Greetings everyone, in August 2017 we announced the extension of general support and technical guidance for Zimbra Collaboration 8.6.
The extension will give you ample time to plan and upgrade to version 8.7, 8.8 or future releases, while still receiving support for your current Zimbra installation. Please start planning your Zimbra upgrade, and remember, our Zimbra Professional Services Team, and your local Partner are here to assist you with your upgrade.
Zimbra Collaboration Life-cycle Comparison
Please keep in mind that Zimbra Collaboration 8.6 general support will end this very year, and starting this September you will not receive any more security or bug fixes. We strongly recommend the upgrade to a newer version.
| Zimbra Collaboration Server | General Availability | End of General Support | End of Technical Guidance |
|---|---|---|---|
| Version 8.8 | 12/12/2017 | 12/31/2020 | 12/31/2021 |
| Version 8.7 | 07/13/2016 | 9/10/2019 | 9/10/2020 |
| Version 8.6.x | 08/26/2015 | 9/30/2018 | 9/30/2019 |
| Version 8.5.x | 08/26/2014 | 9/30/2017 | 9/30/2018 |
| Version 8.0 | 9/10/2012 | 9/10/2016 | 9/10/2017 |
Download the Patch 9
Please do a full backup or snapshot before installing this Patch. You can download the patch and the md5 and the SHA 256 file here:
- Download the Patch for Network Edition and for Open Source Edition
Please, read the Full Release Notes here.
All Zimbra Collaboration 8.6.0 sites are recommended to install this patch. Patch 9 is cumulative with all the previous eight patches, so only Patch 9 is required in case you didn’t install the previous ones.
ZCS 8.6.0 Patch 9 Bug Fixes
You might find useful this short list of the fixed Bugs in this Patch 9 for Zimbra Collaboration 8.6.0.
|
Fixed Issues
|
|
|---|---|
| 101227 | CPU load & latency when open mail with data:image/png:base64 inline image |
| 104365 | Update timezones.ics to tzdata2017b |
| 97710 | Tasks causing slowness from ZWC and consuming CPU resources |
| 103797 | Description of a previous appointment comes up when changing mode from plain-text to html |
| 107289 | Printing work week shows wrong time |
| 107288 | EWS caches and logs cleartext password |
| 97460 | Need visual cue and hyperlink for url links when composing message |
| 100281 | Deleted/canceled appts remain on calendar |
| 101584 | QuickAdd location using GAL is not saved correctly > only name is kept |
| 107826 | Implement GetStreamingEvents EWS API(Phase 1) |
| 107499 | EWS: Resolve Name should return all the contact information |
| 97126 | Script Error (this._sharesGroup is undefined) when click to “Edit Properties” folder menu |
| 101023 | zimbraHelpAdvancedURL, zimbraHelpStandardURL and zimbraHelpAdminURL does not work |
| 107646 | There is an unexpected logout for a session in the HTML client. |
| 107925 | Persistent XSS – snippet [CWE-79] |
| 108265 | Persistent XSS – message view as text [CWE-79] |
Security Fixes
Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.
| Bug# | Summary | CVE-ID | CVSS Score |
Zimbra Rating |
Fix Release or Patch Version |
|---|---|---|---|---|---|
| 107925 | CSRF CWE-79 | CVE-2017-8802 | 3.5 | Minor | 8.6 P9, 8.8.6 |
| 108265 | Persistent XSS CWE-79 | CVE-2017-17703 | 3.5 | Minor | 8.6 P9, 8.8.3 |
Before Installing the Patch
Before installing the patch, consider the following:
- Zimbra Collaboration patches can be found at https://www.zimbra.com/downloads/zimbra-collaboration
- Patches are delivered as a TGZ file and are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back mechanism.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to user zimbra before using ZCS CLI commands.
Install the Patch
Read carefully the Release Notes, for this Patch 9.
Important! You cannot revert to the previous ZCS release after you upgrade to the patch.
Quick note for Customers still on Zimbra Collaboration 8.6 and below
If you are a Customer running Zimbra Collaboration 8.6 or below, the End of General Support will occur this 30th of September. If running previous versions, you already are not receiving any security or bug fixes. We’re here for you! We strongly encourage you to give us a call or send us an email to sales@zimbra.com, and we will be glad to help you through the licensing and system upgrade by using our Professional Services, or you can contact your local Partner.
If by any chance you are still running versions from ZCS 8.6 or below, we encourage you upgrade to at least 8.7.11 with the latest Patch, and even better if you can upgrade to 8.8, so you will be in a supported version until 2020.
Thank you for the patch. Your a blessing in disguise.