Zimbra Patches: 9.0.0 Patch 4 + 8.8.15 Patch 11

Hello Zimbra Friends, Customers & Partners,

Zimbra 9.0.0 “Kepler” Patch 4 and 8.8.15 “James Prescott Joule” Patch 11 are here.

For Zimbra 8.8.8 and above, you don’t need to download any patch builds. The patch packages can be installed using Linux package management commands. Please refer to the respective release notes for patch installation on Red Hat and Ubuntu platforms.

Note: Installing a zimbra-patch package only updates the Zimbra core packages.

Zimbra 9.0.0 and 8.8.15 are now fully supported on RHEL 8 (GA)

Download the latest RHEL 8 binaries from https://www.zimbra.com/downloads

Zimbra 9.0.0 “Kepler” Patch 4

Patch 4 is here for the Zimbra 9.0.0 “Kepler” GA release, and it includes Security Fixes, What’s New, Fixed Issues, and Known Issues as listed in the release notes.

Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
CWE-79 Cross-site scripting (XSS) vulnerabilities CVE-2020-13653 4.3 Minor 9.0.0 P4

Patch Installation

Please refer to the release notes for Zimbra 9.0.0 Patch 4 installation on Red Hat and Ubuntu platforms.

Zimbra 8.8.15 “James Prescott Joule” Patch 11

Patch 11 is here for the Zimbra 8.8.15 “James Prescott Joule” GA release, and it includes Security Fixes, What’s New, Fixed Issues, and Known Issues as listed in the release notes.

Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
CWE-79 Cross-site scripting (XSS) vulnerabilities CVE-2020-13653 4.3 Minor 8.8.15 P11

Patch Installation

Please refer to the release notes for Zimbra 8.8.15 Patch 11 installation on Red Hat and Ubuntu platforms.

Many thanks,
Your Zimbra Team

2 Responses to Zimbra Patches: 9.0.0 Patch 4 + 8.8.15 Patch 11

  1. Andrew Cartwright July 3, 2020 at 10:28 AM #

    I’ve just applied patch 4 as per the release notes and can no longer send email from the modern client (nor the classic app), even after starting the server (RHEL 7.8).

    The Modern interface continually throws a GraphQL error: “GraphQL error: Unexpected token < in JSON at position 0" and mail cannot be sent.

    Has anyone else seen this or knows how to fix? This is a major issue at present.

    • Gayle Billat July 9, 2020 at 6:59 PM #

      Hi Andrew – please open a case with Zimbra Support or check in forums.zimbra.com for more info. Thank you!

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures