Author Archive | Rene Otto

[REPOST] Recent Zimbra XXE / SSRF Vulnerability Disclosure

This is a reposting of Rene’s original blog announcement on March 18, 2019. Please read and be sure that your Zimbra Patches are up-to-date! Hello Zimbra Friends, Background The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding […]

Continue Reading

Zimbra’s New Software Development Lifecycle

Zimbra is committed to delivering top performing products, and integral to that is our new Software Development Lifecycle (SDLC), which will help us create quality products delivered in a customer-friendly, predictable way. There are two streams in the SDLC: the Standard Release Model and the Longterm Release Model. The Standard Release Model This stream of […]

Continue Reading

#EFAIL: Zimbra Not Affected

There has been active commentary about the “EFAIL” paper released May 14 by a German and Belgian research team that presented potential vulnerability in PGP and S/MIME encrypted emails. The Zimbra Security team has analyzed the paper and tested Zimbra for any exposure to the EFAIL attack patterns. The Results? Good news. Zimbra S/MIME solutions […]

Continue Reading

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures