Results 1 to 5 of 5

Thread: Software/Security Updates for Zimbra

  1. #1
    autospy is offline Junior Member
    Join Date
    Jun 2007
    Location
    Philadelphia, PA
    Posts
    8
    Rep Power
    8

    Default Software/Security Updates for Zimbra

    I work for a medium sized department in a large public University. We're currently testing the open source version of Zimbra for future deployment to replace our existing system (based on iPlanet). Thus, far we've been satisfied with the performance of Zimbra.

    We have yet to engage the sales team, but before we do we have a few questions for the community.

    - Does Zimbra have some mechanism to deal with security updates? For example, there were multiple DoS attacks reported for ClamAV in the past few weeks. (see CVE-2007-3123 (under review)). Updating the OS (RHEL 4 in our case) alone does solve the problem, because Zimbra runs its own ClamAV. I've seen some wiki posts on updating it manually, but that doesn't seem practical as it overwrites the Zimbra binaries (and might not be "certified" to work with Zimbra).

    - Is there a (low-volume) mailing that one can subscribe to and receive security only announcements related to Zimbra?

    Thanks in Advance.

  2. #2
    autospy is offline Junior Member
    Join Date
    Jun 2007
    Location
    Philadelphia, PA
    Posts
    8
    Rep Power
    8

    Default

    I suppose no one here is interested in updates to security holes. I'm wondering how administrator's are handling security updates? On our secondary mail servers (clamav/postfix/etc) we've been relying on Redhat updates, so I'm a reluctant to go with Zimbra unless they are taking security seriously.

  3. #3
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    Quote Originally Posted by autospy View Post
    I suppose no one here is interested in updates to security holes. I'm wondering how administrator's are handling security updates? On our secondary mail servers (clamav/postfix/etc) we've been relying on Redhat updates, so I'm a reluctant to go with Zimbra unless they are taking security seriously.
    We take it seriously and currently ship security updates as part of each patch release. At this time we have not created a security maillist but do at times send out notifications to our customer list first and then post on the forums a day or two later when there are security issues that can be fixed with a config change. This has only happened twice that I can remember.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  4. #4
    msallee is offline Intermediate Member
    Join Date
    May 2009
    Location
    Boulder CO
    Posts
    16
    Rep Power
    6

    Default

    I would also be interested in subscribing to a security-updates only notification list. (for Zimbra NE.) Is there one available yet?
    Thank you.

    Mark

  5. #5
    chauvetp is offline Elite Member
    Join Date
    Apr 2008
    Location
    New Paltz, NY
    Posts
    300
    Rep Power
    7

    Default

    It would be nice if the updates were posted on zimbrablog.com or even @zimbra on twitter.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. mailbox mysql error after O/S updates
    By pksings in forum Administrators
    Replies: 6
    Last Post: 02-23-2007, 10:16 AM
  2. DSPAM Updates
    By Jason Hung in forum Administrators
    Replies: 1
    Last Post: 02-22-2007, 10:45 PM
  3. How are antivirus updates and definitions handled?
    By crips07 in forum Installation
    Replies: 1
    Last Post: 01-17-2007, 02:47 PM
  4. Feed Updates
    By Krishopper in forum Zimlets
    Replies: 3
    Last Post: 12-31-2006, 01:56 PM
  5. Zimbra Security Patches or Updates?
    By illscientific in forum Administrators
    Replies: 5
    Last Post: 10-19-2006, 01:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •