A patch has been issued for 8.7.11 GA release that includes security fixes as listed in the release notes.
Download the Patch
Please do a full backup or snapshot before installing this patch. You can download the patch, MD5 and SHA 256 files here:
Please read the release notes here.
|108265||Persistent XSS CWE-79||CVE-2017-17703||4.3||Minor|
|107925||Persistent XSS CWE-79||CVE-2017-8802||3.5||Minor|
|108786||Persistent XSS CWE-79||CVE-2018-6882||4.3||Minor|
Before installing the patch, consider the following:
- Zimbra Collaboration patches can be found at https://www.zimbra.com/downloads/zimbra-collaboration.
- Patches are delivered as a TGZ file and are cumulative.
- A full backup should be performed before any patch is applied. There is no automated roll-back mechanism.
- Zimlet patches can include removing existing Zimlets and redeploying the patched Zimlet.
- Only files or Zimlets associated with installed packages will be installed from the patch.
- Switch to user zimbra before using ZCS CLI commands.