Zimbra Releases/9.0.0/P16

Zimbra Collaboration Kepler 9.0.0 Patch 16 GA Release

Check out the Security Fixes, What's New, Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues.

Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
Open Redirect Vulnerability in preauth servlet. CVE-2021-34807 6.1 Medium 9.0.0 P16
Proxy Servlet Open Redirect Vulnerability. CVE-2021-35209 6.1 Medium 9.0.0 P16
Stored XSS Vulnerability in ZmMailMsgView.java. CVE-2021-35208 5.4 Medium 9.0.0 P16
Vulnerability Scanner detects Cross Site Scripting Vulnerability. CVE-2021-35207 6.1 Medium 9.0.0 P16

Security Recommendation

Zimbra would strongly recommend the customer to review If this Proxy Servlet is configured to allow a particular host (via zimbraProxyAllowedDomains configuration setting on each class of services), please make sure each entry in zimbraProxyAllowedDomains should be a safe and trusted host, there should NOT be any wild card entries like *.webex.com instead use specific host example.webex.com.

Any entry in zimbraProxyAllowedDomains resolves to an internal IP address (such as 127.0.0.1), an attacker could possibly access services running on a different port on the same server, which would normally not be exposed publicly. So we urge our customers to review this configuration setting to ensure that there are no vulnerabilities are introduced.

What's New

Announcing Zimbra Video Server GA

  • The Zimbra Video Server is a WebRTC stream aggregator that improves Connect’s performance by merging and decoding/re-encoding all streams in a meeting. Refer to the admin guide for instructions on installing the Video Server on the systems.

Deprecation of Zimbra Server on Ubuntu 14.04, Oracle Linux 6 and CentOS/RHEL 6

With a number of supported operating systems entering the end of life, Zimbra will deprecate all Zimbra versions for Ubuntu 14.04, CentOS 6, Redhat 6 and Oracle 6 as of July 31, 2021. At this date, there will no longer be any patch release for 8.8.15 and 9.0.0 on these operating systems.

  • Ubuntu 14.04 end of life occurred on April 30, 2019
  • CentOS and RHEL 6 end of life occurred on November 30, 2020
  • Oracle 6 End of life occurred on October 2020

After July 31, 2021, Zimbra Support will provide best-effort support for the last patch release on the listed operating systems. However, any known or existing bugs will not be addressed and Zimbra Support encourages all customers to follow our recommended upgrade path to a supported OS version at your earliest convenience to ensure no interruption in your support services.

For more information about the direction Zimbra is taking with supporting future operating systems please check our blog.

For questions or guidance with upgrading your operating system please open a support case and our Support team is here to assist you.


Web UX - Admin

  • Zimbra now supports Two Factor Authentication (2FA) when logging in to the Administration Console. The user should use the same 2FA mechanism they have set up for their mail login.

Please note that this feature is still not available for Delegated Administrators.


Fixed Issues

Web UX - Modern

  • Emails from some sources (like Glassdoor.com) were not displaying correctly. The issue has been fixed.
  • In Modern Web App, users will now be available to preview CSV attachments received in their emails.
  • User of Modern UI was unable to attach files that had Japanese characters in their names. This is now fixed.
  • If the saved search name included a % sign, then the Modern Web App became unresponsive. The issue has been fixed.
  • Fixed a bug that prevented properly generate the extension of the zip file on sending a Drive folder via email in Modern Web App.
  • With Modern UI on screens with the lower horizontal resolution, the Copyright text in the footer was overlapping with the Log In button. This is now fixed.
  • Emails without full return email addresses were not handled correctly leading to a crash in Modern UI. This is now fixed - the UI handles them correctly.
  • User-friendly error message is now displayed to the users when their signature creation limit is reached.

Web UX - Classic

  • The date formats were not the same between the display and the printed forms of an email. It is now made consistent.
  • When a user has multiple external accounts and deletes more than two of them at the same time on the preference page, only the last account's folders were deleted (the user had to delete them manually later). This issue is now fixed.

Platform

  • Command-line utility zmmboxmove was failing in case the mailbox move operation took more than 100 seconds. With this fix, a new localconfig attribute has been introduced - zimbra_remote_cmd_channel_timeout_min which will control the timeout for mailbox moves. The default value is set to 10 minutes which can be further increased if needed.
  • Updating Ciphers and TLS attributes in local config were not getting reflected in LDAP. Due to mismatch of TLS protocol, send/receive of emails were affected and amavisd service failed to connect to LDAP. These issues have been fixed. Updating Ciphers and TLS attributes in local config now correctly gets reflected in LDAP.

NOTE: For this fix to work, TLSv1 needs to be disabled on the server. Restart zmamavisdctl to make the changes effective:

zmlocalconfig -e amavis_sslversion='!TLSv1'
zmamavisdctl restart

Calendar

  • In Calendar, the year view did not display the Years correctly. The issue has been fixed.

Contacts

  • In the Modern UI, when picking contacts from the hierarchical address book, some contacts were being missed out. This is addressed now.

NG Backup

  • Fixed a bug that prevented the items in the subfolders to be properly restored inside its subfolder when restoring with the doUndelete command.
  • The restore inside the source folder is now the default behavior of the doUndelete command.
  • Fixed a bug that prevented the backup coherency check operation to properly fix the backup path when missing Drive’s blobs are present.
  • The debug logs have been improved, now they log each remote call to the store, and more in detail, now every file upload to remote storage is logged for each folder.
  • The handling of errors during a coherency check where the backup is being fixed has been improved, now if it is not possible to move files away from the backup path, an error will be thrown.
  • The Real-Time backup now saves account/COS/domain configuration too. On restoring an account/COS/domain, it is now restored also the whole item configuration.
  • Clarified the error message that the coherency check operation throws when a missing blob is found in the backup path.
  • The Zimbra indexing is now temporarily disabled while performing restore operations such as the external restore and the restore on a new account to improve the restore performances.
  • The restore operation has been improved to increase its speed.
  • Improvement in the working of restoration of appointments/calendar.

Zimbra Connect

  • The Pin video action has been fixed and is now visible during a meeting both in the grid and in cinema mode.
  • Now all the HTTP responses but the 404 error will contain the Content-Type header so Zimbra Connect can be used in conjunction with X-Content-Type-Options: nosniff header.
  • In the forward modal window, the conversations with cleared history were wrongly set at the top of the list.
  • Connect's Create button has been refactored to make it compliant with the other Zimbra buttons in the modern interface.
  • Instant meeting’s modal windows will is no more shown twice on adding.
  • It is now possible for users to create spaces with no user.
  • Group invitation is now improved with the new option to allow users to show or hide the previous history of a group chat. Also in Instant meetings when a new user joins a meeting will not be able to see the previous history. On the other hand, in spaces and channels, history will always be visible. Moreover, when a user leaves a conversation or the conversation is deleted, the clear conversation’s data is removed.
  • During an instant meeting, on sharing the screen the view automatically changes to cinema and the new screen share session is pinned when Video Server is used.
  • In a meeting, users can send two different streams: one for webcam and one for screen share.
  • Now, an instant meeting is hosted on the server the user that creates the meeting resides on.
  • In Zimbra Connect, reduced the *CREATE* button size and text.

Zimbra Drive

  • Fixed a bug that prevented properly generate the extension of the zip file on sending a Drive folder via email in Zimbra Modern Web App.

NG Admin

  • When the notifications list is empty, a status message is now shown to advise the admins to click the refresh button to update the list. A refresh button has also been added to refresh the list.


Known Issues

  • None


Patch Installation

Please refer to the steps below to install 9.0.0 Patch 16 on Redhat and Ubuntu platforms:

Before Installing the Patch, consider the following:

  • Patches are cumulative.
  • A full backup should be performed before any patch is applied. There is no automated roll-back.
  • Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
  • Only files or Zimlets associated with installed packages will be installed from the patch.
  • Switch to zimbra user before using ZCS CLI commands.
  • Important! You cannot revert to the previous ZCS release after you upgrade to the patch.

9.0.0 Patch 16 Packages

The package lineup for this release is:

PackageName Version

zimbra-patch                               ->     9.0.0.1624335285.p16-2
zimbra-proxy-patch                         ->     9.0.0.1618814597.p14-1
zimbra-mta-patch                           ->     9.0.0.1624335005.p16-1
zimbra-mta-components                      ->     1.0.13-1zimbra8.8b1
zimbra-common-core-jar                     ->     9.0.0.1624292289-1
zimbra-openldap-server                     ->     2.4.49-1zimbra8.8b4
zimbra-ldap-components                     ->     1.0.9-1zimbra8.8b1
zimbra-clamav                              ->	   0.103.2-1zimbra8.8b3
zimbra-clamav-libs                         ->     0.103.2-1zimbra8.8b3
zimbra-openssl                             ->     1.1.1k-1zimbra8.7b4
zimbra-openssl-libs                        ->     1.1.1k-1zimbra8.7b4
zimbra-postfix-logwatch                    ->     1.40.03-1zimbra8.7b1
zimbra-timezone-data                       ->     3.0.0.1618571554-1
zimbra-mbox-store-libs                     ->     9.0.0.1618826418-1
zimbra-mbox-war                            ->     9.0.0.1618222842-1
zimbra-mbox-webclient-war                  ->     9.0.0.1623925363-1
zimbra-mbox-admin-console-war              ->     9.0.0.1621429840-1
zimbra-common-mbox-conf-attrs              ->     9.0.0.1602835824-1
zimbra-common-core-libs                    ->     9.0.0.1623914106-1
zimbra-zco                                 ->     9.0.0.1899.1622533295-1
zimbra-modern-ui                           ->     4.12.0.1623259892-1
zimbra-zimlet-install-pwa                  ->     4.0.0.1606479635-1
zimbra-zimlet-set-default-client           ->     6.0.0.1623256371-1
zimbra-zimlet-date                         ->     4.0.0.1606496021-1
zimbra-zimlet-additional-signature-setting ->     4.1.0.1610521399-1
zimbra-zimlet-calendar-subscription        ->     4.0.0.1606479804-1
zimbra-zimlet-sideloader                   ->     5.0.0.1606717050-1
zimbra-modern-zimlets                      ->     4.12.0.1623259892-1
zimbra-zimlet-restore-contacts             ->     4.1.0.1610520308-1
zimbra-network-modules-ng                  ->     7.0.15.1622198669-1
zimbra-drive-ng                            ->     4.0.11.1616091300-1
zimbra-drive-modern                        ->     1.0.11.1616091300-1
zimbra-connect                             ->     2.0.15.1620919446-1
zimbra-connect-modern                      ->     1.0.15.1620919446-1
zimbra-docs                                ->     4.0.5.1616090633-1
zimbra-docs-modern                         ->     1.0.4.1606409421-1
zimbra-zimlet-auth                         ->     1.0.2.1622463729-1
zimbra-zimlet-zoom                         ->     7.0.0.1621610655-1
zimbra-zimlet-slack                        ->     5.5.0.1621610655-1
zimbra-zimlet-dropbox                      ->     6.0.0.1621610655-1
zimbra-zimlet-onedrive                     ->     6.0.0.1621610655-1
zimbra-zimlet-google-drive                 ->     6.0.0.1621610655-1
zimbra-zimlet-jitsi                        ->     3.3.1.1621610655-1
zimbra-zimlet-video-call-preferences       ->     2.1.0.1621610655-1
zimbra-zimlet-nextcloud                    ->     1.0.6.1619072255-1
zimbra-zimlet-webex	                   ->    1.0.0.1622194761-1
zimbra-zimlet-voice-message                ->     1.0.3.1611114827-1
zimbra-zimlet-classic-unsupportedbrowser   ->     1.0.0.1591045240-1
zimbra-zimlet-email-templates              ->     2.0.0.1606716802-1
zimbra-zimlet-signature-template           ->     1.0.0.1609841753-1
zimbra-chat                                ->     4.0.1.1594306412-1

Redhat

Installing Zimbra packages with system package upgrades

  • As root, first clear the yum cache and check for updates so the server sees there is a new zimbra-patch package in the patch repository:
yum clean metadata
yum check-update
  • Then ask yum to update available packages:
yum update
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Installing Zimbra packages individually

Upgrade OpenLDAP on LDAP node

  • As root, install the package:
yum install zimbra-ldap-components
  • Restart ldap as zimbra user:
su - zimbra
ldap restart

Install/Upgrade zimbra-proxy-patch on Proxy node

  • As root, install the package:
yum install zimbra-proxy-patch
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade zimbra-proxy-components on Proxy node

  • As root, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata
yum check-update
  • Then install the package:
yum install zimbra-proxy-components
  • If snmp is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-mta-components on MTA node

  • As root, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata
yum check-update
  • Then install the package:
yum install zimbra-mta-components
  • If dnscache is installed, upgrade the package before restarting the services:
yum install zimbra-dnscache-components
  • If snmp is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-mta-patch on MTA node

  • As root, install the package:
yum install zimbra-mta-patch
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node

  • As root, install the package:
yum install zimbra-patch
  • If apache is installed, upgrade the package before restarting the services:
yum install zimbra-apache-components
  • If spell is installed, upgrade the package before restarting the services:
yum install zimbra-spell-components
  • If snmp is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart


Installing NG packages

Uninstall zimbra-talk on mailstore node

In case of upgrade from version 8.8.15, uninstall zimbra-talk from mailstore node since it replaces with zimbra-connect. Hence, it is important to remove zimbra-talk before installing zimbra-connect.

  • As root, uninstall the package zimbra-talk:
yum remove zimbra-talk

Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs and zimbra-drive-ng on mailstore node

yum install zimbra-network-modules-ng
yum install zimbra-connect
yum install zimbra-zimlet-auth
yum install zimbra-docs
yum install zimbra-drive-ng
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Zimbra Additional Zimlets

Note: - You can install the packages of your choice from the below list.

Install/Upgrade zimbra-zimlet-slack, zimbra-zimlet-zoom, zimbra-zimlet-dropbox, zimbra-zimlet-google-drive, zimbra-zimlet-onedrive, zimbra-zimlet-jitsi, zimbra-zimlet-video-call-preferences, zimbra-zimlet-nextcloud, zimbra-zimlet-voice-message, zimbra-zimlet-sideloader, zimbra-zimlet-user-sessions-management on mailstore node

yum install zimbra-zimlet-slack
yum install zimbra-zimlet-zoom
yum install zimbra-zimlet-dropbox
yum install zimbra-zimlet-google-drive
yum install zimbra-zimlet-onedrive
yum install zimbra-zimlet-jitsi
yum install zimbra-zimlet-video-call-preferences
yum install zimbra-zimlet-nextcloud
yum install zimbra-zimlet-voice-message
yum install zimbra-zimlet-sideloader
yum install zimbra-zimlet-user-sessions-management
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Ubuntu

Installing zimbra packages with system package upgrades

  • As root, check for updates so the server checks there is a new zimbra-patch package in the patch repository:
apt-get update
  • Then update available packages:
apt-get upgrade
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart

Installing zimbra packages individually

Upgrade OpenLDAP on LDAP node

  • As root, install the package:
apt-get install zimbra-ldap-components
  • Restart ldap as zimbra user:
su - zimbra
ldap restart

Install/Upgrade zimbra-proxy-patch on Proxy node

  • As root, install package
apt-get install zimbra-proxy-patch
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart
zmmemcachedctl restart

Install/Upgrade zimbra-proxy-components on Proxy node

  • As root, install package
apt-get install zimbra-proxy-components
  • If snmp is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
  • Restart proxy as zimbra user:
su - zimbra
zmproxyctl restart

Install/Upgrade zimbra-mta-components on MTA node

  • As root, install package
apt-get install zimbra-mta-components
  • If dnscache is installed, upgrade the package before restarting the services:
apt-get install zimbra-dnscache-components
  • If snmp is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-mta-patch on MTA node

  • As root, install package
apt-get install zimbra-mta-patch
  • Restart amavisd as zimbra user:
su - zimbra
zmamavisdctl restart

Install/Upgrade zimbra-patch on mailstore node

  • As root, check for updates and install package:
apt-get update
apt-get install zimbra-patch
  • If apache is installed, upgrade the package before restarting the services:
apt-get install zimbra-apache-components
  • If spell is installed, upgrade the package before restarting the services:
apt-get install zimbra-spell-components
  • If snmp is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
  • Restart ZCS as zimbra user:
su - zimbra
zmcontrol restart


Installing NG packages

Uninstall zimbra-talk on mailstore node

In case of upgrade from version 8.8.15, uninstall zimbra-talk from mailstore node since it replaces with zimbra-connect. Hence, it is important to remove zimbra-talk before installing zimbra-connect.

  • As root, uninstall the package zimbra-talk:
apt-get remove zimbra-talk

Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs, zimbra-drive-ng on mailstore node

  • As root, check for updates and install packages:
apt-get update
apt-get install zimbra-network-modules-ng
apt-get install zimbra-connect
apt-get install zimbra-zimlet-auth
apt-get install zimbra-docs
apt-get install zimbra-drive-ng
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart


Zimbra Additional Zimlets

Note: - You can install the packages of your choice from the below list.

Install/Upgrade zimbra-zimlet-slack, zimbra-zimlet-zoom, zimbra-zimlet-dropbox, zimbra-zimlet-google-drive, zimbra-zimlet-onedrive, zimbra-zimlet-jitsi, zimbra-zimlet-video-call-preferences, zimbra-zimlet-nextcloud, zimbra-zimlet-voice-message, zimbra-zimlet-sideloader, zimbra-zimlet-user-sessions-management on mailstore node

apt-get install zimbra-zimlet-slack
apt-get install zimbra-zimlet-zoom
apt-get install zimbra-zimlet-dropbox
apt-get install zimbra-zimlet-google-drive
apt-get install zimbra-zimlet-onedrive
apt-get install zimbra-zimlet-jitsi
apt-get install zimbra-zimlet-video-call-preferences
apt-get install zimbra-zimlet-nextcloud
apt-get install zimbra-zimlet-voice-message
apt-get install zimbra-zimlet-sideloader
apt-get install zimbra-zimlet-user-sessions-management
  • Restart Zimbra mailbox service as zimbra user:
su - zimbra
zmmailboxdctl restart

Upgraded 3rd Party Packages

  • OpenSSL and Postfix TLS 1.3 Packages

The packages for RHEL6, RHEL7, UBUNTU14, UBUNTU16, UBUNTU18 are:

Package Name      Version
zimbra-openssl : 1.1.1h-1zimbra8.7b3
zimbra-postfix : 3.5.6-1zimbra8.7b3
zimbra-nginx : 1.19.0-1zimbra8.8b3
zimbra-mariadb : 10.1.25-1zimbra8.7b3
zimbra-heimdal : 1.5.3-1zimbra8.7b3
zimbra-curl : 7.49.1-1zimbra8.7b3
zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2
zimbra-unbound : 1.11.0-1zimbra8.7b2
zimbra-apr-util : 1.6.1-1zimbra8.7b2
zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4
zimbra-net-snmp : 5.8-1zimbra8.7b2
zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3
zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2
zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3
zimbra-openldap : 2.4.49-1zimbra8.8b4
zimbra-opendkim : 2.10.3-1zimbra8.7b5
zimbra-clamav : 0.102.2-1zimbra8.8b3
zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b2
zimbra-perl-net-http : 6.09-1zimbra8.7b3
zimbra-perl-libwww : 6.13-1zimbra8.7b3
zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b3
zimbra-perl-xml-parser : 2.44-1zimbra8.7b3
zimbra-perl-soap-lite : 1.19-1zimbra8.7b3
zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b3
zimbra-perl-xml-simple : 2.25-1zimbra8.7b2
zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3
zimbra-perl-mail-spamassassin : 3.4.4-1zimbra8.8b3
zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b3
zimbra-perl-innotop : 1.9.1-1zimbra8.7b3
zimbra-httpd : 2.4.46-1zimbra8.7b3
zimbra-php : 7.3.25-1zimbra8.7b3
zimbra-postfix-logwatch : 1.40.03-1zimbra8.7b1
zimbra-perl : 1.0.5-1zimbra8.7b1
zimbra-dnscache-components : 1.0.2-1zimbra8.7b1
zimbra-apache-components : 2.0.4-1zimbra8.8b1
zimbra-spell-components : 2.0.4-1zimbra8.8b1
zimbra-snmp-components : 1.0.3-1zimbra8.7b1
zimbra-mta-components : 1.0.11-1zimbra8.8b1
zimbra-core-components : 3.0.3-1zimbra8.8b1
zimbra-proxy-components : 1.0.8-1zimbra8.8b1
zimbra-store-components : 1.0.3-1zimbra8.7b1
zimbra-ldap-components : 1.0.6-1zimbra8.8b1
zimbra-mbox-store-libs : 9.0.0.1615887345-1
  • OpenSSL and Postfix TLS 1.3 Packages

The GA packages for RHEL8 are:

Package Name      Version
zimbra-openssl : 1.1.1h-1zimbra8.7b3
zimbra-postfix : 3.5.6-1zimbra8.7b3
zimbra-nginx : 1.19.0-1zimbra8.8b3
zimbra-mariadb : 10.1.25-1zimbra8.7b3
zimbra-heimdal : 1.5.3-1zimbra8.7b3
zimbra-curl : 7.49.1-1zimbra8.7b3
zimbra-perl-net-ssleay : 1.88-1zimbra8.7b2
zimbra-unbound : 1.11.0-1zimbra8.7b2
zimbra-apr-util : 1.6.1-1zimbra8.7b2
zimbra-perl-dbd-mysql : 4.050-1zimbra8.7b4
zimbra-net-snmp : 5.8-1zimbra8.7b3
zimbra-perl-crypt-openssl-random : 0.11-1zimbra8.7b3
zimbra-perl-crypt-openssl-rsa : 0.31-1zimbra8.7b2
zimbra-cyrus-sasl : 2.1.26-1zimbra8.7b3
zimbra-openldap : 2.4.49-1zimbra8.8b4
zimbra-opendkim : 2.10.3-1zimbra8.7b5
zimbra-clamav : 0.102.2-1zimbra8.8b3
zimbra-perl-io-socket-ssl : 2.068-1zimbra8.7b3
zimbra-perl-net-http : 6.09-1zimbra8.7b4
zimbra-perl-libwww : 6.13-1zimbra8.7b4
zimbra-perl-lwp-protocol-https : 6.06-1zimbra8.7b4
zimbra-perl-xml-parser : 2.44-1zimbra8.7b4
zimbra-perl-soap-lite : 1.19-1zimbra8.7b4
zimbra-perl-xml-sax-expat : 0.51-1zimbra8.7b4
zimbra-perl-xml-simple : 2.25-1zimbra8.7b3
zimbra-perl-mail-dkim : 0.40-1zimbra8.7b3
zimbra-perl-mail-spamassassin : 3.4.4-1zimbra8.8b4
zimbra-spamassassin-rules : 1.0.0-1zimbra8.8b4
zimbra-perl-innotop : 1.9.1-1zimbra8.7b4
zimbra-httpd : 2.4.46-1zimbra8.7b3
zimbra-php : 7.3.25-1zimbra8.7b3
zimbra-perl : 1.0.6-1zimbra8.7b1
zimbra-dnscache-components : 1.0.2-1zimbra8.7b1
zimbra-apache-components : 2.0.4-1zimbra8.8b1
zimbra-spell-components : 2.0.4-1zimbra8.8b1
zimbra-snmp-components : 1.0.3-1zimbra8.7b1
zimbra-mta-components : 1.0.11-1zimbra8.8b1
zimbra-core-components : 3.0.3-1zimbra8.8b1
zimbra-proxy-components : 1.0.8-1zimbra8.8b1
zimbra-store-components : 1.0.3-1zimbra8.7b1
zimbra-ldap-components : 1.0.6-1zimbra8.8b1
zimbra-mbox-store-libs : 9.0.0.1615887345-1

The updated GA packages are:

Package            Old-Version    New-Version
postfix              3.1.1          3.5.6
openssl              1.0.2t         1.1.1h
nginx                1.7.1          1.19.0
postfix-logwatch     1.40.01        1.40.03
io-socket-ssl	     2.020          2.068
xml-simple           2.20           2.25
crypt-openssl-rsa    0.28           0.31
net-snmp             5.7.3          5.8
dbd-mysql            4.033          4.050
apr-util             1.5.4          1.6.1
unbound              1.5.9          1.11.0
net-ssleay           1.72           1.88
  • Nginx TLS 1.3 Packages

The GA packages for RHEL6, RHEL7, RHEL8, UBUNTU14, UBUNTU16, UBUNTU18 are:

PackageName                                       Version
zimbra-nginx                               ->     1.19.0-1zimbra8.8b3
zimbra-proxy-components                    ->     1.0.8-1zimbra8.8b1
zimbra-proxy-patch                         ->     9.0.0.1616043862.p13-1

Jira Summary

Jira Tickets fixed in 9.0.0 Patch 16

ZCS-10674 Pin video icon during meeting fixed
ZCS-10673 Content-Type refactored in Connect's responses
ZCS-10672 Order of conversations on forward modal refactored
ZCS-10671 Connect's Create button refactored
ZCS-10670 Instant meeting’s modal window shown twice fixed
ZCS-10669 Connect desktop notification fixed
ZCS-10667 History optimizations for groups and instant-meetings
ZCS-10666 Autopin screen share
ZCS-10665 Show separate stream for screen share
ZCS-10664 Instant Meetings hosted on the owner’s server
ZCS-10663 Folders sent as email attachment extension fix in NG Drive
ZCS-10662 Improvement in showing notifications empty list
ZCS-10661 doUndelete on restoring items in subfolders fixed
ZCS-10660 doUndelete operation now restores in the original folder by default
ZCS-10659 Coherency check’s backup fix operation fixed when missing Drive blobs
ZCS-10658 Improved debug logs on migrating the backup on third party store
ZCS-10657 Improved error handling in coherency check on fixing backup
ZCS-10656 Account/COS/domain configuration saved and restored
ZCS-10655 Error message when missing blobs are found by the coherency check operation improved
ZCS-10654 Index suspended during restore operations
ZCS-10647 Restore operation’s speed improvements
ZCS-10646 Restoration of particular Item on new account
ZCS-10594 Emails not displaying correctly
ZCS-9764 Open Redirect Vulnerability in preauth servlet.
ZCS-9073 Support 2FA login for Admin Console Frontend
ZBUG-2289 zmmboxmove and moveMailboxRequest are seem broken, invalid exception thrown and rsync timeout
ZBUG-2287 CSV and Bounce back message message attachement not preview on Modern UI even after enabling HIGH Fidelity
ZBUG-2283 Proxy Servlet Open Redirect Vulnerability
ZBUG-2282 Classic Web Client: Stored XSS Vulnerability in ZmMailMsgView.js
ZBUG-2220 Vulnerability Scanner detects Cross Site Scripting Vulnerability
ZBUG-2208 Can not attach file name with some Japanese wide characters (symbol)
ZBUG-2177 If the saved search name includes "%", Modern UI freezes
ZBUG-2162 Classic Web Mail client is 12 hour format, but print mail is 24 hour format with AM/PM
ZBUG-2142 Connect, text and buttons size are too big
ZBUG-2134 Using 'Send as Attachment' on a Directory from NG Drive using Modern UI does not properly send attachment
ZBUG-2044 Log In button Overlaps with Copyright Text making it unusable
ZBUG-2015 Folders for External account is not deleted when multiple external accounts are deleted
ZBUG-1918 Updating LC keys "ldap_common_tlsciphersuite" and "ldap_common_tlsprotocolmin" are not updating Ciphers and TLS versions in LDAP Config
PREAPPS-6116 UI freezing after clicking certain email
PREAPPS-6087 Good error message not displayed when no more signatures can be created
PREAPPS-6050 Distorted view of years in year view of calendar
PREAPPS-6042 In Contact picker dialog, not all contacts at different hierarchy of HAB are getting displayed
Jump to: navigation, search