Patch Severity: High. This release addresses critical bug fixes and essential security updates Patch Release for the following editions Zimbra Daffodil 10.0.6 (Release Notes) Zimbra 9.0.0 Kepler Patch-38 (Release Notes) Zimbra 8.8.15 Joule Patch-45 (Release Notes) Patch updated on 18 Dec include the following in their respective releases What’s New OpenJDK has been upgraded to […]
Archive | Product Updates
Patch for Zimbra Daffodil 10.0.5, 9.0.0 Patch-37 & 8.8.15 Patch-44
Daffodil Migration Patch: Assist Users in Moving to Daffodil This patch has newly added functions that will aid in the upgrade/migration process to Daffodil. To safeguard your system, we recommend you always upgrade to the latest patch and regularly refer to our blog and the Zimbra Security Center for steps to ensure your system is safe. Patch Release […]
Patch for Zimbra Daffodil 10.0.4, 9.0.0 Patch-36 & 8.8.15 Patch-43
Guarding Against XSS: Security Update This Patch Release is for the following editions Daffodil 10.0.4 9.0.0 Kelper Patch 36 8.8.15 Joule Patch 43 This notification is published ahead of the actual release to enable administrators to schedule time to install the patch. The patch has been released on Wednesday (13 Sept). The steps for installing […]
Review your Zimbra configuration after updating to the latest patch
It has come to our attention that in some cases postconf settings are not retained when updating to the latest patch (9.0.0.P34, 8.8.15.P41, 10.0.2). Make sure to re-apply any customizations, including TLS cipher configurations you had previously configured using the postconf command. In addition, the latest patch also enabled OpenSSL in FIPS mode, more details […]
Patch for Zimbra Daffodil 10.0.2, 9.0.0 Patch-34 & 8.8.15 Patch-41
Security bug fixes and OpenSSL upgrade Zimbra OpenSSL now runs in FIPS-compliant mode by default. This increases security which requires no additional action on your part. However, should you run into issues, you can find steps to disable OpenSSL FIPS in the release notes. This patch upgrades OpenSSL to major version 3.0.x. To safeguard your […]
Security Update for Zimbra Collaboration Suite Version 8.8.15 CVE-2023-37580
An XSS vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced. We take this matter very seriously and have already taken immediate action to address the issue. Important: This vulnerability has been actively exploited, making it imperative to take immediate action. We strongly recommend […]