Zimbra not affected by critical OpenSSL issue

The OpenSSL project is releasing a critical fix for OpenSSL version 3.x.

Zimbra is using OpenSSL version 1.1.1q which is an older still supported version of OpenSSL. The version in Zimbra is not affected by the fix, which means no patches are needed for Zimbra. You should install operating system security updates and other 3rd party software updates that apply this OpenSSL fix ASAP.

To check the current version of OpenSSL in Zimbra you can run the following commands:

[root@zimbra ~]# /opt/zimbra/common/bin/openssl
OpenSSL> version
OpenSSL 1.1.1q FIPS 5 Jul 2022

,

Comments are closed.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures