Frequent readers of the Zimbra blog will know that Zimbra can be extended/customized by using Zimlets. By creating your own Zimlets you can add functionality to the UI (front-end) and the Java back-end, allowing you to cater to specific customer needs. Zimlets can be enabled globally or per user (group) Details on this can be […]
Tag Archives | security
How to stay informed about Zimbra security announcements?
Zimbra can be updated using apt update or yum update, and it is highly recommended to install Zimbra updates (patches) as they are released, especially in case of patches that include security fixes. Here are a few ways to stay informed on Zimbra Security updates: Subscribe to these RSS feeds: https://wiki.zimbra.com/security-advisory-feed.php (no details, can be […]
Zimbra not affected by NGINX CVE-2023-44487
Recently a number of partners have asked if Zimbra is affected by NGINX CVE-2023-44487. When we take a look at the NGINX blog post on CVE-2023-44487 it mentions the following: …it is essential that the following updates are made to NGINX configuration files, minimizing the server’s attack surface: keepalive_requests should be kept at the default […]
What are the benefits of using Zimbra OpenSSL in FIPS mode?
If you installed or upgraded to Zimbra version 9.0.0.P34, 8.8.15.P41, 10.0.2 or higher, Zimbra will use OpenSSL 3.0.x and FIPS compliance for OpenSSL will be enabled by default. To check if your Zimbra OpenSSL is using FIPS you can run the following command, that should fail with Error setting digest: /opt/zimbra/common/bin/openssl md5 /dev/null There are […]
Review your Zimbra configuration after updating to the latest patch
It has come to our attention that in some cases postconf settings are not retained when updating to the latest patch (9.0.0.P34, 8.8.15.P41, 10.0.2). Make sure to re-apply any customizations, including TLS cipher configurations you had previously configured using the postconf command. In addition, the latest patch also enabled OpenSSL in FIPS mode, more details […]
When your security scanner alerts for jspawnhelper in Zimbra
Many administrators rely on third-party security scanners such as Crowdstrike Falcon to analyze their Zimbra server for malicious activity. One process that is frequently reported is jspawnhelper. What is jspawnhelper? While this is not very well documented, jspawnhelper can be run as the result of a call to ProcessBuilder.start() or Runtime.exec() in a java application. […]