Patch for Zimbra Daffodil 10.0.2, 9.0.0 Patch-34 & 8.8.15 Patch-41

Security bug fixes and OpenSSL upgrade

Zimbra OpenSSL now runs in FIPS-compliant mode by default. This increases security which requires no additional action on your part.

However, should you run into issues, you can find steps to disable OpenSSL FIPS in the release notes.

This patch upgrades OpenSSL to major version 3.0.x.

To safeguard your system, we recommend you always upgrade to the latest patch and regularly refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.To safeguard your system, we recommend you always upgrade to the latest patch and regularly refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.

Patch Release for the following editions

  • Daffodil 10.0.2
  • 9.0.0 Kepler Patch 34
  • 8.8.15 Joule Patch 41

Patched updated on 26 July include the following listed in their respective releases

  • What’s New
  • Fixed Issues
  • Known Issues
  • Security Fixes

Please refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.

An upgrade to the latest patch for your version is highly recommended. More information about the recommended patch can be found at:

We plan to make additional information available on our Security Center page as it becomes available.


Versions Reaching End of General Support 

Zimbra 9.0.0 and 8.8.15 will be reaching their end-of-life (EOL). Support, security patches, or updates for these versions of our collaboration software will last through the below dates

Zimbra 9.0.0 End of General Support: 03/31/2024

Zimbra 8.8.15 End of General Support: 12/31/2023

 

Note: Additional configuration for further hardening your Zimbra setup can be found on the Zimbra Support Portal. It is recommended that all customers consider these additional steps 

2 Responses to Patch for Zimbra Daffodil 10.0.2, 9.0.0 Patch-34 & 8.8.15 Patch-41

  1. Bob Wicksall July 26, 2023 at 9:31 AM #

    Release notes for 10.0.2 are missing or bad url?

    • Karyn Tan July 26, 2023 at 3:48 PM #

      Thank you for flagging this up. It has been rectified.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures