Zimbra Patches: 8.8.10 Patch 3 + 8.8.9 Patch 7

Hello Zimbra Friends, Customers & Partners,

Zimbra 8.8.10 “Konrad Zuse” Patch 3 and 8.8.9 “Curie” Patch 7 are here.

For 8.8.8 and above Zimbra Patches, you don’t need to download any patch builds. The Patch packages can be installed using Linux package management commands.

Zimbra 8.8.10 “Konrad Zuse” Patch 3

Patch 3 is here for the Zimbra 8.8.10 “Konrad Zuse” GA release, and it includes fixes as listed in the release notes.

Fixed Issues

Hierarchical Address Book (Beta) API fixes:

  • Added API to query address-list by name or id
  • Fixed service.UNKNOWN_DOCUMENT for retrieving HAB group using zmprov cmd
  • Created Alias for zmprov HAB commands
  • HAB group is now synced in GAL
  • Added Admin API to assign seniorityIndex to HAB Group
  • Added Admin API to Modify address list

OpenLDAP 1.0.2 package is available with multiVal and sortVal fixes. Multival configuration is recommended for large deployments. Please follow https://wiki.zimbra.com/wiki/Zimbra-LDAP_Multival_Configuration for Multival configuration steps.

Patch Installation

Note: Installing the zimbra-patch package only updates the Zimbra core packages. Please refer to the release notes for Zimbra 8.8.10 Patch 3 installation on Redhat and Ubuntu platforms.

Zimbra 8.8.9 “Curie” Patch 7

Patch 7 is here for the Zimbra 8.8.9 “Curie” GA release, and it includes fixes as listed in the release notes.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification is listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information for details.

Bug# Summary CVE-ID CVSS Score Zimbra Rating Fix Release or Patch Version
109020 Persistent XSS – Web Client / Defanger [CWE-79] CVE-2018-18631 5.0 Major 8.8.9 Patch 7

OpenLDAP 1.0.2 package is available with multiVal and sortVal fixes. Multival configuration is recommended for large deployments. Please follow https://wiki.zimbra.com/wiki/Zimbra-LDAP_Multival_Configuration for Multival configuration steps.

Patch Installation

Note: Installing zimbra-patch package only updates the Zimbra core packages. Please refer to the release notes for Zimbra 8.8.9 Patch 7 installation on Redhat and Ubuntu platforms.

Thank you,

Your Zimbra Team

Comments are closed.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures