Hello Zimbra Friends, Customers & Partners,
Zimbra 8.8.10 “Konrad Zuse” Patch 3 and 8.8.9 “Curie” Patch 7 are here.
For 8.8.8 and above Zimbra Patches, you don’t need to download any patch builds. The Patch packages can be installed using Linux package management commands.
Zimbra 8.8.10 “Konrad Zuse” Patch 3
Patch 3 is here for the Zimbra 8.8.10 “Konrad Zuse” GA release, and it includes fixes as listed in the release notes.
Fixed Issues |
|
|---|---|
Hierarchical Address Book (Beta) API fixes:
|
|
OpenLDAP 1.0.2 package is available with multiVal and sortVal fixes. Multival configuration is recommended for large deployments. Please follow https://wiki.zimbra.com/wiki/Zimbra-LDAP_Multival_Configuration for Multival configuration steps.
Patch Installation
Note: Installing the zimbra-patch package only updates the Zimbra core packages. Please refer to the release notes for Zimbra 8.8.10 Patch 3 installation on Redhat and Ubuntu platforms.
Zimbra 8.8.9 “Curie” Patch 7
Patch 7 is here for the Zimbra 8.8.9 “Curie” GA release, and it includes fixes as listed in the release notes.
Security Fixes
Information about security fixes, security response policy and vulnerability rating classification is listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information for details.
| Bug# | Summary | CVE-ID | CVSS Score | Zimbra Rating | Fix Release or Patch Version |
|---|---|---|---|---|---|
| 109020 | Persistent XSS – Web Client / Defanger [CWE-79] | CVE-2018-18631 | 5.0 | Major | 8.8.9 Patch 7 |
OpenLDAP 1.0.2 package is available with multiVal and sortVal fixes. Multival configuration is recommended for large deployments. Please follow https://wiki.zimbra.com/wiki/Zimbra-LDAP_Multival_Configuration for Multival configuration steps.
Patch Installation
Note: Installing zimbra-patch package only updates the Zimbra core packages. Please refer to the release notes for Zimbra 8.8.9 Patch 7 installation on Redhat and Ubuntu platforms.
Thank you,
Your Zimbra Team
Comments are closed.