Difference between revisions of "Zimbra Releases/8.8.15/P31"

(Created page with "{{WIP}} = Zimbra Collaboration Joule 8.8.15 Patch 31 GA Release = <div class="col-md-9"> Check out the '''Fixed Issues''', and '''#Known Issues|Known Iss...")
 
Line 9: Line 9:
 
{{ReleaseNote-note}}
 
{{ReleaseNote-note}}
  
 +
<div style="padding:1%; color:#008000;font-size:18px;" >
 +
'''Log4j zero-day exploit vulnerability'''
 +
 +
After intensive review and testing, Zimbra Development determined that the zero-day exploit vulnerability for Log4j (CVE-2021-44228) does not affect the current Supported Zimbra versions (9.0.0 & 8.8.15). Zimbra Collaboration Server currently uses Log4j version 1.2.16. The cause of the vulnerability is found in the lookup expression feature in Log4j versions 2.0 to 2.17.
 +
 +
Following are some more updates on the existing and newly reported vulnerabilities:
 +
 +
* (CVE-2021-4104): This RedHat vulnerability does not affect the current Supported Zimbra Collaboration Server versions (8.8.15 & 9.0.0). For this vulnerability to affect the server, it needs JMSAppender and the ability to append configuration files. Zimbra does not use the JMSAppender.
 +
* CVE-2022-23307: Zimbra is vulnerable but is not exploitable. To be exploited the system must be running Chainsaw.  It is included but is never running.
 +
* CVE-2022-23305: Zimbra is not vulnerable to this vulnerability, since it does not run the JDBCAppender.
 +
* CVE-2022-23302: Zimbra is not vulnerable to this vulnerability, since it does not run the JMSSink.
 +
 +
 +
Even though Zimbra is not affected by the Log4j vulnerabilities, we are in the process of updating Log4j to a version that is not affected. Please watch for more updates in the upcoming release.
 +
</div>
 +
<br/>
  
 
==Security Fixes==
 
==Security Fixes==

Revision as of 17:20, 30 March 2022


Zimbra Collaboration Joule 8.8.15 Patch 31 GA Release

Check out the Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues.

NOTE: If you are upgrading or migrating from an older version of Zimbra to Zimbra 8.8 Production Ready, please read Things to Know Before Upgrading and First Steps with the Zimbra NG Modules for critical information before you upgrade.

Log4j zero-day exploit vulnerability

After intensive review and testing, Zimbra Development determined that the zero-day exploit vulnerability for Log4j (CVE-2021-44228) does not affect the current Supported Zimbra versions (9.0.0 & 8.8.15). Zimbra Collaboration Server currently uses Log4j version 1.2.16. The cause of the vulnerability is found in the lookup expression feature in Log4j versions 2.0 to 2.17.

Following are some more updates on the existing and newly reported vulnerabilities:

  • (CVE-2021-4104): This RedHat vulnerability does not affect the current Supported Zimbra Collaboration Server versions (8.8.15 & 9.0.0). For this vulnerability to affect the server, it needs JMSAppender and the ability to append configuration files. Zimbra does not use the JMSAppender.
  • CVE-2022-23307: Zimbra is vulnerable but is not exploitable. To be exploited the system must be running Chainsaw. It is included but is never running.
  • CVE-2022-23305: Zimbra is not vulnerable to this vulnerability, since it does not run the JDBCAppender.
  • CVE-2022-23302: Zimbra is not vulnerable to this vulnerability, since it does not run the JMSSink.


Even though Zimbra is not affected by the Log4j vulnerabilities, we are in the process of updating Log4j to a version that is not affected. Please watch for more updates in the upcoming release.


Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
Upgraded Apache to 2.4.53 to avoid multiple vulnerabilities. CVE-2021-40438CVE-2021-39275 9.0 Critical 9.0.0 P24
Upgraded PHP to 7.4.27 to avoid DoS vulnerability. CVE-2021-21702 7.5 High 8.8.15 P31
An endpoint URL accepts parameters without sanitizing it caused XSS vulnerability. CVE-2022-27926 TBD TBD 8.8.15 P31
RCE through mboximport from authenticated user. CVE-2022-27925 TBD TBD 8.8.15 P31
Memcached poisoning with unauthenticated request. CVE-2022-27924 TBD TBD 8.8.15 P31

What's New

NOTE: Beta features are not supported and should not be installed on production systems. Beta modules have been provided for evaluation in lab environments only.

Rocky Linux 8 Support (Beta)

We are nearing the end of our extensive QA cycle for this major upgrade. Watch for the GA announcement in an upcoming patch release.

Package Upgrade

  • PHP has been upgraded from 7.3.25 to 7.4.27.
  • Apache has been upgraded from 2.4.51 to 2.4.53.


Fixed Issues

Platform

  • Users were not able to set the out-of-office setting using EWS through Outlook. The issue has been fixed.
  • When creating filter rules through EWS using Outlook, an error was encountered and the filters were not getting created. The issue has been fixed.
  • zmmsgtrace utility was not getting executed when encountered particular logs. The issue has been fixed.
  • When a user receives a converted PDF file from MS Word or Excel and tries to search it through keyword or filename, the file did not appear in search results. The issue has been fixed and the file appears in search results.
  • Support for the SameSite cookie flag has now been added. A local config variable zimbra_same_site_cookie has been introduced to control the cookie. The default value is set to Strict but the user can change it to Lax, None or ""(empty). Refer to the wiki article for more details.
  • The allowplugins option in zmsaupdate script of Spamassasin has been deprecated due to security concerns. The option has been moved to localconfig antispam_saupdate_reallyallowplugins.
  • When using EWS and creating folders for Contact, Task or Calendar, the folders were not created due to the backend returning an incorrect folder in response. The issue has been fixed.
  • When creating contact through EWS, the changekey parameter was not returned. Due to this, further updates to the contacts were not saved. The issue has been fixed.
  • When sending an inline attachment from one user to another user where both are using EWS, the attachment was not displayed correctly. The issue has been fixed.
  • For the shared external account, users were not able to rename a folder in the external account folder structure. The issue has been fixed.
  • If a user who is not allowed to send an email to a distribution list adds the distribution list as the forward address, then the email coming to the user is forwarded to the distribution list bypassing the rule. The issue has been fixed.
  • When a user receives a converted PDF file from MS Word or Excel and tries to search it through keyword or filename, the file did not appear in search results. The issue has been fixed and the file appears in search results.
  • When using EWS and executing the GetInboxRules operation, an error was seen. The issue has been fixed and the GetInboxRules gets executed successfully.
  • When using EWS and trying to send an email through Mac Outlook Client without specifying any address in the To field, an error was encountered and the mail was not sent. The issue has been fixed.
  • When using OWASP and sending an email with href link which has the &num character, it got replaced with #_. The issue has been fixed.
  • When using a command zmprov -gadl -v to get the list of members and count in the distribution list, the details were not displayed. The issue has been fixed.
  • In Admin Console, when searching the users from Home -> Search -> Accounts and downloading the user's information by clicking on the gear icon at the right-hand top corner, the .csv file did not have Last Login and Description field in it. The issue has been fixed and these field now appear in the .csv file.
  • The external accounts which get created for public sharing were being counted towards the server's account quota. The issue has been fixed.

Web UX - Classic

  • When a user gets a mailto: link in the email, right-clicks on it and select the New Email option, the new composer is opened and mailto: text is added in front of the email address in the To field. The issue has been fixed.
  • When using the Arabic language, Classic Web App did not load. The issue has been fixed.
  • In Classic Web App, the Firefox Sidebar option has been deprecated since the supporting Firefox Social API is no more available and is obsolete.
  • Few emails were not displayed correctly in Classic Web App and appeared overlapping. The issue has been fixed.
  • When the user updates the From field in Preferences -> Accounts -> Settings for Sent Messages, the updated From name is not displayed in the From field in the email. The issue has been fixed.
  • When adding a mailto: link in the email with subject field in it and send to another user, when he clicks on the link, the > character is added in the subject field. The issue has been fixed.
  • When using the Catalan language, the spell checker button was not displayed in the composer. The issue has been fixed.
  • Contact information of recently Shared contacts did not appear in Mail tab, until user did not click on the shared address book in the Contacts tab. This issue has been fixed.
  • When using Web App on Linux Operating System and trying to move the messages to a new folder, the blue background was displayed and users were not able to execute the move operation. The issue has been fixed.

ZCO

  • In the previous patch release, an issue was seen where the mails were not arriving automatically. Users had to click on Send/Receive to get new mails. The issue has been fixed.

HSM

  • In case of an unexpected folder in the store path, a clearer warning is reported in the check blobs operation log to avoid misunderstandings.

NG Auth

  • The mobile passwords can now be created and deleted by the delegated admins.

NG Backup

  • Fixed a bug that made the purge operation only delete the blob relative to the last state of the item, causing lots of orphaned blobs in the backup path for items with different blob versions such as emails drafts for instance.

Zimbra Connect

  • Fixed a bug that caused the Team DB migration to fail when legacy Chat data was already present.


Known Issues

  • None


Patch Installation

Please refer to the steps below to install 8.8.15 Patch 31 on Redhat and Ubuntu platforms:

Before Installing the Patch, consider the following:

  • Patches are cumulative.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to zimbra user before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
  • Important! Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release. Please refer to the Patch Installation section to install the packages in its order.

8.8.15 Patch 31 Packages

The package lineup for this release is:

FOSS:

PackageName                     Version
zimbra-patch                  ->      8.8.15.1648259498.p31-2
zimbra-mta-patch              ->      8.8.15.1647332084.p31-1
zimbra-mta-components         ->      1.0.14-1zimbra8.8b1
zimbra-proxy-patch            ->      8.8.15.1648259498.p31-1
zimbra-proxy-components       ->      1.0.9-1zimbra8.8b1
zimbra-php                    ->      7.4.27-1zimbra8.7b3
zimbra-httpd                  ->      2.4.53-1zimbra8.7b3
zimbra-apache-components      ->      2.0.7-1zimbra8.8b1
zimbra-spell-components       ->      2.0.8-1zimbra8.8b1
zimbra-nginx                  ->      1.20.0-1zimbra8.8b21
zimbra-common-core-jar        ->      8.8.15.1647325929-1
zimbra-common-core-libs       ->      8.8.15.1647230035-1
zimbra-mbox-conf              ->      8.8.15.1568012813-1
zimbra-mbox-service           ->      8.8.15.1568694943-1
zimbra-mbox-store-libs        ->      8.8.15.1641882842-1
zimbra-mbox-war               ->      8.8.15.1647325929-1
zimbra-mbox-admin-console-war ->      8.8.15.1643880751-1
zimbra-mbox-webclient-war     ->      8.8.15.1647334948-1
zimbra-drive                  ->      1.0.13.1576152256-1
zimbra-timezone-data          ->      2.0.1.1646993388-1
zimbra-openjdk                ->      13.0.1-1zimbra8.8b1
zimbra-openjdk-cacerts        ->      1.0.8-1zimbra8.7b1
zimbra-openssl                ->      1.1.1l-1zimbra8.7b4
zimbra-openldap-lib           ->      2.4.59-1zimbra8.8b5
zimbra-openldap-client	      ->      2.4.59-1zimbra8.8b5
zimbra-openldap-server        ->      2.4.59-1zimbra8.8b5
zimbra-ldap-components        ->      1.0.14-1zimbra8.8b1
zimbra-core-components        ->      2.0.14-1zimbra8.8b1
zimbra-postfix                ->      3.6.1-1zimbra8.7b3
zimbra-postfix-logwatch       ->      1.40.03-1zimbra8.7b1
zimbra-clamav                 ->      0.103.2-1zimbra8.8b3
zimbra-perl-mail-spamassassin ->      3.4.5-1zimbra8.8b3
zimbra-spamassassin-rules     ->      1.0.0-1zimbra8.8b4
zimbra-openldap-server        ->      2.4.59-1zimbra8.8b5
zimbra-chat                   ->      3.0.1.1594306000-1
                                                        

NETWORK:

Package Name                    Version           
zimbra-patch                  ->      8.8.15.1648259498.p31-1
zimbra-mbox-ews-service       ->      8.8.15.1647230559-1
zimbra-drive-ng               ->      3.0.16.1637855904-1
zimbra-network-modules-ng     ->      6.0.33.1646915507-1
zimbra-docs                   ->      3.0.8.1616090809-1
zimbra-connect                ->      1.0.29.1635424238-1
zimbra-zco                    ->      8.8.15.1919.1647367453-1
zimbra-zimlet-auth            ->      1.0.2.1622463729-1

Redhat

Installing Zimbra packages with system package upgrades

  • As root, first clear the yum cache and check for updates so the server sees there is a new zimbra-patch package in the patch repository:
yum clean metadata
yum check-update
  • On mailstore node, install the following packages:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
  • Then ask yum to update available packages:
yum update
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Installing Zimbra packages individually for NETWORK and FOSS

Upgrade OpenLDAP on LDAP node

  • As root, install the package:
yum install zimbra-ldap-patch
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Install/Upgrade zimbra-proxy-patch on Proxy node

  • As root, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata
yum check-update
yum install zimbra-proxy-patch
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade snmp if it is installed on Proxy node

yum install zimbra-snmp-components
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-mta-components on MTA node

  • As root, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata
yum check-update
  • Then install the package:
yum install zimbra-mta-components
  • If dnscache is installed, upgrade the package before restarting the services:
yum install zimbra-dnscache-components
  • If snmp is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-mta-patch on MTA node

  • As root, install the package:
yum install zimbra-mta-patch
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node

  • As root, install the package:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
yum install zimbra-patch
  • If apache is installed, upgrade the package before restarting the services:
yum install zimbra-apache-components
  • If spell is installed, upgrade the package before restarting the services:
yum install zimbra-spell-components
  • If snmp is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart


Installing NG packages (NETWORK Only)

Uninstall zimbra-talk on mailstore node

Starting Zimbra 8.8.15 GA, zimbra-connect replaces zimbra-talk. Hence, it is important to remove zimbra-talk before installing zimbra-connect.

  • As root, uninstall the package zimbra-talk:
yum remove zimbra-talk

Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs and zimbra-drive-ng on mailstore node

yum install zimbra-network-modules-ng
yum install zimbra-connect
yum install zimbra-zimlet-auth
yum install zimbra-docs
yum install zimbra-drive-ng
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Install/Upgrade zimbra-chat for FOSS

  • As root, install the package:
yum install zimbra-chat
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Ubuntu

Installing zimbra packages with system package upgrades

  • As root, check for updates so the server checks there is a new zimbra-patch package in the patch repository:
apt-get update
  • On mailstore node, install the following packages:
apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
  • Then update available packages:
apt-get upgrade
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Installing zimbra packages individually for NETWORK and FOSS

Upgrade OpenLDAP on LDAP node

  • As root, install the package:
apt-get install zimbra-ldap-patch
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Install/Upgrade zimbra-proxy-patch on Proxy node

  • As root, install package
apt-get install zimbra-proxy-patch
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade snmp if it is installed on Proxy node

apt-get install zimbra-snmp-components
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-mta-components on MTA node

  • As root, install package
apt-get install zimbra-mta-components
  • If snmp is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-mta-patch on MTA node

  • As root, install package
apt-get install zimbra-mta-patch
  • If dnscache is installed, upgrade the package before restarting the services:
apt-get install zimbra-dnscache-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node

  • As root, check for updates and install package:
apt-get update
apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
apt-get install zimbra-patch
  • If apache is installed, upgrade the package before restarting the services:
apt-get install zimbra-apache-components
  • If spell is installed, upgrade the package before restarting the services:
apt-get install zimbra-spell-components
  • If snmp is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart


Installing NG packages (NETWORK Only)

Uninstall zimbra-talk on mailstore node

Starting Zimbra 8.8.15 GA, zimbra-connect replaces zimbra-talk. Hence, it is important to remove zimbra-talk before installing zimbra-connect.

  • As root, uninstall the package zimbra-talk:
apt-get remove zimbra-talk

Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs, zimbra-drive-ng on mailstore node

  • As root, check for updates and install packages:
apt-get update
apt-get install zimbra-network-modules-ng
apt-get install zimbra-connect
apt-get install zimbra-zimlet-auth
apt-get install zimbra-docs
apt-get install zimbra-drive-ng
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Install/Upgrade zimbra-chat for FOSS

  • As root, install package:
apt-get install zimbra-chat
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Upgraded 3rd Party Packages

  • OpenSSL and Postfix TLS 1.3 GA Packages

The packages for RHEL6, RHEL7, UBUNTU14, UBUNTU16, UBUNTU18 are:

Package Name      Version
zimbra-openssl : 1.1.1l-1zimbra8.7b4
zimbra-postfix : 3.6.1-1zimbra8.7b3
zimbra-nginx : 1.20.0-1zimbra8.8b2
zimbra-mariadb : 10.1.25-1zimbra8.7b3
zimbra-heimdal : 1.5.3-1zimbra8.7b3
zimbra-curl : 7.49.1-1zimbra8.7b3
zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2
zimbra-unbound : 1.11.0-1zimbra8.7b2
zimbra-apr-util : 1.6.1-1zimbra8.7b2
zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4
zimbra-net-snmp : 5.8-1zimbra8.7b2
zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3
zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2
zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3
zimbra-openldap : 2.4.59-1zimbra8.8b4
zimbra-opendkim : 2.10.3-1zimbra8.7b5
zimbra-clamav : 0.103.2-1zimbra8.8b3
zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b2
zimbra-perl-net-http : 6.09-1zimbra8.7b3
zimbra-perl-libwww : 6.13-1zimbra8.7b3
zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b3
zimbra-perl-xml-parser : 2.44-1zimbra8.7b3
zimbra-perl-soap-lite : 1.19-1zimbra8.7b3
zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b3
zimbra-perl-xml-simple : 2.25-1zimbra8.7b2
zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3
zimbra-perl-mail-spamassassin : 3.4.5-1zimbra8.8b4
zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b5
zimbra-perl-innotop : 1.9.1-1zimbra8.7b3
zimbra-httpd : 2.4.53-1zimbra8.7b3
zimbra-php : 7.4.27-1zimbra8.7b3
zimbra-postfix-logwatch : 1.40.03-1zimbra8.7b1
zimbra-perl : 1.0.5-1zimbra8.7b1
zimbra-dnscache-components : 1.0.2-1zimbra8.7b1
zimbra-apache-components : 2.0.7-1zimbra8.8b1
zimbra-spell-components : 2.0.8-1zimbra8.8b1
zimbra-snmp-components : 1.0.3-1zimbra8.7b1
zimbra-mta-components : 1.0.14-1zimbra8.8b1
zimbra-core-components : 2.0.14-1zimbra8.8b1
zimbra-proxy-components : 1.0.9-1zimbra8.8b1
zimbra-store-components : 1.0.3-1zimbra8.7b1
zimbra-ldap-components : 1.0.14-1zimbra8.8b1
  • OpenSSL and Postfix TLS 1.3 Packages

The GA packages for RHEL8, UBUNTU20 are:

Package Name      Version
zimbra-openssl : 1.1.1l-1zimbra8.7b4
zimbra-postfix : 3.6.1-1zimbra8.7b3
zimbra-nginx : 1.20.0-1zimbra8.8b2
zimbra-mariadb : 10.1.25-1zimbra8.7b3
zimbra-heimdal : 1.5.3-1zimbra8.7b3
zimbra-curl : 7.49.1-1zimbra8.7b3
zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2
zimbra-unbound : 1.11.0-1zimbra8.7b2
zimbra-apr-util : 1.6.1-1zimbra8.7b2
zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4
zimbra-net-snmp : 5.8-1zimbra8.7b3
zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3
zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2
zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3
zimbra-openldap : 2.4.59-1zimbra8.8b4
zimbra-opendkim : 2.10.3-1zimbra8.7b5
zimbra-clamav : 0.103.2-1zimbra8.8b3
zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b3
zimbra-perl-net-http : 6.09-1zimbra8.7b4
zimbra-perl-libwww : 6.13-1zimbra8.7b4
zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b4
zimbra-perl-xml-parser : 2.44-1zimbra8.7b4
zimbra-perl-soap-lite : 1.19-1zimbra8.7b4
zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b4
zimbra-perl-xml-simple : 2.25-1zimbra8.7b3
zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3
zimbra-perl-mail-spamassassin : 3.4.5-1zimbra8.8b4
zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b5
zimbra-perl-innotop : 1.9.1-1zimbra8.7b4
zimbra-httpd : 2.4.53-1zimbra8.7b3
zimbra-php : 7.4.27-1zimbra8.7b3
zimbra-perl : 1.0.6-1zimbra8.7b1 
zimbra-dnscache-components : 1.0.2-1zimbra8.7b1
zimbra-apache-components : 2.0.7-1zimbra8.8b1
zimbra-spell-components : 2.0.9-1zimbra8.8b1
zimbra-snmp-components : 1.0.3-1zimbra8.7b1
zimbra-mta-components : 1.0.14-1zimbra8.8b1
zimbra-core-components : 2.0.14-1zimbra8.8b1
zimbra-proxy-components : 1.0.9-1zimbra8.8b1
zimbra-store-components : 1.0.3-1zimbra8.7b1
zimbra-ldap-components : 1.0.14-1zimbra8.8b1

The updated GA packages are:

Package            Old-Version    New-Version
postfix              3.5.6          3.6.1
openssl              1.1.1k         1.1.1l
openldap             2.4.49         2.4.59
nginx                1.19.0         1.20.0
postfix-logwatch     1.40.01        1.40.03
io-socket-ssl	     2.020          2.068
xml-simple           2.20           2.25
crypt-openssl-rsa    0.28           0.31
net-snmp             5.7.3          5.8
dbd-mysql            4.033          4.050
apr-util             1.5.4          1.6.1
unbound              1.5.9          1.11.0
net-ssleay           1.72           1.88
PHP                  7.3.25        7.4.27
httpd                2.4.51        2.4.53
  • Nginx TLS 1.3 Packages

The GA packages for RHEL6, RHEL7, RHEL8, UBUNTU14, UBUNTU16, UBUNTU18 are:

PackageName                                       Version
zimbra-nginx                               ->     1.20.0-1zimbra8.8b2
zimbra-proxy-patch                         ->     8.8.15.1634196512.p27-1
zimbra-proxy-components                    ->     1.0.9-1zimbra8.8b1

Quick note: Open Source repo

The steps to download, build, and see our code via Github can be found here: https://github.com/Zimbra/zm-build

Jira Summary

Jira Tickets fixed in 8.8.15 Patch 31

ZCS-11245 Solved chat database migration error
ZCS-11244 Correcting the warning in check blobs operation log for unexpected folder
ZCS-11243 Orphan blobs on purge bug fixed
ZCS-11242 Delegated admins can now manage the mobile passwords
ZCS-11130 Support for Rocky Linux OS
ZCS-4562 EWS: not able to set OutOfOffice settings through outlook
ZCS-4552 EWS filter rule is not available
ZBUG-2711 RCE through mboximport from authenticated user
ZBUG-2706 [Security] Memcached poisoning with unauthenticated request
ZBUG-2671 zmmsgtrace not working
ZBUG-2649 Mail compose issues with selection of "New Email" option on right-click
ZBUG-2604 Classic client is not loading in Arabic language.
ZBUG-2517 Firefox Sidebar - Not Working
ZBUG-2514 Upgrade Apache to version 2.4.49 or later.
ZBUG-2498 Upgrade to PHP version 7.3.27, 7.4.15, 8.0.2 or later.
ZBUG-2484 New mails not arriving automatically until we click send/receive button with 32 bit ZCO.
ZBUG-2481 Unable to parse pdf while searching on centos.
ZBUG-2397 Authentication break after enabling the "SameSite" cookie flag
ZBUG-2358 Remove allowplugins option from zmsaupdate script of Spamassassin.
ZBUG-2328 Zimbra EWS CreateCalendar folder returns incorrect response
ZBUG-2327 Zimbra EWS doesn't return changekey in response
ZBUG-2300 Email Text Overlapping
ZBUG-2236 Display name of the sender not displaying as per zimbraPrefFromDisplay
ZBUG-2222 Inline attachments sent from apple mail to Outlook EWS causes garble text.
ZBUG-2192 Error renaming external account's imap folder structure.
ZBUG-2165 milter not working with forwarding
ZBUG-2164 mailto links are not properly handled in zimbra webmail
ZBUG-2145 The button of the spell checker does NOT appear when it is accessed with Catalan language.
ZBUG-2084 RXSS on '/public/launchNewWindow.jsp' via 'errCode
ZBUG-2077 Unable to parse pdf while searching
ZBUG-1945 Shared contact information not appear in mail
ZBUG-1853 Unexpected blue background on many actions in zimbra9 classic WebClient using Linux
ZBUG-1676 EWS 500 error on GetInboxRules Operation
ZBUG-1633 Can't send mails through EWS when keeping TO field is blank and put recipients in CC/BCC.
ZBUG-1541 Accounts created by a user for public sharing are being counted toward the account quota for the domain.
ZBUG-1385 Webmail : character &num replace by #_
ZBUG-651 No Distribution List Members displaying with "gadl -v"
ZBUG-143 Admin Console: "Last login" and "Description" fields are missing in downloaded csv file
Jump to: navigation, search