NEW Zimbra Patches: 9.0.0 Patch 14 + 8.8.15 Patch 21

Hello Zimbra Friends, Customers & Partners,

Zimbra 9.0.0 “Kepler” Patch 14 and 8.8.15 “James Prescott Joule” Patch 21 are here.

For Zimbra 8.8.8 and above, you don’t need to download any patch builds. The patch packages can be installed using Linux package management commands. Please refer to the respective release notes for patch installation on Red Hat and Ubuntu platforms.

Note: Installing a zimbra-patch package only updates the Zimbra core packages.

Security Fixes

Summary CVE-ID CVSS Score Zimbra Rating Fix Patch Version
Upgraded ClamAV to 102.4 to avoid multiple vulnerabilities. CVE-2020-3327
CVE-2020-3341
7.5 High 9.0.0 P14
8.8.15 P21
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. CVE-2021-3449 5.9 Medium 9.0.0 P14
8.8.15 P21

Zimbra 9.0.0 “Kepler” Patch 14

Patch 14 is here for the Zimbra 9.0.0 “Kepler” GA release, and it includes Security Fixes, What’s New, Fixed Issues and Known Issues as listed in the release notes.
Please refer to the release notes for Zimbra 9.0.0 Patch 14 installation on Red Hat and Ubuntu platforms.

Zimbra 8.8.15 “James Prescott Joule” Patch 21

Patch 21 is here for the Zimbra 8.8.15 “James Prescott Joule” GA release, and it includes Security Fixes, What’s New, Fixed Issues and Known Issues as listed in the release notes.
Please refer to the release notes for Zimbra 8.8.15 Patch 21 installation on Red Hat and Ubuntu platforms.

Take care and thanks,
Your Zimbra Team

No comments yet.

Leave a Reply