Patch Security Severity: High
Deployment Risk: Low
This patch updated on June 18, 2025 focuses on essential security fixes for the following editions:
- Zimbra Daffodil 10.1.9 (Release Notes)
- Zimbra Daffodil 10.0.15 (Release Notes)
- 9.0.0 P46 (Release Notes)
Security Fix – 10.1.9, 10.1.15, 9.0.0 P46
- Addressed a XSS attack with ICS file in Classic UI
- Addressed a denial of service (DoS) vulnerability on Admin Console
Please note that this is the final patch release for:
- Zimbra Collaboration 9.0.0 P46 before its End of Life (EOL) on June 30, 2025
- Zimbra Daffodil v. 10.0.x set to reach End of General Support on June 30, 2025
After this date, no further updates will be provided to the 10.0.x and 9.0 editions.
We’re Here to Support Your Migration
We strongly recommend upgrading to a supported version like Zimbra Daffodil 10.1 to maintain security, performance, and access to our dedicated support. We’re here to help make this transition as smooth as possible:
- Migration Guides: Access comprehensive resources to guide your upgrade.
- Personalized Assistance: Need a hand? Our team is ready to assist you.
To ensure you benefit from the most secure and advanced solutions, please note the upcoming product lifecycle updates for the following Zimbra editions:
Upgrade Documents
Non-NG setup
In-Place Upgrade Guide (Single and Multi-Node setup)
Rolling-Upgrade Guide (Multi-Node setup)
NG setup – For 9.0.0, 8.8.15 (Network and FOSS)
In-Place Upgrade Multi-Node | In-Place Upgrade Single-Node
Rolling Upgrade Multi-Node | Rolling Upgrade Single-Node
For assistance during this transition, contact Zimbra Support.
Zimbra Daffodil 10.1 is the active and supported version.
CentOS/RHEL 7 OS and Oracle Linux 7
It is equally important to install operating system security updates and have Zimbra run on supported operating systems. After July 1, 2025, RHEL/CentOS 7 and Oracle Linux 7 will no longer be supported for Zimbra.
We recommend upgrading to RHEL/Rocky/Oracle Linux 9. If you have questions or need guidance with upgrading your operating system, please open a support case through the Zimbra Support.
We continuously offer our Buy One, Get One promotion on Zimbra Advanced Chat.
Key Offer Details:
- Minimum purchase: 25 users
- Validity: Offer is valid till 31 December, 2025
- Eligibility: New purchases only
- Version Compatibility: Available for Zimbra version 10.1.7 or greater
- License Type: No mix-and-match of subscription and perpetual terms
- Renewals: After the promotion period, renewals will be at the regular price
#ICYMI (In-Case-You-Missed-It)
New License Key Required for Zimbra Daffodil 10.1
It is mandatory to obtain a new license key to run the Zimbra Daffodil 10.1 software.
You will not be able to proceed without a new Zimbra Daffodil V10.1 license key (including trial license). Watch the video or read the blog to find out more.
YouTube link to License Management Video
Refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.
An upgrade to the latest patch for your version is highly recommended. Refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.
Customer Feedback Portal
Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!
No comments yet.