Zimbra Releases/8.8.8/P1: Difference between revisions
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=Zimbra Collaboration 8.8.8 Patch 1 GA Release= | =Zimbra Collaboration 8.8.8 Patch 1 GA Release= | ||
<div class="col-md-9"> | <div class="col-md-9"> | ||
Check out the '''"[[#security|Security Fixes]]"''' | Check out the '''"[[#security|Security Fixes]]"''' and '''"[[#fixed|Fixed Issues]]"''' for this version of Zimbra Collaboration. We've also added a '''"[[#ng-changelog|Zimbra NG, Chat, Drive, Talk Changelog]]"''' section with useful information. Please refer '''"[[#installation|Patch Installation]]"''' section for Patch Installation instructions. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in '''[https://bugzilla.zimbra.com/enter_bug.cgi Bugzilla]'''. | ||
=Security Fixes= | =Security Fixes= | ||
Line 16: | Line 17: | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td class="col-md-1">[https://bugzilla.zimbra.com/show_bug.cgi?id= | <td class="col-md-1">[https://bugzilla.zimbra.com/show_bug.cgi?id=97579 97579]</td> | ||
<td> | <td> login CSRF protection: ZWC login form does not use a csrf token [CWE-352] </td> | ||
<td> CVE-2015-7610 </td> | |||
<td> 5.8 </td> | |||
<td style="text-align: center;"> Major </td> | |||
<td style="text-align: center;"> 8.8.8 Patch1 </td> | |||
<td> | |||
<td> | |||
<td style="text-align: center;"> | |||
<td style="text-align: center;">8.8.8</td> | |||
</tr> | </tr> | ||
</table> | </table> | ||
=Software changes= | =Software changes= | ||
<table class="table table-striped table-condensed"> | <table class="table table-striped table-condensed"> | ||
<tr> | <tr> | ||
<th colspan="2" class="info"><h4><div id=" | <th colspan="2" class="info"><h4><div id="fixed">Fixed Issues [https://bugzilla.zimbra.com/buglist.cgi?bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&chfield=bug_status&chfieldto=2018-04-13&chfieldvalue=RESOLVED&keywords=8_8_8_Patch&keywords_type=allwords&list_id=364496&query_format=advanced <span style="color:white;font-size:0.66em">(Bugzilla query)</span>]</div></h4></th> | ||
</tr> | </tr> | ||
<tr><td class="col-md-1"> | <tr><td class="col-md-1"> [https://bugzilla.zimbra.com/show_bug.cgi?id=35115 35115] </td><td class="col-md-10"> RFE: Handling multi-valued zimbraAuthLdapURL</td></tr> | ||
<tr><td class="col-md-1"> | <tr><td class="col-md-1"> [https://bugzilla.zimbra.com/show_bug.cgi?id=108928 108928] </td><td class="col-md-10"> [Defanger] Specific message causing defanger to loop and cause high CPU load</td></tr> | ||
<tr><td class="col-md-1"> | <tr><td class="col-md-1"> [https://bugzilla.zimbra.com/show_bug.cgi?id=108929 108929] </td><td class="col-md-10"> [Zimbra Chat] Multiple spaces getting trimmed from chat message</td></tr> | ||
<tr><td class="col-md-1"> [https://bugzilla.zimbra.com/show_bug.cgi?id=108930 108930] </td><td class="col-md-10"> [Zimbra Talk] "Incoming video call" dialog doesn't disappear when call is disconnected by caller</td></tr> | |||
</table> | </table> | ||
<table class="table table-striped table-condensed"> | <table class="table table-striped table-condensed"> | ||
<tr> | <tr> | ||
<th colspan="2" class="info"><h4><div id=" | <th colspan="2" class="info"><h4><div id="ng-changelog">Zimbra NG, Chat, Drive, Talk Changelog</div></h4></th> | ||
</tr> | </tr> | ||
<tr><td class="col-md-1">'''General NG:''' | |||
* Fixed a missing sentence in the "Module not running" Admin Console banner. | |||
* Fixed an issue that could cause double clicks not to open the proper "edit" window in the Delegated Admin and Device List sections of the Admin Console. | |||
</td></tr> | |||
<tr><td class="col-md-1">'''Backup NG:''' | <tr><td class="col-md-1">'''Backup NG:''' | ||
* | * Fixed a glitch that could cause the Scanned Accounts counter in the "Account Scan" operation not to increment properly for accounts that took less than one second to scan. | ||
</td></tr> | </td></tr> | ||
<tr><td class="col-md-1">'''Mobile NG:''' | <tr><td class="col-md-1">'''Mobile NG:''' | ||
* | * Fixed a bug that could cause attachments to return an invalid value in the "EstimatedDataSize" field of the synchronisation causing the client to loop. | ||
</td></tr> | </td></tr> | ||
<tr><td class="col-md-1">'''HSM NG:''' | <tr><td class="col-md-1">'''HSM NG:''' | ||
* | * Improved Mailbox Move logics in order to handle multiple briefcase file revisions. | ||
* Improved Mailbox Move logics in order to retry moving an item should the first try fail. | |||
* Mailbox Move | * Improved "RemoveOrphanedBlobsOperation" logics in order to remove items on different volumes (e.g. because of item duplication)** | ||
* | |||
** | |||
</td></tr> | </td></tr> | ||
<tr><td class="col-md-1">''' | <tr><td class="col-md-1">'''Zimbra Drive:''' | ||
* | * Fixed an issue where a "/zimbra/" path was added to the upload and download Drive URLs returning a 404 error to some users. | ||
</td></tr> | </td></tr> | ||
<tr><td class="col-md-1">'''Zimbra Chat:''' | <tr><td class="col-md-1">'''Zimbra Chat:''' | ||
* | * Fixed an issue that caused multiple whitespaces to be trimmed from chat messages. | ||
* | * Improved focus management and window resize handling. | ||
</td></tr> | </td></tr> | ||
<tr><td class="col-md-1">'''Zimbra Talk:''' | <tr><td class="col-md-1">'''Zimbra Talk:''' | ||
* | * Fixed a bug that caused group invites to fail when the group was hosted on a different server than the one the user is hosted on. | ||
* Fixed a bug that could cause group creation to fail on multiserver environments where not all servers host the mailboxd service. | |||
* When clicking on a Group or Channel in the Tab View, the focus is now automatically set to the text input area. | |||
</td></tr> | </td></tr> | ||
</table> | </table> | ||
=Patch Installation= | |||
<div id="installation"></div> | |||
==Before Installing the Patch== | |||
Before installing the patch, consider the following: | |||
* Patches are cumulative. | |||
* A full backup should be performed before any patch is applied. There is no automated roll-back. | |||
* Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet. | |||
* Only files or Zimlets associated with installed packages will be installed from the patch. | |||
* Switch to user '''zimbra''' before using ZCS CLI commands. | |||
* '''Important!''' You cannot revert to the previous ZCS release after you upgrade to the patch. | |||
==Install the Patch== | |||
Note: This patch should be installed '''only''' on '''all mailbox''' nodes running in your environment. | |||
With 8.8.8 Patches, customers would not need to download any ZCS Patch builds. Patch packages can be installed by using Linux package management commands. | |||
Customers who have setup local ZCS repository should first update the local repository by following instructions in | |||
[https://wiki.zimbra.com/wiki/Zimbra_Collaboration_repository#Keep_the_local_Repository_up_to_date wiki] | |||
* Please make note that, installing zimbra-patch package only updates the Zimbra core packages. administrator would need to upgrade other applicable packages like zimbra-chat, zimbra-network-modules-ng, zimbra-talk. | |||
* Also, please note that, updating zimbra-talk package would remove existing zimbra-chat package and upgrade zimbra-network-modules-ng to the latest version. So, if you plan to update zimbra-talk package, then updating zimbra-network-modules-ng step can be skipped. | |||
<br/> | |||
Please refer below steps for 8.8.8 Patch1 installation on Redhat and Ubuntu platforms: | |||
'''Redhat:''' | |||
* As root, install the patch. Type | |||
yum --disablerepo=* --enablerepo=zimbra-888-patch clean metadata | |||
yum check-update --disablerepo=* --enablerepo=zimbra-888-patch --noplugins | |||
yum install zimbra-patch | |||
* Switch to user zimbra | |||
su – zimbra | |||
* ZCS must be restarted to changes to take effect. Type | |||
zmcontrol restart | |||
<br/> | |||
To upgrade NG, Chat, Talk packages: | |||
* administrator can chose to update below packages if those are already installed with 8.8.8 GA build. As root, Type | |||
yum install zimbra-chat OR yum install zimbra-talk | |||
yum install zimbra-network-modules-ng | |||
* Switch to user zimbra | |||
su – zimbra | |||
* Zimbra mailbox service must be restarted to changes to take effect. Type | |||
zmmailboxdctl restart | |||
<br/> | |||
'''Ubuntu:''' | |||
* As root, install the patch. Type | |||
apt-get update | |||
apt-get install zimbra-patch | |||
* Switch to user zimbra | |||
su – zimbra | |||
* ZCS must be restarted to changes to take effect. Type | |||
zmcontrol restart | |||
<br/> | |||
To upgrade NG, Chat, Talk packages: | |||
* administrator can chose to update below packages if those are already installed with 8.8.8 GA build. As root, Type | |||
apt-get install zimbra-chat OR apt-get install zimbra-talk | |||
apt-get install zimbra-network-modules-ng | |||
* Switch to user zimbra | |||
su – zimbra | |||
* Zimbra mailbox service must be restarted to changes to take effect. Type | |||
zmmailboxdctl restart | |||
</div> |
Latest revision as of 06:57, 20 April 2018
Zimbra Collaboration 8.8.8 Patch 1 GA Release
Check out the "Security Fixes" and "Fixed Issues" for this version of Zimbra Collaboration. We've also added a "Zimbra NG, Chat, Drive, Talk Changelog" section with useful information. Please refer "Patch Installation" section for Patch Installation instructions. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in Bugzilla.
Security Fixes
Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.
Bug# | Summary | CVE-ID | CVSS Score |
Zimbra Rating |
Fix Release or Patch Version |
---|---|---|---|---|---|
97579 | login CSRF protection: ZWC login form does not use a csrf token [CWE-352] | CVE-2015-7610 | 5.8 | Major | 8.8.8 Patch1 |
Software changes
|
|
---|---|
35115 | RFE: Handling multi-valued zimbraAuthLdapURL |
108928 | [Defanger] Specific message causing defanger to loop and cause high CPU load |
108929 | [Zimbra Chat] Multiple spaces getting trimmed from chat message |
108930 | [Zimbra Talk] "Incoming video call" dialog doesn't disappear when call is disconnected by caller |
|
|
---|---|
General NG:
| |
Backup NG:
| |
Mobile NG:
| |
HSM NG:
| |
Zimbra Drive:
| |
Zimbra Chat:
| |
Zimbra Talk:
|
Patch Installation
Before Installing the Patch
Before installing the patch, consider the following:
- Patches are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to user zimbra before using ZCS CLI commands.
- Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
Install the Patch
Note: This patch should be installed only on all mailbox nodes running in your environment.
With 8.8.8 Patches, customers would not need to download any ZCS Patch builds. Patch packages can be installed by using Linux package management commands. Customers who have setup local ZCS repository should first update the local repository by following instructions in wiki
- Please make note that, installing zimbra-patch package only updates the Zimbra core packages. administrator would need to upgrade other applicable packages like zimbra-chat, zimbra-network-modules-ng, zimbra-talk.
- Also, please note that, updating zimbra-talk package would remove existing zimbra-chat package and upgrade zimbra-network-modules-ng to the latest version. So, if you plan to update zimbra-talk package, then updating zimbra-network-modules-ng step can be skipped.
Please refer below steps for 8.8.8 Patch1 installation on Redhat and Ubuntu platforms:
Redhat:
- As root, install the patch. Type
yum --disablerepo=* --enablerepo=zimbra-888-patch clean metadata yum check-update --disablerepo=* --enablerepo=zimbra-888-patch --noplugins yum install zimbra-patch
- Switch to user zimbra
su – zimbra
- ZCS must be restarted to changes to take effect. Type
zmcontrol restart
To upgrade NG, Chat, Talk packages:
- administrator can chose to update below packages if those are already installed with 8.8.8 GA build. As root, Type
yum install zimbra-chat OR yum install zimbra-talk yum install zimbra-network-modules-ng
- Switch to user zimbra
su – zimbra
- Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart
Ubuntu:
- As root, install the patch. Type
apt-get update apt-get install zimbra-patch
- Switch to user zimbra
su – zimbra
- ZCS must be restarted to changes to take effect. Type
zmcontrol restart
To upgrade NG, Chat, Talk packages:
- administrator can chose to update below packages if those are already installed with 8.8.8 GA build. As root, Type
apt-get install zimbra-chat OR apt-get install zimbra-talk apt-get install zimbra-network-modules-ng
- Switch to user zimbra
su – zimbra
- Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart