Zimbra Releases/9.0.0/P28: Difference between revisions

(Created page with "{{WIP}} = Zimbra Collaboration Kepler 9.0.0 Patch 28 GA Release = Check out the '''Security Fixes''', '''What's New'''. '''#Fixed Issues|...")
 
No edit summary
Line 1: Line 1:
{{WIP}}
= Zimbra Collaboration Kepler 9.0.0 Patch 28 GA Release =
= Zimbra Collaboration Kepler 9.0.0 Patch 28 GA Release =
Check out the '''[[#Security Fixes|Security Fixes]]''', '''[[#What's New|What's New]]'''. '''[[#Fixed Issues|Fixed Issues]]''', and '''[[#Known Issues|Known Issues]]''' for this version of Zimbra Collaboration.
Check out the '''[[#Security Fixes|Security Fixes]]''', '''[[#What's New|What's New]]'''. '''[[#Fixed Issues|Fixed Issues]]''', and '''[[#Known Issues|Known Issues]]''' for this version of Zimbra Collaboration.
Line 91: Line 90:


== Web UX - Classic ==
== Web UX - Classic ==
* Assigning to newly created tag to a selection of files in Briefcase, would result in clearing out the selection. With these release this selection stays even after assigning a newly created tag. [https://jira.corp.synacor.com/browse/ZCS-11673 ZCS-11673]
* Assigning to newly created tag to a selection of files in Briefcase, would result in clearing out the selection. With these release this selection stays even after assigning a newly created tag.
* Tasks section did not work after installing 9.0.0 Kepler-Patch-26. This issue has been fixed. [https://jira.corp.synacor.com/browse/ZBUG-2958 ZBUG-2958]
* Tasks section did not work after installing 9.0.0 Kepler-Patch-26. This issue has been fixed. [https://jira.corp.synacor.com/browse/ZBUG-2958 ZBUG-2958]



Revision as of 09:23, 21 November 2022

Zimbra Collaboration Kepler 9.0.0 Patch 28 GA Release

Check out the Security Fixes, What's New. Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation page for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues


Change in upgrade process for 9.0.0 Patch 28

Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release.

We have also introduced a new package zimbra-ldap-patch to be installed only on the LDAP node.

Please refer to the Patch Installation steps to install the packages in its order.

Changes required for SSO setup before patch upgrade

Before upgrade, if the zimbraVirtualHostName parameter is not set for the domains that are using SAML and SSO based login, please set by following the instructions:

su - zimbra
zmprov md domain_name zimbraVirtualHostName virtual_hostname

Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating
XSS can occur in Classic UI login page by injecting arbitrary javascript code TBD TBD Low
RCE through ClientUploader from authenticated admin user. TBD TBD Medium
XSS can occur via one of attribute in webmail urls, leading to information disclosure. TBD TBD Medium
The Apache package has been upgraded to version 2.4.54 to fix multiple vulnerabilities. CVE-2022-26377 7.5 Medium
The ClamAV package has been upgraded to version 0.105.1-2 to fix multiple vulnerabilities. CVE-2022-20770

CVE-2022-20771

TBD Low
YUI dependency is removed from WebClient and Admin Console. TBD TBD Medium


What's New

Platform

  • The date header has been added to the mail notification emails.
  • Timezone data has been updated with the latest changes of tzdata2022c.

ZCO

  • ZCO is now supported on Microsoft Outlook 2021.


Fixed Issues

NG Admin

  • NG Tab was not visible in Admin Console on a setup where Zimbra is not installed in the default location. The issue has been fixed. ZBUG-2991

NG HSM

  • The doMoveBlobs operation now ignores accounts deleted after the operation starts.
  • Software now throws an exception if a remote root path is to be appended to the bulk deletion files of a remote volume, and skips the append to avoid unwanted loss of data.

NG Mobile

  • Fixed a bug that caused a single instance of an appointment to be moved to the original time in the organizer’s calendar when the attendee accepts the invitation.
  • Fixed a bug that caused the Outlook app synchronization to start looping when using the remote search.
  • Fixed a bug that prevented the attendees to receive an update when removing them from an appointment so the appointment was still shown in their calendar.
  • Fixed a bug that made the exceptions to recurring events not being synchronized. ZBUG-3011

Platform

  • JSESSIONID is now marked with HttpOnly and secure flags as true. ZBUG-2341

Web UX - Classic

  • Assigning to newly created tag to a selection of files in Briefcase, would result in clearing out the selection. With these release this selection stays even after assigning a newly created tag.
  • Tasks section did not work after installing 9.0.0 Kepler-Patch-26. This issue has been fixed. ZBUG-2958

Web UX - Modern

  • When using Zimbra Docs, the documents were not getting previewed. The issue has been fixed. ZBUG-2909

ZCO

  • When configuring ZCO through the Zimbra profile, the From Address was displayed as "Zimbra Collaboration Server" instead of the configured account name. The issue has been fixed.
  • Intermittently, Outlook would not sync emails with large metadata. The issue has been fixed. ZBUG-2984


Known Issues

  • While deploying zimlets, if the following error is encountered, please refer to the Patch Installation page to install the zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages in a particular order and re-deploy the zimlets.
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/logging/log4j/core/appender/ConsoleAppender$Target
       at com.zimbra.cs.localconfig.LocalConfigCLI.main(LocalConfigCLI.java:353)
Caused by: java.lang.ClassNotFoundException: org.apache.logging.log4j.core.appender.ConsoleAppender$Target
       at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:602)
       at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
       at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
       ... 1 more
  • From Kepler-Patch-25 onwards, customers using SSO will need to update zimbraVirtualHostName attribute for the domains. Please refer to the instructions to update the attribute.
  • With JDK 17, weaker Kerberos encryption types like 3DES and RC4 have now been disabled by default. This can cause SPNEGO auth to fail if described encryption types are being used. We recommend using stronger encryption types like AES256.

To get SPNEGO auth working with weak encryption types, weak encryption can be enabled by setting the allow_weak_crypto property to true in the krb5.conf configuration file. Please follow below instructions:

1. In /opt/zimbra/jetty_base/etc/krb5.ini.in -> [libdefaults] section, set allow_weak_crypto = true

2. Restart mailboxd service:

su - zimbra
zmmailboxdctl restart

Packages

The package lineup for this release is:

zimbra-patch                                      -> 9.0.0.1667906330.p28-2
zimbra-mta-patch                                  -> 9.0.0.1667906330.p28-1
zimbra-proxy-patch                                -> 9.0.0.1667906330.p28-1
zimbra-ldap-patch                                 -> 9.0.0.1667906330.p28-1
zimbra-timezone-data                              -> 3.0.0.1667816334-1
zimbra-mbox-admin-console-war                     -> 9.0.0.1667819958-1
zimbra-mbox-webclient-war                         -> 9.0.0.1667822297-1
zimbra-common-core-jar                            -> 9.0.0.1667823294-1
zimbra-zco                                        -> 9.0.0.1924.1667892683-1
zimbra-unbound                                    -> 1.11.0-1zimbra8.7b4
zimbra-dnscache-components                        -> 1.0.4-1zimbra8.7b1
zimbra-httpd                                      -> 2.4.54-1zimbra8.7b3
zimbra-apache-components                          -> 2.0.8-1zimbra8.8b1
zimbra-spell-components                           -> 2.0.9-1zimbra8.8b1
zimbra-clamav                                     -> 0.105.1.2-1zimbra8.8b3
zimbra-mta-components                             -> 1.0.18-1zimbra8.8b1
zimbra-modern-ui                                  -> 4.29.0.1666092865-1
zimbra-modern-zimlets                             -> 4.29.0.1666092865-1
zimbra-zimlet-ads                                 -> 8.2.2.1667807582-1
zimbra-zimlet-date                                -> 6.3.0.1667807582-1
zimbra-zimlet-secure-mail                         -> 1.3.0.1667807582-1
zimbra-zimlet-briefcase-edit-lool                 -> 3.1.0.1667807582-1
zimbra-network-modules-ng                         -> 7.0.28.1667816892-1

For RHEL8,UBUNTU20:

zimbra-spell-components->2.0.10-1zimbra8.8b1

Patch Installation

Please refer to below link to install Kepler 9.0.0 Patch 28:

Patch Installation

Jump to: navigation, search