mta-components : 1.0.11-1zimbra8.8b1 zimbra-core-components : 2.0.7-1zimbra8.8b1 zimbra-proxy-components : 1.0.8-1zimbra8.8b1 zimbra-store-components : 1.0.3-1zimbra8.7b1 zimbra-ldap-components : 1.0.6-1zimbra8.8b1
The updated GA packages are:
Package Old-Version New-Version postfix 3.1.1 3.5.6 openssl 1.0.2t 1.1.1h nginx 1.7.1 1.19.0 postfix-logwatch 1.40.01 1.40.03 io-socket-ssl 2.020 2.068 xml-simple 2.20 2.25 crypt-openssl-rsa 0.28 0.31 net-snmp 5.7.3 5.8 dbd-mysql 4.033 4.050 apr-util 1.5.4 1.6.1 unbound 1.5.9 1.11.0 net-ssleay 1.72 1.88
- Nginx TLS 1.3 Packages
The GA packages for RHEL6, RHEL7, RHEL8, UBUNTU14, UBUNTU16, UBUNTU18 are:
PackageName Version zimbra-nginx -> 1.19.0-1zimbra8.8b1 zimbra-proxy-components -> 1.0.6-1zimbra8.8b1 zimbra-proxy-patch -> 8.8.15.1607930110.p17-1
Quick note: Open Source repo
The steps to download, build, and see our code via Github can be found here: https://github.com/Zimbra/zm-build
Jira Summary
Jira Tickets fixed in 8.8.15 Patch 23
ZCS-10674 | Pin video icon during meeting fixed |
ZCS-10673 | Content-Type refactored in Team responses |
ZCS-10672 | Order of conversations on forward modal refactored |
ZCS-10670 | Instant meeting’s modal window shown twice fixed |
ZCS-10669 | Team desktop notification fixed |
ZCS-10667 | History optimizations for groups and instant-meetings |
ZCS-10666 | Autopin screen share |
ZCS-10665 | Show separate stream for screen share |
ZCS-10664 | Instant Meetings hosted on the owner’s server |
ZCS-10663 | Folders sent as email attachment extension fix NG Drive |
ZCS-10662 | Improvement in showing notifications empty list |
ZCS-10661 | doUndelete on restoring items in subfolders fixed |
ZCS-10660 | doUndelete operation now restores in the original folder by default |
ZCS-10659 | Coherency check’s backup fix operation fixed when missing Drive blobs |
ZCS-10658 | Improved debug logs on migrating the backup on third party store |
ZCS-10657 | Improved error handling in coherency check on fixing backup |
ZCS-10656 | Account/COS/domain configuration saved and restored |
ZCS-10655 | Error message when missing blobs are found by the coherency check operation improved |
ZCS-10654 | Index suspended during restore operations |
ZCS-10647 | Restore operation’s speed improvements |
ZCS-10646 | Restoration of particular Item on new account |
ZCS-9956 | Fix date formats for Chinese Characters across Classic UI / Admin Console |
ZCS-9764 | Open Redirect Vulnerability in preauth servlet. |
ZCS-9073 | Support 2FA login for Admin Console Frontend |
ZBUG-2289 | zmmboxmove and moveMailboxRequest are seem broken, invalid exception thrown and rsync timeout |
ZBUG-2283 | Proxy Servlet Open Redirect Vulnerability |
ZBUG-2282 | Classic Web Client: Stored XSS Vulnerability in ZmMailMsgView.js |
ZBUG-2220 | Vulnerability Scanner detects Cross Site Scripting Vulnerability |
ZBUG-2162 | Classic Web Mail client is 12 hour format, but print mail is 24 hour format with AM/PM |
ZBUG-2015 | Folders for External account is not deleted when multiple external accounts are deleted |
ZBUG-1918 | Updating LC keys "ldap_common_tlsciphersuite" and "ldap_common_tlsprotocolmin" are not updating Ciphers and TLS versions in LDAP Config |