Patch Security Severity: Medium
Deployment Risk: Medium
This release focuses on essential security and improving user experience for the following editions
Zimbra Daffodil 10.0.8 (Release Notes)
Zimbra 9.0.0 Kepler Patch-40 (Release Notes)
Patch updated on Apr 22 include the following in their respective releases
What’s New
Performance
Enabled concurrent socket connection for OpenJDK
External Storage (Zimbra Daffodil only)
Added compression support on S3 external volumes
Emails in Modern Web App (Zimbra Daffodil only)
Users can reply and forward emails in plaintext
Security Enhancements
Upgraded postfix for improved security
To fix sMTP smuggling vulnerability (CVE-2023-51764)
Upgraded PHP
To reduce security risks
Implemented multiple security fixes related to XSS (Cross-Site Scripting) attacks
#ICYMI (In-Case-You-Missed-It)
ZCO Email Functionality (Microsoft Updates 2310, 2311)
Upgrade to the latest Outlook version and enjoy seamless email sending through the latest ZCO build. You may find the most recent ZCO package at https://www.zimbra.com/product/addons/zimbra-connector-for-outlook-download/
End of Patch for Zimbra Server on Ubuntu 18.04
There will no longer be any patch releases for Zimbra Daffodil (v10) on Ubuntu 18.04 operating system. Customers are encouraged to use Ubuntu 20.04 for installations of Zimbra Daffodil (v10) to benefit from future patch releases.
Refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.
An upgrade to the latest patch for your version is highly recommended. Refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.
End of General Support
Zimbra 8.8.15 has reached the end of General Support.
Support, security patches, or updates for Zimbra 9.0.0 General Support will last through 12/31/2024
The post NEW! Patch Release: Compression support on S3 external volumes, Enabled Concurrent Socket Connection for OpenJDK & Other Enhancements appeared first on Zimbra : Blog.