Zimbra Releases/8.8.8/P1: Difference between revisions

mNo edit summary
No edit summary
Line 2: Line 2:
{{WIP}}
{{WIP}}
<div class="col-md-9">
<div class="col-md-9">
Check out the '''"[[#security|Security Fixes]]"''', '''"[[#fixed|Fixed Issues]]"''' and '''"[[#known|Known Issues]]"''' for this version of Zimbra Collaboration. We've also added a '''"[[#zextras|ZeXtras Suite Changelog]]"''' section with useful information. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in '''[https://bugzilla.zimbra.com/enter_bug.cgi Bugzilla]'''.
Check out the '''"[[#security|Security Fixes]]"''' and '''"[[#fixed|Fixed Issues]]"''' for this version of Zimbra Collaboration. We've also added a '''"[[#zextras|ZeXtras Suite Changelog]]"''' section with useful information. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in '''[https://bugzilla.zimbra.com/enter_bug.cgi Bugzilla]'''.


=Security Fixes=
=Security Fixes=
Line 19: Line 19:
   <td class="col-md-1">[https://bugzilla.zimbra.com/show_bug.cgi?id=97579 97579]</td>
   <td class="col-md-1">[https://bugzilla.zimbra.com/show_bug.cgi?id=97579 97579]</td>
   <td> login CSRF protection: ZWC login form does not use a csrf token [CWE-352] </td>
   <td> login CSRF protection: ZWC login form does not use a csrf token [CWE-352] </td>
   <td> tba</td>
   <td> CVE-2015-7610 </td>
   <td> tba</td>
   <td> 5.8 </td>
   <td style="text-align: center;">tba</td>
   <td style="text-align: center;"> Major </td>
   <td style="text-align: center;">8.8.8 Patch1</td>
   <td style="text-align: center;"> 8.8.8 Patch1 </td>
</tr>
</tr>
</table>
</table>
Line 30: Line 30:
<table class="table table-striped table-condensed">
<table class="table table-striped table-condensed">
         <tr>
         <tr>
             <th colspan="2" class="info"><h4><div id="fixed">Fixed Issues [https://bugzilla.zimbra.com/buglist.cgi?bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&chfield=bug_status&chfieldto=2018-03-28&chfieldvalue=RESOLVED&f1=keywords&list_id=362849&o1=anyexact&query_format=advanced&v1=8_8_8 <span style="color:white;font-size:0.66em">(Bugzilla query)</span>]</div></h4></th>
             <th colspan="2" class="info"><h4><div id="fixed">Fixed Issues [https://bugzilla.zimbra.com/query.cgi?bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&chfield=bug_status&chfieldto=2018-04-12&chfieldvalue=RESOLVED&f1=keywords&list_id=364398&o1=anyexact&query_format=advanced&v1=8_8_8_Patch1 <span style="color:white;font-size:0.66em">(Bugzilla query)</span>]</div></h4></th>
        </tr>
</table>
 
<table class="table table-striped table-condensed">
        <tr>
            <th colspan="2" class="info"><h4><div id="known">Known Issues [https://bugzilla.zimbra.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=IN_PROGRESS&bug_status=REOPENED&chfield=%5BBug%20creation%5D&f1=keywords&list_id=363730&o1=anyexact&query_format=advanced&v1=8_8_8 <span style="color:white;font-size:0.66em">(Bugzilla query)</span>]</div></h4></th>
         </tr>
         </tr>
        <tr><td class="col-md-1">  [https://bugzilla.zimbra.com/show_bug.cgi?id=35115 35115] </td><td class="col-md-10">  RFE: Handling multi-valued zimbraAuthLdapURL</td></tr>
        <tr><td class="col-md-1">  [https://bugzilla.zimbra.com/show_bug.cgi?id=108928 108928] </td><td class="col-md-10">  [Defanger] Specific message causing defanger to loop and cause high CPU load</td></tr>
        <tr><td class="col-md-1">  [https://bugzilla.zimbra.com/show_bug.cgi?id=108929 108929] </td><td class="col-md-10">  [Zimbra Chat] Multiple spaces getting trimmed from chat message</td></tr>
        <tr><td class="col-md-1">  [https://bugzilla.zimbra.com/show_bug.cgi?id=108930 108930] </td><td class="col-md-10">  [Zimbra Talk] "Incoming video call" dialog doesn't disappear when call is disconnected by caller</td></tr>
</table>
</table>


Line 72: Line 70:
</td></tr>
</td></tr>
</table>
</table>
=Patch Installation=
<div id="installation"></div>
With 8.8.8 Patches, customers would not need to download any ZCS Patch builds. Patch packages can be installed by using Linux package management commands.
Customers who have setup local ZCS repository should first update the local repository by following instructions in
[https://wiki.zimbra.com/wiki/Zimbra_Collaboration_repository#Keep_the_local_Repository_up_to_date wiki]
Please refer below steps for 8.8.8 Patch1 installation on Redhat and Ubuntu platforms:
'''Redhat:'''
* yum --disablerepo=* --enablerepo=zimbra-888-patch clean metadata
* yum check-update --disablerepo=* --enablerepo=zimbra-888-patch --noplugins
* yum install zimbra-patch
* zmcontrol restart
<br/>
To install Chat/Talk and Network-Modules-NG packages:
* yum install zimbra-network-modules-ng
* yum install zimbra-chat    OR      yum install zimbra-talk
* zmmailboxdctl restart
<br/>
'''Ubuntu:'''
* apt-get update
* apt-get install zimbra-patch
* zmcontrol restart
<br/>
To install Chat/Talk and Network-Modules-NG packages:
* apt-get install zimbra-network-modules-ng
* apt-get install zimbra-chat      OR    apt-get install zimbra-talk
* zmmailboxdctl restart

Revision as of 14:03, 11 April 2018

Zimbra Collaboration 8.8.8 Patch 1 GA Release

Check out the "Security Fixes" and "Fixed Issues" for this version of Zimbra Collaboration. We've also added a "ZeXtras Suite Changelog" section with useful information. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in Bugzilla.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
97579 login CSRF protection: ZWC login form does not use a csrf token [CWE-352] CVE-2015-7610 5.8 Major 8.8.8 Patch1

Software changes

Fixed Issues (Bugzilla query)

35115 RFE: Handling multi-valued zimbraAuthLdapURL
108928 [Defanger] Specific message causing defanger to loop and cause high CPU load
108929 [Zimbra Chat] Multiple spaces getting trimmed from chat message
108930 [Zimbra Talk] "Incoming video call" dialog doesn't disappear when call is disconnected by caller

ZeXtras Suite Changelog

General NG:
  • Fixed a missing sentence in the "Module not running" Admin Console banner.
  • Fixed an issue that could cause double clicks not to open the proper "edit" window in the Delegated Admin and Device List sections of the Admin Console.
Backup NG:
  • Fixed a glitch that could cause the Scanned Accounts counter in the "Account Scan" operation not to increment properly for accounts that took less than one second to scan.
Mobile NG:
  • Fixed a bug that could cause attachments to return an invalid value in the "EstimatedDataSize" field of the synchronisation causing the client to loop.
HSM NG:
  • Improved Mailbox Move logics in order to handle multiple briefcase file revisions.
  • Improved Mailbox Move logics in order to retry moving an item should the first try fail.
  • Improved "RemoveOrphanedBlobsOperation" logics in order to remove items on different volumes (e.g. because of item duplication)**
Zimbra Drive:
  • Fixed an issue where a "/zimbra/" path was added to the upload and download Drive URLs returning a 404 error to some users.
Zimbra Chat:
  • Fixed an issue that caused multiple whitespaces to be trimmed from chat messages.
  • Improved focus management and window resize handling.
Zimbra Talk:
  • Fixed a bug that caused group invites to fail when the group was hosted on a different server than the one the user is hosted on.
  • Fixed a bug that could cause group creation to fail on multiserver environments where not all servers host the mailboxd service.
  • When clicking on a Group or Channel in the Tab View, the focus is now automatically set to the text input area.

Patch Installation

With 8.8.8 Patches, customers would not need to download any ZCS Patch builds. Patch packages can be installed by using Linux package management commands. Customers who have setup local ZCS repository should first update the local repository by following instructions in wiki

Please refer below steps for 8.8.8 Patch1 installation on Redhat and Ubuntu platforms:

Redhat:

  • yum --disablerepo=* --enablerepo=zimbra-888-patch clean metadata
  • yum check-update --disablerepo=* --enablerepo=zimbra-888-patch --noplugins
  • yum install zimbra-patch
  • zmcontrol restart


To install Chat/Talk and Network-Modules-NG packages:

  • yum install zimbra-network-modules-ng
  • yum install zimbra-chat OR yum install zimbra-talk
  • zmmailboxdctl restart


Ubuntu:

  • apt-get update
  • apt-get install zimbra-patch
  • zmcontrol restart


To install Chat/Talk and Network-Modules-NG packages:

  • apt-get install zimbra-network-modules-ng
  • apt-get install zimbra-chat OR apt-get install zimbra-talk
  • zmmailboxdctl restart
Jump to: navigation, search