Search found 113 matches

by ppearl
Thu Apr 11, 2019 5:11 pm
Forum: Installation and Upgrade
Topic: Zimbra for Ubuntu 18.04 ?
Replies: 30
Views: 43384

Re: Zimbra for Ubuntu 18.04 ?

The fix is to escape that opening brace that perl is complaining about. diff --git a/src/libexec/zmsyslogsetup b/src/libexec/zmsyslogsetup index 571063e2..840b644b 100755 --- a/src/libexec/zmsyslogsetup +++ b/src/libexec/zmsyslogsetup @@ -187,7 +187,7 @@ sub updateSyslogNG { s/(^log.*f_mailwarn)/#$1...
by ppearl
Fri Oct 05, 2018 2:06 am
Forum: Installation and Upgrade
Topic: TLS v 1.3
Replies: 3
Views: 4968

Re: TLS v 1.3

ZCS does not have support for TLSv1.3 yet. Keep in mind the equivalent of "GA" releases from OpenSSL and OpenJDK, which ZCS depends on, are quite new. Public bugs: https://bugzilla.zimbra.com/show_bug.cgi?id=108910 https://bugzilla.zimbra.com/show_bug.cgi?id=109039 https://bugzilla.zimbra....
by ppearl
Thu Sep 07, 2017 9:02 pm
Forum: Installation and Upgrade
Topic: ZCS 8.8 upgrade failed with IPv6 enabled
Replies: 19
Views: 9714

Re: ZCS 8.8 upgrade failed with IPv6 enabled

This issue appears to be more fallout from the fix for https://bugzilla.zimbra.com/show_bug.cgi?id=107963 . Also, as mentioned earlier using ipv6only=off more than once seems wrong (per the docs, and noted server behavior. ref: http://nginx.org/en/docs/http/ngx_http_core_module.html#listen ). Diggin...
by ppearl
Thu Aug 31, 2017 6:59 pm
Forum: Zimbra Collaboration 8.8 Beta
Topic: Empty response from nginx after default install
Replies: 14
Views: 49426

Re: Empty response from nginx after default install

The behavior noted here seems to be due to the changes introduced to fix [bug]107963[/bug]
by ppearl
Thu Aug 31, 2017 6:53 pm
Forum: Administrators
Topic: IOException: Too many open files file leak pipe
Replies: 5
Views: 4017

Re: IOException: Too many open files file leak pipe

This reminds me of https://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments#Open_File_Descriptors_Limit - although the tweaks to raise limits usually happen on install IIRC. So, maybe somehow those tweaks were never applied or perhaps the server wasn't rebooted to get the cha...
by ppearl
Fri Jun 16, 2017 7:03 pm
Forum: Administrators
Topic: [Solved] HTTP Security Headers
Replies: 3
Views: 4842

Re: [Solved] HTTP Security Headers

My initial thoughts are that there's likely little (and perhaps no) value to adding headers like this on a HTTP *redirect* (to HTTPS) response. If we were serving up actual content over HTTP (non TLS) then perhaps there's some value. However, using a service such as email over non-TLS protocols is i...
by ppearl
Wed Jul 20, 2016 4:12 am
Forum: Administrators
Topic: httpoxy
Replies: 1
Views: 1534

Re: httpoxy

The short answer is, at this point, that there do not appear to be any issues with supported versions of ZCS relating to the vulnerability being referred to as httpoxy.

Sincerely,
Phil
--
Zimbra Security Architect
by ppearl
Thu Jun 23, 2016 3:25 am
Forum: Administrators
Topic: Ransomware Article
Replies: 2
Views: 4118

Re: RansomWare Article

I've posted a brief note on the ransomware at https://wiki.zimbra.com/wiki/Security_Center . The short recap, is that we recommend staying up to date on OS and ZCS version and patches, and be sure that you double check for proper controls on your systems (consider comparing your system setup against...
by ppearl
Wed Jun 01, 2016 3:59 pm
Forum: Administrators
Topic: STARTTLS Plaintext Command Injection
Replies: 3
Views: 2836

Re: STARTTLS Plaintext Command Injection

Are there any resolutions for this? Yes, upgrade to a current release of Zimbra. Definitely upgrade. There are numerous other security related fixes that you're missing out on if you're still on 8.0.7. You might be interested in keeping an eye on the following: https://wiki.zimbra.com/wiki/Security...