Search found 9 matches

by ghen
Wed Nov 18, 2020 12:30 am
Forum: Community News
Topic: November 2020 Zeta Alliance Weekly Call Summaries
Replies: 9
Views: 2442

Re: November 2020 Zeta Alliance Weekly Call Summaries

Have you also noticed that, if you set zimbra_imap_folder_pagination_enabled=true on 8.8.15 patch 15, it always logs, for every user:

"Total folder count - X is greater than folder pagination size - 2000"

regardless of the number of folders X actually exceeding the max or not...
by ghen
Fri Aug 28, 2020 3:18 pm
Forum: Administrators
Topic: Zimbra Offline mode broken in Chrome 85
Replies: 3
Views: 949

Re: Zimbra Offline mode broken in Chrome 85

I have, just informing people here as well.
by ghen
Fri Aug 28, 2020 10:02 am
Forum: Administrators
Topic: Zimbra Offline mode broken in Chrome 85
Replies: 3
Views: 949

Zimbra Offline mode broken in Chrome 85

Offline mode in Zimbra 8.8.15 is no longer working with Chrome as of version 85 Users get the following message: "This feature is currently supported only in Google Chrome and Mozilla Firefox browser." Looking at the test behind this in Chrome debugger console, turns out that applicationCa...
by ghen
Wed Jun 24, 2020 1:26 pm
Forum: Community News
Topic: June 2020 Zeta Alliance Weekly Call Summaries
Replies: 8
Views: 4936

Re: June 2020 Zeta Alliance Weekly Call Summaries

Hi Can I put the following topic on the agenda for next week please: Content-Security-Policy (CSP). There is demand for this [1] [2] [3] , as more and more vulnerability scanners and security audits require it, but except for some pointers to generic documentation on the Security wiki [4] , Zimbra h...
by ghen
Wed May 13, 2020 11:22 am
Forum: Community News
Topic: May 2020 Zeta Alliance Weekly Call Summaries
Replies: 30
Views: 10277

Re: May 2020 Zeta Alliance Weekly Call Summaries

Since you have discussed about updating the Nginx package, is there any work to implement the SMTP proxy in Zimbra Nginx Proxy? I mean, Zimbra already uses proxy for almost every protocol but the SMTP, which would make it much easier to work with multiple tenants and multiple certificates. Basicall...
by ghen
Thu Mar 05, 2020 3:26 pm
Forum: Administrators
Topic: Zimbra SSRF CVE-2020-7796
Replies: 1
Views: 1030

Re: Zimbra SSRF CVE-2020-7796

I was told the vulnerability is in a leftover JSP file in the webex zimlet.
As a fix, patch7 simply removes this file via RPM postinstall scriptlet:

Code: Select all

rm -f /opt/zimbra/zimlets-deployed/com_zimbra_webex/httpPost.jsp
by ghen
Wed Mar 04, 2020 9:36 am
Forum: Administrators
Topic: Zimbra SSRF CVE-2020-7796
Replies: 1
Views: 1030

Zimbra SSRF CVE-2020-7796

Hi Does anyone have more information on SSRF vulnerability CVE-2020-7796, besides the fact that it was fixed in 8.8.15 patch 7? CVE description: Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. What is the precise scope and ...
by ghen
Thu Feb 13, 2020 12:56 pm
Forum: Installation and Upgrade
Topic: Issue after upgrading to 8.8.15
Replies: 24
Views: 13611

Re: Issue after upgrading to 8.8.15

Thanks. Does this concern all external datasources, including pop3/imap, or only the HTTP based ones like CalDAV ?
by ghen
Thu Feb 13, 2020 8:10 am
Forum: Installation and Upgrade
Topic: Issue after upgrading to 8.8.15
Replies: 24
Views: 13611

Re: Issue after upgrading to 8.8.15

We and one of our customers had this issue. In our cases, the symptoms were that web client sessions generated a "Server Error 500" for the users, but that IMAP and other non web-ui access methods continued to function. Zimbra Support have identified the root cause and given us a bug numb...

Go to advanced search