Learn more about the “Heartbleed” security threat from this link:
Zimbra’s security team reacted quickly, issuing a patch for the “Heartbleed” threat within a few hours. The “Heartbleed” patch supports a generation of new SSL certificates and other remedies. We strongly recommend application of the “Heartbleed” patch IMMEDIATELY. After application of the patch, as a precautionary measure, we strongly recommend system-wide password resets.
Get the patch here:
If 3rd party applications have been integrated with the Zimbra platform, we suggest revising the credentials on those applications, then logging out and back into those applications, as a precaution.
If you have any questions, please reach out to Zimbra Support, or reply to this post or other related posts. Zimbra is always happy to help you manage and react to threats and others issues.
Please excuse me, but I’ve been actively searching and have not found whether or not Release 8.0.7_GA_6021.RHEL6_64_20140408123911 has had the patch applied. Could you or someone advise?
To answer your question – yes, 6021 does include the patch. You can view more information here: https://www.zimbra.com/forums/announcements/71042-zcs-8-0-7-has-been-rebuilt-include-fix-openssl-heartbleed-vulnerability.html
Does the need for a patch apply to Zimbra Desktop?