Zimbra Collaboration Updates (8.0.9 & 8.5.1)

Yesterday, Zimbra released updates to Zimbra Collaboration, both the 8.0.x and 8.5.x trees.

Security

These updates address the OpenSSL security advisory dated October 15 and provide a partial fix for POODLE (due to the need for both client and server changes).

Zimbra Collaboration 8.0.9 and 8.5.1 update the OpenSSL libraries for nginx, OpenLDAP and Postfix to OpenSSL 1.0.1j. Mailboxd doesn’t use OpenSSL, but Zimbra Collaboration 8.6 (coming soon) should fix the issue(s).

These updates provide only a partial fix to POODLE, as TLS_FALLBACK_SCSV must be implemented on server and client sides. Keep in mind, older clients that don’t support TLS_FALLBACK_SCSV may allow protocol downgrades, to the insecure SSLv3 protocol.

Please refer to Zimbra’s wiki for guidance on disabling SSLv3, which was updated to include instruction for Zimbra Collaboration 7.x.y and should be performed as a precautionary measure regardless of software version.

Time Zone Changes

Recently, the Russian Federation passed legislation to make permanent changes to all Russian time zones. This created 11 time zones across Russia, which will be numbered in the UTC standard. The product updates provide support for the time zone changes.

Please download and install the latest versions of Zimbra Collaboration as soon as possible. Visit: zimbra.com/downloads/zimbra-collaboration

, , , , , ,

2 Responses to Zimbra Collaboration Updates (8.0.9 & 8.5.1)

  1. Rahul Yadav July 13, 2015 at 1:16 PM #

    Dear Support team
    i have install successfully zimbra setup in rhel 6.4 and as well i am able to send mail , but i am not able to received mails

  2. Jorge de la Cruz
    Jorge de la Cruz July 14, 2015 at 10:38 AM #

    Hi Rahul,
    Let us know your problem with the exact version of Zimbra Collaboration and the exact problem, could be great have some Logs also

    Come to the Forums https://community.zimbra.com/collaboration/f/1886

    Best regards