Zimbra Releases/9.0.0/P32
Zimbra Collaboration Kepler 9.0.0 Patch 32 GA Release
Release Date: April 4, 2023
Check out the What's New. Fixed Issues, and Known Issues for this version of Zimbra Collaboration. Please refer to the Patch Installation page for Patch Installation instructions. As always, you are encouraged to tell us what you think in the Forums or open a support ticket to report issues
Change in upgrade process for 9.0.0 Patch 32
Please note that the install process has changed. Additional steps to install zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages have been included for this patch release.
We have also introduced a new package zimbra-ldap-patch to be installed only on the LDAP node.
Please refer to the Patch Installation steps to install the packages in its order.
Changes required for SSO setup before patch upgrade
Before upgrade, if the zimbraVirtualHostName parameter is not set for the domains that are using SAML and SSO based login, please set by following the instructions:
su - zimbra zmprov md domain_name zimbraVirtualHostName virtual_hostname
Note: Additional configuration for further hardening your Zimbra setup can be found on the Zimbra Support Portal. It is recommended that all customers consider these additional steps. If someone had applied this configuration previously, then after upgrading to this patch, they will have to re-apply the same configuration.
What's New
Modern Web App
General
- All folder's including system and shared folder now appear in their respective Mail, Contacts or Calendar verticals. Earlier Contacts and Calendar shared folders appeared under the Mail vertical.
- Context menu options to rename or delete a saved search have been added.
Calendar
- Save search is now available for Contacts, Calendar and Briefcase verticals.
Fixed Issues
Platform
- Added additional validations for 2FA login. ZBUG-2224
- A new local config attribute
zimbra_enable_dnssec
has been added to control the DNSSEC validation feature. The default value is true. If set to false, the DNSSEC validation will be disabled. ZBUG-2929 - On the Ubuntu systems, executing
zmfixperms
script updated incorrect permissions for the /var/log/zimbra.log file. ZBUG-2783
Admin Web Console
- There was a problem with displaying a list of domains in the admin console on monitors with a resolution of 2560x1440 or higher. ZBUG-2863
Modern Web App
- When viewing mails in conversation view, the mail conversation did not expand even after clicking the 3 dots. ZBUG-3315
- If the Nextcloud zimlet is enabled, when composing an email in the Modern Web App users were not able to attach the files using Attach file from Nextcloud or Attach file from email option. ZBUG-3313
- German, Polish and Danish labels and messages on the UI have been updated to better reflect the context. ZBUG-3300
- When users clicks on the 'To' button in the composer to search GAL, only 1000 contacts were being displayed. ZBUG-3220
- When writing a new message, the "Choose contacts" window/modal popup allows searching for a contact. This search was case-sensitive. This contact search has now been changed to be case-insensitive. ZBUG-3219
Zimbra Connector for Outlook
- Fixed an error that was seen when sending reports through Access. ZBUG-3301
- When a distribution list member accepted to send a read receipt, it resulted in an error condition and the read receipt was not sent. The issue has been fixed and the read receipt is successfully sent now. ZBUG-2497
NG Modules
- In the admin console, now the modules icons are clickable in both multinode and single servers.
Zimbra Drive
- Files that have Cyrillic characters should be correctly decoded when downloaded from a public link.
NG Backup
- Fixed a bug that caused items to be skipped when interrupting a Smart Scan operation.
- Fixed a bug that caused the doUndelete operation to fail the restoration of some items and stop in some corner case scenarios.
NG Mobile
- Fixed a bug that caused the attachment’s names with non-ASCII characters to be wrongly encoded when synchronizing via EAS.
- Fixed a bug that caused the StartTime value of an accepted appointment to change to the current date/time when synchronizing via EAS 14.0 and lower.
- Fixed a bug that caused the StartTime value of an accepted appointment to change to the current date/time when synchronizing via EAS 14.1.
Known Issues
- Due to the latest updates being done to Office 365 on 28-March, the From field in Outlook gets disabled. Users who have configured ZCO Profile in Outlook will not be able to select the persona or any other email address in the From field
- While deploying zimlets, if the following error is encountered, please refer to the Patch Installation page to install the zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages in a particular order and re-deploy the zimlets.
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/logging/log4j/core/appender/ConsoleAppender$Target at com.zimbra.cs.localconfig.LocalConfigCLI.main(LocalConfigCLI.java:353) Caused by: java.lang.ClassNotFoundException: org.apache.logging.log4j.core.appender.ConsoleAppender$Target at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:602) at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178) at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521) ... 1 more
- From Kepler-Patch-25 onwards, customers using SSO will need to update
zimbraVirtualHostName
attribute for the domains. Please refer to the instructions to update the attribute.
- With JDK 17, weaker Kerberos encryption types like 3DES and RC4 have now been disabled by default. This can cause SPNEGO auth to fail if described encryption types are being used. We recommend using stronger encryption types like AES256.
To get SPNEGO auth working with weak encryption types, weak encryption can be enabled by setting the allow_weak_crypto property to true in the krb5.conf configuration file. Please follow below instructions:
1. In /opt/zimbra/jetty_base/etc/krb5.ini.in -> [libdefaults] section, set allow_weak_crypto = true
2. Restart mailboxd service:
su - zimbra zmmailboxdctl restart
Packages
The package lineup for this release is:
PackageName -> Version zimbra-patch -> 9.0.0.1680535380.p32-2 zimbra-mta-patch -> 9.0.0.1679579968.p32-1 zimbra-proxy-patch -> 9.0.0.1679579968.p32-1 zimbra-ldap-patch -> 9.0.0.1679579968.p32-1 zimbra-mbox-admin-console-war -> 9.0.0.1678957309-1 zimbra-mbox-webclient-war -> 9.0.0.1678958643-1 zimbra-common-core-jar -> 9.0.0.1679569974-1 zimbra-common-mbox-conf-msgs -> 9.0.0.1678961150-1 zimbra-zco -> 9.0.0.1928.1678951529-1 zimbra-zimlet-nextcloud -> 1.0.11.1678861896-1 zimbra-network-modules-ng -> 7.0.30.1679933727-1 zimbra-drive-ng -> 4.0.15.1678960560-1 zimbra-drive-modern -> 1.0.15.1678960560-1 zimbra-modern-ui -> 4.31.0.1679402852-1 zimbra-modern-zimlets -> 4.31.0.1679402852-1 zimbra-zimlet-user-sessions-management -> 10.0.0.1679402603-1 zimbra-zimlet-privacy-protector -> 5.1.0.1679402603-1 zimbra-zimlet-duplicate-contacts -> 6.1.0.1679402603-1 zimbra-zimlet-secure-mail -> 2.1.0.1679402603-1 zimbra-zimlet-briefcase-edit-lool -> 4.1.0.1679402603-1 zimbra-zimlet-onedrive -> 6.2.1.1679445847-1 zimbra-zimlet-google-drive -> 6.2.1.1679445847-1 zimbra-zimlet-slack -> 5.7.1.1679445847-1
Patch Installation
Please refer to below link to install Kepler 9.0.0 Patch 32: