New Patches for You! Zimbra 8.8.8 “Turing” Patch 1 + Zimbra 8.7.11 Patch 2

Patch 1 has been issued for 8.8.8 GA release that includes fixes as listed in the release notes.

Fixed Issues (Bugzilla query)

35115 RFE: Handling multi-valued zimbraAuthLdapURL
108928 [Defanger] Specific message causing defanger to loop and cause high CPU load
108929 [Zimbra Chat] Multiple spaces getting trimmed from chat message
108930 [Zimbra Talk] “Incoming video call” dialog doesn’t disappear when call is disconnected by caller

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.
Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
97579 login CSRF protection: ZWC login form does not use a csrf token [CWE-352] CVE-2015-7610 5.8 Major 8.8.8 Patch1

Please refer to the release notes for 8.8.8 Patch 1 installation instructions.

 

Patch 2 has been issued for 8.7.11 GA release that includes fixes as listed in the release notes.

Fixed Issues (Bugzilla query)

35115 RFE: Handling multi-valued zimbraAuthLdapURL
107700 Some Spaces removed in RFC 2047 encoded subject
108928 [Defanger] Specific message causing defanger to loop and cause high CPU load

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See Zimbra Security Response Policy and Zimbra Vulnerability Rating Classification information below for details.
Bug# Summary CVE-ID CVSS
Score
Zimbra
Rating
Fix Release or
Patch Version
97579 login CSRF protection: ZWC login form does not use a csrf token [CWE-352] CVE-2015-7610 5.8 Major 8.7.11 Patch2
Please refer to the release notes for 8.7.11 Patch 2 installation instructions.

 

How to Get the Patches?

8.8.8 Patch 1

For 8.8.8 Patch 1, you don’t need to download any patch builds. Instead, patch packages can be installed by using Linux package management commands.

Please refer to the release notes for 8.8.8 Patch 1 installation on Redhat and Ubuntu platforms.  

8.7.11 Patch 2

For 8.7.11 Patch 2, you can download the patch from this link.

 

No comments yet.

Leave a Reply