Hello Zimbra Friends, Customers & Partners,
Zimbra 9.0.0 “Kepler” Patch 24 and 8.8.15 “James Prescott Joule” Patch 31 are here.
Update on Log4j Vulnerability
After intensive review and testing, Zimbra Development determined that the zero-day exploit vulnerability for Log4j (CVE-2021-44228) does not affect the currently supported Zimbra versions (9.0.0 & 8.8.15). Zimbra currently uses Log4j version 1.2.16. The cause of the vulnerability is found in the lookup expression feature in Log4j versions 2.0 to 2.17.
Please refer to the release notes for more information.
Zimbra 9.0.0 “Kepler” Patch 24
Patch 24 is here for the Zimbra 9.0.0 “Kepler” GA release, and it includes What’s New, Security Fixes, Fixed Issues and Known Issues as listed in the release notes. Please refer to the release notes for Zimbra 9.0.0 Patch 24 installation on Red Hat and Ubuntu platforms.
Zimbra 8.8.15 “James Prescott Joule” Patch 31
Patch 31 is here for the Zimbra 8.8.15 “James Prescott Joule” GA release, and it includes What’s New, Security Fixes, Fixed Issues and Known Issues as listed in the release notes. Please refer to the release notes for Zimbra 8.8.15 Patch 31 installation on Red Hat and Ubuntu platforms.
Note:
- For Zimbra 8.8.8 and above, you don’t need to download any patch builds. The patch packages can be installed using Linux package management commands.
- You cannot revert to the previous Zimbra release after you upgrade to the patch.
Thanks,
Your Zimbra Team
We can’t run the update in CentOS 8 by CLI
and there is no Free OS supported by zimbra
like : Rocky Linux
Alma linux
and on ubuntu there is a lot of problem in this solution
thanks.
You should be able to run `yum update -y` that will update Zimbra for you. In addition we do support Rocky Linux, you can find that build on our Downloads page.