Results 1 to 4 of 4

Thread: ZCS 6.0.9 and 5.0.25 Generally Available and OpenSSL Advisory

  1. #1
    GregA's Avatar
    GregA is offline Zimbra Employee
    Join Date
    Oct 2006
    Posts
    160
    Rep Power
    8

    Default ZCS 6.0.9 and 5.0.25 Generally Available and OpenSSL Advisory

    Latest downloads are now available:

    NE:
    Network Edition Downloads

    FOSS:
    Open Source Edition Downloads

    ====
    The releases of ZCS 6.0.9 and 5.0.25 address a recently announced OpenSSL security vulnerability and fix:

    TLS extension parsing race condition
    http://openssl.org/news/secadv_20101116.txt

    The CVE notification is here:
    CVE - CVE-2010-3864 (under review)

    Due to the number of ZCS components where OpenSSL is used, this is a full release and not a patch. Zimbra considers this release critical for any site allowing TLS and SSL connections from the Internet.

    You are strongly encouraged to update to one of these versions at the first possible opportunity, if you are allowing SSL/TLS connections from untrusted sources (i.e., the Internet) on any protocol directly to any ZCS component.

    The 6.0.9 also includes the following bug fixes:

    ID Sev Summary
    45030 cri Wrong attachment after saving draft on child account
    51898 cri ical/webdav allows unrestricted GAL query - no current ability to deny this
    50191 cri error HTTP 500 on shared notebooks in zcs 6.0.8 when not in English
    53002 cri OpenSSL security vulnerability
    51328 cri LDAP connection leak
    52279 maj Cannot compose email on first try
    52695 maj Chrome : delegatees cannot open shared calendar invitation email
    51092 maj unable to set message size limit for IMAP
    49987 maj Workaround for iCal 4 sending cancellations to all attendees
    when one attendee is removed
    50398 maj Invitations with empty CN field result
    50517 maj HSM NPE when revisions are stored on multiple volumes
    49624 maj Appointment doesnt show the details in Calendar (after it was
    accepted)
    50785 nor Delegated admin loses "List Name" Field
    52580 nor zimbraFeatureMailEnabled set to false unable to create new
    events
    50156 nor zimbra.log not logged to after log rotation on UBUNTU10_64
    50174 nor UB10: Clamav unnecessarily depends on libtool
    53409 nor Special 6.0.9 ZCO
    51175 nor Use negative domain cache for domain lookup by virtual host
    50251 nor Deleting messages does not remove them from message list view
    47488 nor Preemptive auth incorrectly applied to http requests
    50419 nor UserServlet basic auth challenge is not working
    49412 nor zmmailbox modifyFolderGrant bug with all
    52438 nor http acceptor becomes unresponsive - Socket operation on
    non-socket
    49717 nor Same blob is added twice to the blobs zip file during backup,
    causing error during restore
    50953 nor malformed appointment disrupts iCal sync
    53096 nor Upgrade to JDK 1.6u22
    51005 nor Calendar sync inconsistent on iPhone 4
    50603 nor When emptying large folder, batch size ignores zimbraMailEmptyFolderBatchSize
    47361 enh support for SLES11 SP1

    Version 5.0.25 only contains one bug fixed:

    53002 cri OpenSSL security vulnerability

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Where can we get the 6.0.9 ZCO from as the one being shipped is ZimbraOlkConnector-6.0.8_GA_2661_6.0.6058.8.msi ?

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by uxbod View Post
    Where can we get the 6.0.9 ZCO from as the one being shipped is ZimbraOlkConnector-6.0.8_GA_2661_6.0.6058.8.msi ?
    You can get it from the Support Portal.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Thanks, Bill just grabbed it Hopefully will save others some confusion

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •