Navigation

Archive | Security & Privacy

Zimbra Collaboration 8.6 Patch 4 and previous (CWE-79, CVE-2015-7609) – XSS vulnerabilities

By on February 23, 2016 in PowerTips – Admins, Security & Privacy

On December 22, 2015, we announced patch 5 for Zimbra Collaboration 8.6. Patch 5 contained fixes for eight security issues, including two cross-site scripting (XSS) vulnerabilities (assigned CVE-2015-7609) that were reported in October of 2015 by security researchers at Fortinet’s Fortiguard Labs. It was a pleasure working with one of the top security companies out there. If […]

Continue Reading

OpenSSL July 2015 Update

By on July 9, 2015 in Open Source, Security & Privacy

On July 9, 2015, OpenSSL issued a security update to correct an issue opened by its June update. Specifically, this issue relates to alternative chains certificate forgery (CVE-2015-1793), i.e. an ability to “cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act […]

Continue Reading

Logjam’s Impact on Zimbra Collaboration

By on May 20, 2015 in Security & Privacy

Zimbra is aware of a newly disclosed SSL/TLS vulnerability that provides a potential malicious actor with a method to perform a Man-in-the-Middle (MitM) attack — the vulnerability is referred to as Logjam. Similar to FREAK, this attack targets export-grade encryption, specifically Diffie-Hellman key exchanges. For more information on the attack and how this applies to […]

Continue Reading

Introducing Zcast

By on April 16, 2015 in Company News, Open Source, Security & Privacy

On behalf of Zimbra, I am happy to introduce Zcast. In this new podcast series, Zimbra CMO Olivier Thierry covers a variety of technology topics that relate, primarily, to open source software, communication technology, business/product strategy, cybersecurity and data protection. The first in the series is with Zimbra partner MailGuard, founded in 2001 by CEO […]

Continue Reading

Email Protection Best Practices: SPF, DKIM and DMARC

By on April 9, 2015 in Open Source, PowerTips – Admins, Security & Privacy, Zimbra Server

As Zimbra Collaboration is a central communication hub for your business, it needs to be protected and secured. Zimbra Collaboration contains multiple antispam features like SpamAssassin, Amavis-d, etc. But, how do you protect against spoofing? How do we ensure outgoing emails are not going into the junk folder of recipients using other platforms like Google Apps, Outlook 365, […]

Continue Reading

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures