New Patches for You! Zimbra 8.8.8 “Turing” Patch 1 + Zimbra 8.7.11 Patch 2

Patch 1 has been issued for 8.8.8 GA release that includes fixes as listed in the release notes.

Fixed Issues (Bugzilla query)

35115 RFE: Handling multi-valued zimbraAuthLdapURL
108928 [Defanger] Specific message causing defanger to loop and cause high CPU load
108929 [Zimbra Chat] Multiple spaces getting trimmed from chat message
108930 [Zimbra Talk] “Incoming video call” dialog doesn’t disappear when call is disconnected by caller

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.
Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
97579 login CSRF protection: ZWC login form does not use a csrf token [CWE-352] CVE-2015-7610 5.8 Major 8.8.8 Patch1

Please refer to the release notes for 8.8.8 Patch 1 installation instructions.

 

Patch 2 has been issued for 8.7.11 GA release that includes fixes as listed in the release notes.

Fixed Issues (Bugzilla query)

35115 RFE: Handling multi-valued zimbraAuthLdapURL
107700 Some Spaces removed in RFC 2047 encoded subject
108928 [Defanger] Specific message causing defanger to loop and cause high CPU load

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See Zimbra Security Response Policy and Zimbra Vulnerability Rating Classification information below for details.
Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
97579 login CSRF protection: ZWC login form does not use a csrf token [CWE-352] CVE-2015-7610 5.8 Major 8.7.11 Patch2
Please refer to the release notes for 8.7.11 Patch 2 installation instructions.

 

How to Get the Patches?

8.8.8 Patch 1

For 8.8.8 Patch 1, you don’t need to download any patch builds. Instead, patch packages can be installed by using Linux package management commands.

Please refer to the release notes for 8.8.8 Patch 1 installation on Redhat and Ubuntu platforms.  

8.7.11 Patch 2

For 8.7.11 Patch 2, you can download the patch from this link.

 

3 Responses to New Patches for You! Zimbra 8.8.8 “Turing” Patch 1 + Zimbra 8.7.11 Patch 2

  1. Arhorn April 15, 2018 at 2:25 AM #

    Hi!
    After patch can’t install new entity of ZCS open source.
    zimbra-networn-modules-ng depends error zombra-network-store not installable.

    P.S.: Also, cant regist to forum: capcha dont work!

    Please chek!

    • Gayle Billat October 26, 2018 at 10:22 PM #

      Hi – we have fixed the forums. If you are still having issues, please post in the forums for a quick response. Thanks!

  2. Zsolt Kosa April 19, 2018 at 7:58 AM #

    After installation 8.8.8 patch1 I encountered the following problems:
    -Android browser does not allow mobile view, can not display mails.
    -Printing problem No Result Found display appears instead of the letter you want to print.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures