Hello Zimbra Friends, Customers & Partners,
Patch 9 is here for the Zimbra 8.8.15 “James Prescott Joule” GA release, and it includes Security Fixes, Fixed Issues and Known Issues as listed in the release notes.
|Summary||CVE-ID||CVSS Score||Zimbra Rating||Fix Patch Version|
|Upgraded 3rd Party Apache SpamAssassin from version 3.4.1 to 3.4.4.||CVE-2020-1930 & CVE-2020-1931||–||–||8.8.15 Patch 9|
|Upgraded 3rd Party ClamAV from version 0.99.4 to 0.102.2.||CVE-2020-3123||–||–||8.8.15 Patch 9|
|Upgraded 3rd Party Open LDAP from version 2.4.46 to 2.4.49.||CVE-2019-13565||–||–||8.8.15 Patch 9|
For 8.8.15 Patches, you don’t need to download any patch builds. 8.8.15 Patch packages can be installed using Linux package management commands. Please refer to the release notes for Zimbra 8.8.15 Patch 9 installation on Red Hat and Ubuntu platforms.
Note: Installing a zimbra-patch package only updates the Zimbra core packages.
Your Zimbra Team