Zimbra Releases/9.0.0/P2: Difference between revisions
No edit summary |
|||
Line 21: | Line 21: | ||
|- | |- | ||
|style="border: solid #ffffff;vertical-align:middle;"|XSS through malicious JS embedded in Mail Message or Calendar Event | |style="border: solid #ffffff;vertical-align:middle;"|XSS through malicious JS embedded in Mail Message or Calendar Event | ||
|style="border: solid #ffffff;vertical-align:middle;"| CVE-2020-11737 | |style="border: solid #ffffff;vertical-align:middle;"| [https://nvd.nist.gov/vuln/detail/CVE-2020-11737 CVE-2020-11737] | ||
|style="border: solid #ffffff;text-align:center;vertical-align:middle;"| 3.1 | |style="border: solid #ffffff;text-align:center;vertical-align:middle;"| 3.1 | ||
|style="border: solid #ffffff;text-align:center;vertical-align:middle;"| Minor | |style="border: solid #ffffff;text-align:center;vertical-align:middle;"| Minor |
Revision as of 04:28, 6 May 2020
Zimbra Collaboration Kepler 9.0.0 Patch 2 GA Release
Check out the Security Fixes, What's New, Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues.
Security Fixes
Summary | CVE-ID | CVSS Score | Zimbra Rating | Fix Patch Version |
---|---|---|---|---|
XSS through malicious JS embedded in Mail Message or Calendar Event | CVE-2020-11737 | 3.1 | Minor | 9.0.0 P2 |
What's New
ZCS |
|
ZCO |
|
Modern Web App - Common |
|
Modern Web App - Mail |
|
Modern Web App - Calendar |
|
Modern Web App - Search |
|
Modern Web App - Settings |
|
Modern Zimlets |
|
Fixed Issues
ZCS |
|
ZCO |
|
Classic Web App |
|
Modern Web App - Zimbra Connect |
|
Modern Web App - Common |
|
Modern Web App - Mail |
|
Modern Web App - Contacts |
|
Modern Web App - Calendar |
|
Modern Web App - Settings |
|
Progressive Web App |
|
Modern Zimlets |
|
Known Issues
Modern Web App - Settings |
|
9.0.0 Patch 2 Packages
The package lineup for this release is:
Package Name Version zimbra-patch -> 9.0.0.1587553609.p2-2 zimbra-common-core-jar -> 9.0.0.1587480459-1 zimbra-zco -> 9.0.0.1872.1587454207-1 zimbra-modern-ui -> 3.4.0.1587551935-1 zimbra-network-modules-ng -> 7.0.1.1588070473-1 zimbra-drive-ng -> 4.0.1.1587390189-1 zimbra-drive-modern -> 1.0.1.1587390189-1 zimbra-connect -> 2.0.1.1587390563-1 zimbra-connect-modern -> 1.0.1.1587390563-1 zimbra-zimlet-onedrive -> 3.0.1.1586888772-1 zimbra-zimlet-slack -> 3.0.1.1586888756-1 zimbra-zimlet-google-drive -> 3.0.1.1586888748-1 zimbra-zimlet-dropbox -> 3.0.1.1586889023-1 zimbra-zimlet-install-pwa -> 3.0.1.1587550967-1 zimbra-zimlet-set-default-client -> 3.0.0.1587395315-1 zimbra-zimlet-date -> 3.2.0.1587130563-1 zimbra-zimlet-additional-signature-setting -> 3.1.0.1587130467-1 zimbra-modern-zimlets -> 3.4.0.1587551935-1
Patch Installation
Please refer to the steps below to install 9.0.0 Patch 2 on Redhat and Ubuntu platforms:
Before Installing the Patch
Before installing the patch, consider the following:
- Patches are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to
zimbra
user before using ZCS CLI commands. - Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
- Important Note for ZCS Setup with Local ZCS repository: Customers who have set up local ZCS repository should first update the local repository by following instructions in wiki
- Please make note that, installing the
zimbra-patch
package only updates the Zimbra core packages.
Redhat
Installing Zimbra packages with system package upgrades
- As
root
, first clear the yum cache and check for updates so the server sees there is a newzimbra-patch
package in the patch repository:
yum clean metadata yum check-update
- Update available packages:
yum update
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing Zimbra packages individually
- As
root
, first clear the yum cache and check for updates so the server finds new packages in the patch repository:
yum clean metadata yum check-update
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, install the package:
yum install zimbra-patch
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-network-modules-ng
- As
root
, install the package:
yum install zimbra-network-modules-ng
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-drive-ng
- As
root
, install the package:
yum install zimbra-drive-ng
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-connect
- As
root
, install the package:
yum install zimbra-connect
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-onedrive
- As
root
, install the package:
yum install zimbra-zimlet-onedrive
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-slack
- As
root
, install the package:
yum install zimbra-zimlet-slack
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-google-drive
- As
root
, install the package:
yum install zimbra-zimlet-google-drive
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-dropbox
- As
root
, install the package:
yum install zimbra-zimlet-dropbox
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Ubuntu
Installing Zimbra packages with system package upgrades
- As
root
, check for updates so the server sees there is a newzimbra-patch
package in the patch repository:
apt-get update
- Update available packages:
apt-get upgrade
OR
- Update all available packages plus any kernel updates:
apt-get dist-upgrade
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing Zimbra packages individually
Installing zimbra packages individually
- As
root
, first clear the yum cache and check for updates so the server finds new packages in the patch repository:
apt-get update
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, install the package:
apt-get install zimbra-patch
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-network-modules-ng
- As
root
, install the package:
apt-get install zimbra-network-modules-ng
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-drive-ng
- As
root
, install the package:
apt-get install zimbra-drive-ng
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-connect
- As
root
, install the package:
apt-get install zimbra-connect
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-onedrive
- As
root
, install the package:
apt-get install zimbra-zimlet-onedrive
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-slack
- As
root
, install the package:
apt-get install zimbra-zimlet-slack
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-google-drive
- As
root
, install the package:
apt-get install zimbra-zimlet-google-drive
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-zimlet-dropbox
- As
root
, install the package:
apt-get install zimbra-zimlet-dropbox
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart