Zimbra Releases/8.8.8/P7

Revision as of 05:30, 20 July 2018 by Pajari (talk | contribs) (Security Fixes)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Zimbra Collaboration 8.8.8 Patch 7 GA Release

Check out the "Security Fixes", "Fixed Issues" and "Zimbra NG Changelog" for this version of Zimbra Collaboration. Please refer "Patch Installation" section for Patch Installation instructions. As always, you’re encouraged to tell us what you think in the Forums, or file a bug in Bugzilla.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
108970 Persistent XSS - briefcase [CWE-79] CVE-2018-14425 3.5 Minor 8.8.8 Patch7

Software changes

Fixed Issues

Fixed email subject encoding issue - Handled spaces in encoded word for us-ascii charset
Scrolling down after toggle read/unread in Webclient causes network error)

Zimbra NG Changelog

HSM:
  • Avoid logging of Access and Secret Key of S3 bucket, earlier was shown in plain text
  • Blobs are not deleted immediately from the source volume after a blobs move operation
Chat Zimlet:
  • Firefox: Screen share option is not available
  • Videocall not working if missing webcam or microphone
Backup:
  • Fixed issue "doCoherencyCheck operation emitting warnings for (apparently) every item"
Admin Zimlet:
  • Fixed issue "Error on opening an alias"
  • Unable to see AllowDelegatedAddres in account general info tab
  • Admin NG - Feature Parity - Missing option to set up AppBanner and LoginBanner in the Admin Console
  • Show Non-NG servers in a multi-server environment
  • Prevented unnecessary requests on mouseOnEvent run by hovering over the aliases
Chat Server:
  • Fixed issue "chat service 'xmpp-server-to-server-sender' stop working after video chat usage"

Patch Installation

OpenJDK/ClamAV Installation Instructions for Non-mailbox/MTA nodes:**This note is applicable only if upgrading from 8.8.8 Patch4 or previous versions to Patch7. Ignore, if you are upgrading from 8.8.8 Patch5 or higher version of 8.8.8 Patch.
  • Install zimbra-core-components package to upgrade openjdk on non-mailstore nodes. On mailstore nodes, openjdk will be updated using zimbra-patch.
  • Install zimbra-mta-components package to upgrade clamav on Mailstore and MTA nodes. zimbra-patch will not update clamav on any nodes.

Please find more information in Installation section Redhat and Ubuntu


8.8.8 Patch Change:

**This note is applicable only if you are upgrading from 8.8.8 GA or 8.8.8 Patch1 to latest patch. Ignore, if you are upgrading from 8.8.8 Patch2 or higher version of 8.8.8 Patch.

8.8.8 Patch (zimbra-patch) checks if your system is Network Edition and if so adds a new Network Edition-only package repository. As a result, after 8.8.8 Patch installation is completed, Network edition customers will need to run another package update/upgrade process to obtain the updated Network Edition only packages available from newly added package repository.

Before Installing the Patch

Before installing the patch, consider the following:

  • Patches are cumulative.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to user zimbra before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
  • Important Note for ZCS Setup with Local ZCS repository: Customers who have setup local ZCS repository should first update the local repository by following instructions in wiki

Install the Patch

Note: This patch should be installed only on all mailbox nodes running in your environment. On other nodes, other packages needs to be installed to upgrade openjdk and clamav, please see 8.8.8 Patch 7 Installation Instructions for Non-mailbox/MTA nodes

With 8.8.8 Patches, customers would not need to download any ZCS Patch builds. Patch packages can be installed by using Linux package management commands.

  • Please make note that, installing zimbra-patch package only updates the Zimbra core packages. administrator would need to upgrade other applicable packages like zimbra-chat, zimbra-network-modules-ng, zimbra-talk.
  • Note regarding Chat and Talk package conflict
    • zimbra-chat and zimbra-talk packages conflict each other.
    • Ubuntu will ask user's confirmation before removing already installed package and installing the conflicting package.
    • Redhat will give error if conflict found and user will have to remove installed package before installing conflicting package.


Please refer below steps for 8.8.8 Patch installation on Redhat and Ubuntu platforms:

Redhat

1. Installing zimbra packages individually

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type
yum clean metadata 
yum check-update 
yum install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type
zmcontrol restart

Upgrade openjdk on non-mailstore node for FOSS and NETWORK

  • As root. Type
yum install zimbra-core-components

Upgrade clamav on Mailstore/MTA node for FOSS and NETWORK

  • As root. Type
yum install zimbra-mta-components

Install/Upgrade zimbra-chat for FOSS and NETWORK

  • As root, Type below command.
yum install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart

Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • If you are upgrading from 8.8.8 GA or 8.8.8 Patch1, Make sure you have already installed/upgraded zimbra-patch before this step. Please see 8.8.8 Patch Change
  • As root, Type below command.
yum clean metadata 
yum check-update 
yum install zimbra-network-modules-ng
yum install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart


2. Installing zimbra packages with system package upgrades

  • As root, type below command to clear yum cache
yum clean metadata
  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 888patch repository (and any other available operating system and Zimbra common package updates)
yum check-update
  • As root, type below command to allow the patch, if necessary, to add the new Network Edition patch repository.
yum install zimbra-patch 
  • As root, type below command to update most available packages.
yum update
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type
zmcontrol restart

Ubuntu

1. Installing zimbra packages individually

Install/Upgrade zimbra-patch on mailstore node for FOSS and NETWORK

  • As root, install the patch. Type
apt-get update
apt-get install zimbra-patch
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type
zmcontrol restart

Upgrade openjdk on non-mailstore node for FOSS and NETWORK

  • As root. Type
apt-get install zimbra-core-components

Upgrade clamav on Mailstore/MTA node for FOSS and NETWORK

  • As root. Type
apt-get install zimbra-mta-components

Install/Upgrade zimbra-chat for FOSS and NETWORK

  • As root, Type below command.
apt-get install zimbra-chat 
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart

Install/Upgrade zimbra-talk and zimbra-network-modules-ng (NETWORK Only)

  • If you are upgrading from 8.8.8 GA or 8.8.8 Patch1, Make sure you already installed/upgraded zimbra-patch before this step. Please see 8.8.8 Patch Change
  • As root. Type below command.
apt-get update
apt-get install zimbra-network-modules-ng
apt-get install zimbra-talk
  • Switch to user zimbra
su – zimbra
  • Zimbra mailbox service must be restarted to changes to take effect. Type
zmmailboxdctl restart

2. Installing zimbra packages with system package upgrades

  • As root, type below command first time so the server sees there is a new zimbra-patch package in the 888patch repository (and any other available operating system and Zimbra common package updates)
apt-get update
  • As root, type below command to allow the patch, if necessary, to add the new Network Edition patch repository.
apt-get install zimbra-patch
  • Network Edition Only: As root, type below command second time so the server sees the packages available in the new Network Edition repository added by Patch (**Only needed if you are upgrading from 8.8.8 GA or 8.8.8 Patch1)
apt-get update
  • As root, type below command to update most available packages
apt-get upgrade

OR

  • As root, type below command to update all available packages plus any kernel updates.
apt-get dist-upgrade
  • Switch to user zimbra
su – zimbra
  • ZCS must be restarted to changes to take effect. Type
zmcontrol restart
Jump to: navigation, search