This is a reposting of Rene’s original blog announcement on March 18, 2019.
Please read and be sure that your Zimbra Patches are up-to-date!
Hello Zimbra Friends,
The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding a vulnerability which, if exploited, could allow an attacker to remotely execute code on an affected Zimbra system.
To secure supported versions of Zimbra (8.7 and 8.8)
Zimbra customers running versions of 8.8 must upgrade to 8.8.10 Patch 7 or 8.8.11 Patch 3
Zimbra customers running the long term support version (LTS) 8.7.11 must upgrade to 8.7.11 Patch 10
To secure unsupported version of Zimbra (8.6 and earlier)
Customers running 8.6 must upgrade to Patch 13 – This Patch is scheduled for release 19 March.
Older versions of Zimbra are vulnerable until they are upgraded to a supported version.
If you require guidance around your upgrade, please contact your Zimbra Partner or Zimbra Support for further information.
NOTE: Zimbra recommends that you always upgrade to the latest version of Zimbra to protect against possible security vulnerabilities.
Vice President Product eMail and Collaboration
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Official Zimbra news, events, releases, and updates.
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 2 guests