NOTICE: Clear to proceed with patch upgrade
As of this time, we have addressed the previously identified issues with the patch release, and recommend customers proceed with this upgrade. As always, we recommend following best practices during patch upgrades (including taking backups of key data and config). We apologize for this unfortunate event.
Hello Zimbra Friends, Customers & Partners,
Zimbra 9.0.0 “Kepler” Patch 25 and 8.8.15 “James Prescott Joule” Patch 32 are here.
PLEASE NOTE: The installation process for these patches has changed and requires additional steps. Please refer to their respective release notes for details before upgrading the servers.
Zimbra 9.0.0 “Kepler” Patch 25
Patch 25 is here for the Zimbra 9.0.0 “Kepler” GA release, and it includes What’s New, Security Fixes, Fixed Issues and Known Issues as listed in the release notes. Please refer to the release notes for Zimbra 9.0.0 Patch 25 installation on Red Hat and Ubuntu platforms.
Zimbra 8.8.15 “James Prescott Joule” Patch 32
Patch 32 is here for the Zimbra 8.8.15 “James Prescott Joule” GA release, and it includes What’s New, Security Fixes, Fixed Issues and Known Issues as listed in the release notes. Please refer to the release notes for Zimbra 8.8.15 Patch 32 installation on Red Hat and Ubuntu platforms.
Note:
- For Zimbra 8.8.8 and above, you don’t need to download any patch builds. The patch packages can be installed using Linux package management commands.
- You cannot revert to the previous Zimbra release after you upgrade to the patch.
Please refer Zimbra Releases for latest releases and Zimbra Security Center for security updates.
Thanks,
Your Zimbra Team
Make an update and get error on proxy and ldap (mailbox is fine):
File “/opt/zimbra/libexec/zmconfigd”, line 32, in
from org.apache.log4j import PropertyConfigurator
ImportError: No module named apache
Very bad implementation of this update…
Sorry, this has been fixed for everyone who did not update on the first day after the release of the patch. If you did update on the first day and have this issue, you can fix it via:
1. On the non-mailbox server wget these two files for the respective versions in /tmp/:
9.0.0.p25
https://raw.githubusercontent.com/Zimbra/zm-core-utils/9.0.0.p25/src/libexec/zmconfigd
https://raw.githubusercontent.com/Zimbra/zm-jython/9.0.0.p25/jylibs/commands.py
8.8.15.p32
https://raw.githubusercontent.com/Zimbra/zm-core-utils/8.8.15.p32/src/libexec/zmconfigd
https://raw.githubusercontent.com/Zimbra/zm-jython/8.8.15.p32/jylibs/commands.py
2. Take a backup and replace the files in this location:
/opt/zimbra/common/lib/jylibs/commands.py
/opt/zimbra/libexec/zmconfigd
3. Restart zmconfigd
This issue is fixed with Latest updates
There appears to be issues with smtp auth and 2FA application specific passcodes. The app-specific passcodes are not accepted resulting in smtp auth authentication failures, “invalid password”. This means users cannot send emails via smtp with their configured 2FA app-specific passwords.
Users can smtp auth with their regular password, even with 2FA set _as required_ on their account. This should not be possible.
This appears to be a bug with patch 25 and needs an immediate fix.
Thanks for your report, we confirm the issue and are working on a fix.
This issue is fixed with Latest updates
Hello moderators. You should update this page to warn customers of newly identified ZBUG-2831, as installing the current patch 25 on ZCS 9 will result in broken systems, where 2FA users are unable to relay via smtp auth with app-specific passwords.
This bug needs to be fixed with critical urgency as many customers will be having to urgently patch their systems to mitigate the Zimbra Memcached zero-day vulnerability which allows user credential stealing.
Thanks
Thanks for your report, we confirm the issue and are working on a fix.
Any News? I just run in the ZBUG-2831 this night. Or at list show how to roll back … I have a broken not working smtp system…. it is alrady 24 h and nothing happens …
I can’t believe the number of issues in P32 for 8.8.15. So far, we’ve run into:
– The 2FA issue mentioned above
– Issues with JS errors in the Network Modules NG (and we can’t reinstall them after removing them as previously instructed by support since the repo gives access denied)
– Zimbra not starting properly on a full machine reboot.
How can this pass QA!? And what is with this “different upgrade” procedure that is being communicated, both on the Wiki “changelog” and in the Zimbra forums?
We’ve had our fair share of issues with Zimbra updates, but I think 8.8.15.p32 takes the cake.
We also see issues with ActiveSync on Android.
– Open /opt/zimbra/jetty_base/etc/jetty.xml.in and add below statement on line no 41
false
– Restart mailbox service,
zmmailboxdctl restart
Refer PR https://github.com/Zimbra/zm-jetty-conf/pull/21
– Open /opt/zimbra/jetty_base/etc/jetty.xml.in and add below statement on line no 41
false
– Restart mailbox service,
zmmailboxdctl restart
Refer PR https://github.com/Zimbra/zm-jetty-conf/pull/21
this was working for my:
Refer PR https://github.com/Zimbra/zm-jetty-conf/pull/21
– Restart mailbox service,
zmmailboxdctl restart
Hello,
after applying patch32 on CentOS7.9 zimbra 8.8.15 zxsuite is not working anymore.
-Admin-Webfrontend just shows Zimbra Suite Plus Module Symbols without functionality
-zxsuite on cli shows Unable to communicate with server
-ActiveSync clients cannot connect anymore
(applied patch after ‘all-clear’ notice above)
https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P32#Zimbra_Suite_Plus_not_working_for_FOSS
thank you, does this mean that the „ NOTICE: Clear to proceed with patch upgrade“ is not valid for ZSP customers?
ZSP is also fixed now.