Zimbra Releases/9.0.0/P26: Difference between revisions
No edit summary |
m (Updated CVSS Score) |
||
Line 29: | Line 29: | ||
|style="border: solid #ffffff;"|Authentication Bypass in MailboxImportServlet | |style="border: solid #ffffff;"|Authentication Bypass in MailboxImportServlet | ||
|style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37042 CVE-2022-37042] | |style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37042 CVE-2022-37042] | ||
|style="border: solid #ffffff; text-align: center;"| | |style="border: solid #ffffff; text-align: center;"| 9.8 | ||
|style="border: solid #ffffff; text-align: center;"| High | |style="border: solid #ffffff; text-align: center;"| High | ||
|- | |- | ||
|style="border: solid #ffffff;"|Proxy Servlet SSRF Vulnerability | |style="border: solid #ffffff;"|Proxy Servlet SSRF Vulnerability | ||
|style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37041 CVE-2022-37041] | |style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37041 CVE-2022-37041] | ||
|style="border: solid #ffffff; text-align: center;"| | |style="border: solid #ffffff; text-align: center;"| 7.5 | ||
|style="border: solid #ffffff; text-align: center;"| Low | |style="border: solid #ffffff; text-align: center;"| Low | ||
|- | |- | ||
Line 44: | Line 44: | ||
|style="border: solid #ffffff;"|When using preauth, CSRF tokens are not checked on some post endpoints | |style="border: solid #ffffff;"|When using preauth, CSRF tokens are not checked on some post endpoints | ||
|style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37043 CVE-2022-37043] | |style="border: solid #ffffff; text-align: center;"| [https://nvd.nist.gov/vuln/detail/CVE-2022-37043 CVE-2022-37043] | ||
|style="border: solid #ffffff; text-align: center;"| | |style="border: solid #ffffff; text-align: center;"| 5.7 | ||
|style="border: solid #ffffff; text-align: center;"| Medium | |style="border: solid #ffffff; text-align: center;"| Medium | ||
|} | |} |
Revision as of 06:12, 3 April 2023
Zimbra Collaboration Kepler 9.0.0 Patch 26 GA Release
Check out the Security Fixes, What's New. Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation section for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues
Change in upgrade process for 9.0.0 Patch 26
Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release. Please refer to the Patch Installation section to install the packages in its order.
Changes required for SSO setup before patch upgrade
Before upgrade, if the zimbraVirtualHostName parameter is not set for the domains that are using SAML and SSO based login, please set by following the instructions:
su - zimbra zmprov md domain_name zimbraVirtualHostName virtual_hostname
Security Fixes
Summary | CVE-ID | CVSS Score | Zimbra Rating |
---|---|---|---|
Upgraded OpenSSL to 1.1.1q to avoid multiple vulnerabilites | CVE-2022-2068 | 9.8 | Low |
Authentication Bypass in MailboxImportServlet | CVE-2022-37042 | 9.8 | High |
Proxy Servlet SSRF Vulnerability | CVE-2022-37041 | 7.5 | Low |
Cyrus SASL package has been upgraded to version 2.1.28 | CVE-2022-24407 | 8.8 | Low |
When using preauth, CSRF tokens are not checked on some post endpoints | CVE-2022-37043 | 5.7 | Medium |
What's New
Zimbra 9.0.0 is now fully supported on Rocky Linux 8 (GA)
Download the latest Rocky Linux 8 binaries from https://www.zimbra.com/downloads
Package Upgrade
- OpenSSL has been upgraded to version 1.1.1q
- Cyrus SASL package has been upgraded to version 2.1.28
Classic Web App
- In the previous patch release, a local config attribute allow_username_within_password was introduced to restrict user's from using their username in the password in Modern Web App. With this patch release, the feature is available for Classic Web App. It will restrict users from not using their names when resetting or changing the password.
Modern Web App
Briefcase
- Files in briefcase can now maintain multiple versions in Modern UI.
Zimbra Connector for Outlook
- ZCO is now supported on the Windows 11 platform.
- Stale auto-complete cache is now automatically detected when sync occurs, and the user is now prompted with a Yes/No dialog to automatically clear the stale cache when YES is chosen.
- Users could not schedule meeting through MS Teams when clicking the "New Teams Meeting" option. The issue has been fixed.
Fixed Issues
Zimbra Collaboration
- Updated XML declaration to EWS response for clients to consume.
- Spamassassin's zmsaupdate script has been updated to remove the--allowplugins option.
- In the previous patch, a feature was introduced to add an external message warning banner when receiving emails from external domains. In certain scenarios, it caused high CPU usage. The issue has been fixed.
- On Ubuntu 20 OS, restarting zmmailboxdctl service printed a harmless error on the console, The issue has been fixed.
- Due to log4j changes in the previous patch, on a Multi-node environment, the /var/log/messages file was continuously getting updated with INFO logs. The issue has been fixed and the default log level is set to ERROR now.
- Due to log4j changes in the previous patch, the Syslog submission was enabled by default which was updating the /var/log/syslog file continuously. The issue has been fixed and Syslog submission has been disabled.
- In a multi-node environment, if the user has 2FA enabled and set up and selects "Trust this computer" on the login screen, the setting did not persist and the user was asked to enter the OTP. The issue has been fixed.
Classic Web App
- Intermittently, the root folder was getting shared when the user shared a particular folder from Classic Web App. The issue has been fixed.
- If the user has multiple calendars and when viewing the Calendar tab in the day view, double-clicking on the non-default calendar to create an event selects the default calendar. The issue has been fixed.
Modern Web App
General
- Organization Chart zimlet did not work when used with Kepler 9.0.0 patch 25. This issue has been fixed.
- When using private tab in Mozilla Firefox, users were not able to logout using the logout button of the Modern Web Client. This issue has been fixed.
- Organization chart did not display the Display Name of the user on hover. This issue has been fixed.
- "Block" action was displayed in the context menu for the messages in the Draft folder. As messages in the Draft folder are all sent from the user himself, "Block" action did not make sense in this folder, and hence been removed.
Mail
- Web client sent multiple requests to fetch favicon.ico These requests have been optimized to improve performance.
- Localized system folder names are not yet applied in some dialogs. (Empty Trash, Empty Spam, Move to folder, and the Contact Chooser)
Zimbra Connector for Outlook
- When the user tries to send an email through a shared email folder having SendAs right, an error was encountered. The issue has been fixed.
NG Auth
- Password change will be no more considered when using application credentials or QR code-based authentication for the apps.
NG Backup
- Fixed a bug that prevented to update the S3 backup volume.
- Improved the error handling when running a purge and the ZxBackup_DataRetentionDays attribute has an invalid value.
- A new attribute backupSkipDLAndDynamicGroups has been added so it is now possible to skip the backup for distribution lists and dynamic groups in order to improve backup time.
- Fixed a bug that caused the metadata of the accounts to be wrongly uploaded to the bucket’s root folder. Now the metadata files are properly uploaded to the accounts folder.
NG HSM
- Fixed a bug that prevented to update the S3 backup volume.Fixed a bug that prevented the blobs to be purged from a centralized volume when moving a mailbox from a server with that centralized volume configured to another server that doesn’t have it.
Known Issues
- While deploying zimlets, if the following error is encountered, please refer to the Patch Installation section to install the zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages in a particular order and re-deploy the zimlets.
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/logging/log4j/core/appender/ConsoleAppender$Target at com.zimbra.cs.localconfig.LocalConfigCLI.main(LocalConfigCLI.java:353) Caused by: java.lang.ClassNotFoundException: org.apache.logging.log4j.core.appender.ConsoleAppender$Target at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:602) at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521) ... 1 more
- From Kepler-Patch-25 onwards, customers using SSO will need to update
zimbraVirtualHostName
attribute for the domains. Please refer to the instructions to update the attribute.
- With OpenJDK 17, weaker Kerberos encryption types like 3DES and RC4 have now been disabled by default. This can cause SPNEGO auth to fail if described encryption types are being used. We recommend using stronger encryption types like AES256.
To get SPNEGO auth working with weak encryption types, weak encryption can be enabled by setting the allow_weak_crypto property to true in the krb5.conf configuration file. Please follow below instructions:
1. In /opt/zimbra/jetty_base/etc/krb5.ini.in -> [libdefaults] section, set allow_weak_crypto = true
2. Restart mailboxd service:
su - zimbra zmmailboxdctl restart
Patch Installation
Please refer to the steps below to install 9.0.0 Patch 26 on Redhat and Ubuntu platforms:
Before Installing the Patch, consider the following:
- Patches are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to
zimbra
user before using ZCS CLI commands. - Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
- Important! Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release. Please refer to the Patch Installation section to install the packages in its order.
9.0.0 Patch 26 Packages
The package lineup for this release is:
PackageName Version
zimbra-patch -> 9.0.0.1658845137.p26-2 zimbra-proxy-patch -> 9.0.0.1658845137.p26-1 zimbra-proxy-components -> 1.0.10-1zimbra8.8b1 zimbra-mta-patch -> 9.0.0.1658845137.p26-1 zimbra-mta-components -> 1.0.15-1zimbra8.8b1 zimbra-common-core-jar -> 9.0.0.1658837616-1 zimbra-nginx -> 1.20.0-1zimbra8.8b3 zimbra-httpd -> 2.4.53-1zimbra8.7b3 zimbra-spell-components -> 2.0.8-1zimbra8.8b1 zimbra-apache-components -> 2.0.7-1zimbra8.8b1 zimbra-lmdb-lib -> 2.4.59-1zimbra8.8b5 zimbra-lmdb-dbg -> 2.4.59-1zimbra8.8b5 zimbra-lmdb -> 2.4.59-1zimbra8.8b5 zimbra-openldap-lib -> 2.4.59-1zimbra8.8b5 zimbra-openldap-client -> 2.4.59-1zimbra8.8b5 zimbra-openldap-server -> 2.4.59-1zimbra8.8b4 zimbra-openjdk-cacerts -> 1.0.8-1zimbra8.7b1 zimbra-openjdk -> 17.0.2-1zimbra8.8b1 zimbra-ldap-components -> 2.0.8-1zimbra8.8b1 zimbra-core-components -> 3.0.14-1zimbra8.8b1 zimbra-clamav -> 0.103.3-1zimbra8.8b3 zimbra-clamav-libs -> 0.103.3-1zimbra8.8b3 zimbra-openssl -> 1.1.1q-1zimbra8.7b4 zimbra-openssl-libs -> 1.1.1q-1zimbra8.7b4 zimbra-postfix-logwatch -> 1.40.03-1zimbra8.7b1 zimbra-timezone-data -> 3.0.0.1646993320-1 zimbra-mbox-store-libs -> 9.0.0.1654854341-1 zimbra-mbox-war -> 9.0.0.1655457955-1 zimbra-mbox-webclient-war -> 9.0.0.1657523432-1 zimbra-mbox-admin-console-war -> 9.0.0.1653031579-1 zimbra-common-mbox-conf-attrs -> 9.0.0.1652767366-1 zimbra-common-core-libs -> 9.0.0.1654854341-1 zimbra-mbox-ews-service -> 9.0.0.1657194604-1 zimbra-zco -> 9.0.0.1922.1657893232-1 zimbra-php -> 7.4.27-1zimbra8.7b3 zimbra-modern-ui -> 4.27.0.1657193707-1 zimbra-modern-zimlets -> 4.27.0.1657193707-1 zimbra-network-modules-ng -> 7.0.25.1652960112-1 zimbra-drive-ng -> 4.0.13.1637855796-1 zimbra-drive-modern -> 1.0.13.1637855796-1 zimbra-connect -> 2.0.21.1635424388-1 zimbra-connect-modern -> 1.0.21.1635424388-1 zimbra-docs -> 4.0.6.1616090633-1 zimbra-docs-modern -> 1.0.6.1632998065-1 zimbra-chat -> 4.0.2.1654677981-1 zimbra-zimlet-auth -> 1.0.4.1652971904-1 zimbra-zimlet-install-pwa -> 6.1.1.1652766350-1 zimbra-zimlet-emptysubject -> 2.1.1.1652766350-1 zimbra-zimlet-set-default-client -> 8.1.1.1652766350-1 zimbra-zimlet-document-editor -> 6.0.1.1631795284-1 zimbra-zimlet-date -> 6.2.0.1655915267-1 zimbra-zimlet-additional-signature-setting -> 7.0.0.1655915267-1 zimbra-zimlet-calendar-subscription -> 6.2.0.1652766350-1 zimbra-zimlet-sideloader -> 7.1.1.1652766350-1 zimbra-zimlet-briefcase-edit-lool -> 2.2.1.1652766350-1 zimbra-zimlet-org-chart -> 2.2.0.1655915267-1 zimbra-zimlet-ads -> 8.2.1.1652766350-1 zimbra-zimlet-user-sessions-management -> 8.1.1.1652766350-1 zimbra-zimlet-user-feedback -> 6.1.1.1652766350-1 zimbra-zimlet-privacy-protector -> 4.1.1.1652766350-1 zimbra-zimlet-duplicate-contacts -> 5.1.1.1652766350-1 zimbra-zimlet-secure-mail -> 1.2.1.1652766350-1 zimbra-zimlet-web-search -> 4.1.1.1652766350-1 zimbra-zimlet-restore-contacts -> 6.1.1.1652766350-1 zimbra-zimlet-zoom -> 7.0.0.1621610655-1 zimbra-zimlet-slack -> 5.5.0.1621610655-1 zimbra-zimlet-dropbox -> 6.0.0.1621610655-1 zimbra-zimlet-onedrive -> 6.0.0.1621610655-1 zimbra-zimlet-google-drive -> 6.0.0.1621610655-1 zimbra-zimlet-jitsi -> 3.3.1.1621610655-1 zimbra-zimlet-video-call-preferences -> 2.1.0.1621610655-1 zimbra-zimlet-nextcloud -> 1.0.8.1656483260-1 zimbra-zimlet-webex -> 1.0.1.1629957793-1 zimbra-zimlet-voice-message -> 1.0.3.1611114827-1 zimbra-zimlet-classic-unsupportedbrowser -> 3.1.1.1652766350-1 zimbra-zimlet-email-templates -> 2.0.0.1630308426-1 zimbra-zimlet-signature-template -> 1.0.0.1609841753-1
Redhat
Installing Zimbra packages with system package upgrades
- As
root
, first clear the yum cache and check for updates so the server sees there is a newzimbra-patch
package in the patch repository:
yum clean metadata yum check-update
- On mailstore node, install the following packages:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
- Then ask yum to update available packages:
yum update
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing Zimbra packages individually
Upgrade OpenLDAP on LDAP node
- As
root
, install the package:
yum install zimbra-ldap-patch
- Restart
ZCS
aszimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-proxy-patch
on Proxy node
- As
root
, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata yum check-update
- Then install the package:
yum install zimbra-proxy-patch
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart zmmemcachedctl restart
Install/Upgrade snmp
if it is installed on Proxy node
yum install zimbra-snmp-components
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart
Install/Upgrade zimbra-mta-components
on MTA node
- As
root
, first clear the yum cache and check for updates so the server sees all updated packages in the patch repository:
yum clean metadata yum check-update
- Then install the package:
yum install zimbra-mta-components
- If
dnscache
is installed, upgrade the package before restarting the services:
yum install zimbra-dnscache-components
- If
snmp
is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-mta-patch
on MTA node
- As
root
, install the package:
yum install zimbra-mta-patch
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, install the package:
yum install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs yum install zimbra-patch
- If
apache
is installed, upgrade the package before restarting the services:
yum install zimbra-apache-components
- If
spell
is installed, upgrade the package before restarting the services:
yum install zimbra-spell-components
- If
snmp
is installed, upgrade the package before restarting the services:
yum install zimbra-snmp-components
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing NG packages
Uninstall zimbra-talk
on mailstore node
In case of upgrade from version 8.8.15, uninstall zimbra-talk from mailstore node since it replaces with zimbra-connect. Hence, it is important to remove zimbra-talk
before installing zimbra-connect
.
- As
root
, uninstall the packagezimbra-talk
:
yum remove zimbra-talk
Install/Upgrade zimbra-network-modules-ng
, zimbra-connect
, zimbra-zimlet-auth
, zimbra-docs
and zimbra-drive-ng
on mailstore node
yum install zimbra-network-modules-ng yum install zimbra-connect yum install zimbra-zimlet-auth yum install zimbra-docs yum install zimbra-drive-ng
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Zimbra Additional Zimlets
Note: - You can install the packages of your choice from the below list.
Install/Upgrade zimbra-zimlet-slack
, zimbra-zimlet-zoom
, zimbra-zimlet-dropbox
, zimbra-zimlet-google-drive
, zimbra-zimlet-onedrive
, zimbra-zimlet-jitsi
, zimbra-zimlet-video-call-preferences
, zimbra-zimlet-nextcloud
, zimbra-zimlet-voice-message
, zimbra-zimlet-sideloader
, zimbra-zimlet-user-sessions-management
on mailstore node
yum install zimbra-zimlet-slack yum install zimbra-zimlet-zoom yum install zimbra-zimlet-dropbox yum install zimbra-zimlet-google-drive yum install zimbra-zimlet-onedrive yum install zimbra-zimlet-jitsi yum install zimbra-zimlet-video-call-preferences yum install zimbra-zimlet-nextcloud yum install zimbra-zimlet-voice-message yum install zimbra-zimlet-sideloader yum install zimbra-zimlet-user-sessions-management
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Ubuntu
Installing zimbra packages with system package upgrades
- As
root
, check for updates so the server checks there is a newzimbra-patch
package in the patch repository:
apt-get update
- On mailstore node, install the following packages:
apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs
- Then update available packages:
apt-get upgrade
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing zimbra packages individually
Upgrade OpenLDAP on LDAP node
- As
root
, install the package:
apt-get install zimbra-ldap-patch
- Restart
ZCS
aszimbra
user:
su - zimbra zmcontrol restart
Install/Upgrade zimbra-proxy-patch
on Proxy node
- As
root
, install package
apt-get install zimbra-proxy-patch
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart zmmemcachedctl restart
Install/Upgrade snmp
if it is installed on Proxy node
apt-get install zimbra-snmp-components
- Restart proxy as
zimbra
user:
su - zimbra zmproxyctl restart
Install/Upgrade zimbra-mta-components
on MTA node
- As
root
, install package
apt-get install zimbra-mta-components
- If
dnscache
is installed, upgrade the package before restarting the services:
apt-get install zimbra-dnscache-components
- If
snmp
is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-mta-patch
on MTA node
- As
root
, install package
apt-get install zimbra-mta-patch
- Restart
amavisd
aszimbra
user:
su - zimbra zmamavisdctl restart
Install/Upgrade zimbra-patch
on mailstore node
- As
root
, check for updates and install package:
apt-get update apt-get install zimbra-common-core-jar zimbra-common-core-libs zimbra-mbox-store-libs apt-get install zimbra-patch
- If
apache
is installed, upgrade the package before restarting the services:
apt-get install zimbra-apache-components
- If
spell
is installed, upgrade the package before restarting the services:
apt-get install zimbra-spell-components
- If
snmp
is installed, upgrade the package before restarting the services:
apt-get install zimbra-snmp-components
- Restart ZCS as
zimbra
user:
su - zimbra zmcontrol restart
Installing NG packages
Uninstall zimbra-talk
on mailstore node
In case of upgrade from version 8.8.15, uninstall zimbra-talk from mailstore node since it replaces with zimbra-connect. Hence, it is important to remove zimbra-talk
before installing zimbra-connect
.
- As
root
, uninstall the packagezimbra-talk
:
apt-get remove zimbra-talk
Install/Upgrade zimbra-network-modules-ng, zimbra-connect, zimbra-zimlet-auth, zimbra-docs, zimbra-drive-ng on mailstore node
- As
root
, check for updates and install packages:
apt-get update apt-get install zimbra-network-modules-ng apt-get install zimbra-connect apt-get install zimbra-zimlet-auth apt-get install zimbra-docs apt-get install zimbra-drive-ng
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Zimbra Additional Zimlets
Note: - You can install the packages of your choice from the below list.
Install/Upgrade zimbra-zimlet-slack
, zimbra-zimlet-zoom
, zimbra-zimlet-dropbox
, zimbra-zimlet-google-drive
, zimbra-zimlet-onedrive
, zimbra-zimlet-jitsi
, zimbra-zimlet-video-call-preferences
, zimbra-zimlet-nextcloud
, zimbra-zimlet-voice-message
, zimbra-zimlet-sideloader
, zimbra-zimlet-user-sessions-management
on mailstore node
apt-get install zimbra-zimlet-slack apt-get install zimbra-zimlet-zoom apt-get install zimbra-zimlet-dropbox apt-get install zimbra-zimlet-google-drive apt-get install zimbra-zimlet-onedrive apt-get install zimbra-zimlet-jitsi apt-get install zimbra-zimlet-video-call-preferences apt-get install zimbra-zimlet-nextcloud apt-get install zimbra-zimlet-voice-message apt-get install zimbra-zimlet-sideloader apt-get install zimbra-zimlet-user-sessions-management
- Restart Zimbra mailbox service as
zimbra
user:
su - zimbra zmmailboxdctl restart
Jira Summary
Jira Tickets fixed in Kepler 9.0.0 Patch 26
ZCS-11689 | Upgrade Zimbra OpenSSL to 1.1.1q |
ZCS-11686 | Purge of centralized volumes blobs fixed |
ZCS-11682 | Backup volume handler fixed |
ZCS-11681 | Improved error handling for the purge operation |
ZCS-11680 | Skip backup of distribution lists and dynamic groups |
ZCS-11679 | MustChangePassword not evaluated for the application credentials |
ZCS-11569 | Fix XML missing declaration for EWS |
ZCS-11567 | Remove allowplugins option from zmsaupdate script of Spamassassin. (Ubuntu 16) |
ZCS-11406 | Accounts folder on migrating to external backup fixed |
ZCS-11302 | Classic UI - Users should not be allowed to use username in the password |
ZCOMT-2485 | ZCO sanity testing on Win 11 platforms |
ZCOMT-2479 | Detect stale auto-complete cache during Sync (with Interval) and prompt the user with a Yes/No message to clear the stale cache entries automatically. |
ZCOMT-2475 | Investigate the problem with scheduling meeting with MS Teams through ZCO. |
ZBUG-2901 | denial of service (high CPU usage) caused by regex even with zimbra_external_email_warning_enabled=false |
ZBUG-2898 | Ubuntu 20, sed expression error |
ZBUG-2865 | Authentication Bypass in MailboxImportServlet |
ZBUG-2853 | Org chart freezes ZWC on patch 25 |
ZBUG-2849 | /var/log/messages filling after applying the Zimbra 9 P25 (2nd release) |
ZBUG-2846 | Logout button of "Modern UI" does not work with Mozilla Firefox in private tab |
ZBUG-2841 | Disable Syslog log submission by default in log4j V2. |
ZBUG-2821 | Disable unintended root sharing |
ZBUG-2800 | Proxy Servlet SSRF Vulnerability |
ZBUG-2676 | Upgrade Cyrus SASL to 2.1.28 |
ZBUG-2662 | When using preauth, CSRF tokens are not checked on some post endpoints |
ZBUG-2624 | Organization chart doesn't show the displayName when hovering on it |
ZBUG-2611 | Wrong default calendar when creating appointment via double click. |
ZBUG-2546 | SendAs not getting honoured in ZCO |
ZBUG-2373 | 2FA - Device not detected as Trusted in ZCS multiserver Environment |
ZBUG-1777 | Modern UI: "Block" action should not be appeared in the Draft folder |
PREAPPS-6794 | Allow grantee to create multi version of file, if folder shared with Admin rights |
PREAPPS-6021 | Browser sends multiple requests to fetch favicon.ico |
PREAPPS-4847 | Localized system folder names not used in Empty [trash/spam], Move to [folder], Contact Chooser |