Patch Security Severity: Medium
Deployment Risk: Low
This release focuses on essential security and improving user experience for the following editions
Existing Zimbra 9 customers have until 06/30/2025 to upgrade to the new version (Daffodil v10).
Patch updated on Nov 12th includes the following for the respective releases
Security Fix (for all Zimbra versions)
The /h/rest endpoint has been fixed to prevent unauthorized file access and XSS attacks, addressing vulnerabilities that allowed remote attackers to exploit sensitive files using valid auth tokens.
These packages have been upgraded to fix multiple vulnerabilities
• OpenJDK package
• Apache package
• ClamAV package
What’s New in Zimbra Daffodil 10.1.3
Quicker Start for New Users
Get your team up to speed with this new onboarding feature.
The interactive tutorial will walk new users through the interface and email management at first login. Feel free to skip ahead at any time.
Email Signature Templates
With the new organization-wide signature templates, admins can set standardized signatures for everyone. Users can personalize these templates to match their individual style.
Auto-Mute Notifications
Overwhelmed by endless email and message alerts? Users can now mute irrelevant email threads and message notifications.
Prevent Data Loss with New Volume Deletion Protection
The issue of deleting active external volumes without warning has been resolved. Now users will receive an error message if they attempt to delete an active external volume.
Fixed Issues
Special Characters Appear Differently When Synced
Drafts containing special characters (such as Č, ć, ž, š, and đ) in the email subject and body now display correctly in the Web App.
Tagging Users Just Got Easier
Autocomplete will now display relevant user suggestions as you type their initials.
External Warning Feature
A recent issue with our external warning feature is now resolved, ensuring that users can now receive all their crucial communications.
SSDB: Last Login Details
When using SSDB, the last login details of the user get correctly updated.
Refer to release notes for full list of fixes
#ICYMI (In-Case-You-Missed-It)
(1) Price Adjustments on Oct 1, 2024
The price increase on all Zimbra offerings has taken effect on Oct 1, 2024.
The new price list is now available for download on the Partner Portal. Customers are advised to contact your Zimbra representative for more details.
(2) New License Key Required for Zimbra Daffodil 10.1
Additional Note
Zimbra Chat & Video is not yet part of the current 10.1.3 version and will be released separately in the coming weeks.
Refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.
An upgrade to the latest patch for your version is highly recommended. Refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.
No comments yet.