Zimbra Forums

Status update: Ok, so using the empty string for setting zimbraSSLDHParam disables the ciphers on ports 993 (I have to retain IMAP for some business interop functions) and 443, but not on ports 25 and 587. We have stopped and started the zimbra services stack (our nightly backup process does this), ...

Thanks ghen, I'll try that.

Hi, Release 10.0.7.GA.3969.UBUNTU20.64 UBUNTU20_64 FOSS edition. Our security scanning service is picking up on vulnerable Diffie-Helmann ciphers being available, under TLS 1.2 which could be used for a DoS D(HE)ater attack. We previously used the info from https://blog.zimbra.com/2022/12/update-zim...

This relates to the zm-jetty-conf repo/project, and the jetty.xml.production file most likely - at least as far as I can see. I haven't had anyone mention this for the builds that I've made, so I'm going to fire up a server with one of my builds now to find out if they are affected as well or not. ...

Fantastic find @liverpoolfcfan.

I was facing exactly same service failure after our 8.8.15 upgrade attempt.

Thanks for posting your findings and helping us resolve.

Brilliant - thank you LiverpoolFCFan!

Hi, Running: Release 8.8.15.GA.4179.UBUNTU20.64 UBUNTU20_64 FOSS edition, Patch 8.8.15_P40 Our security scanning indicates our Zimbra server has HTTP Compression enabled that could potentially support a BREACH attack. I found references to the zimbraHttpCompressionEnabled setting in /opt/zimbra/conf...

Did you ever find a solution? I found references to the zimbraHttpCompressionEnabled setting in /opt/zimbra/conf/attrs/zimbra-attrs.xml. (Noted in Zimbra Wiki https://files.zimbra.com/docs/config-guide/index.html and elsewhere) This apparently only requires restarting the mailboxd service... However...

Realise this question is an old post... but it's the only thing I could find relating to the topic we have. Currently using 8.8.15 on Ubuntu 20.04 LTS - all users under the AJAX web interface. The Archive Zimlet is enabled in CoS for Preferences, but when clicked under Preferences, we don't get the ...

A quick update: I killed the "mv" process, and the setup process seemed to continue to completion: Setting up zimbra crontab...done. Moving /tmp/zmsetup.01072009-002553.log to /opt/zimbra/log Configuration complete - press return to exit I'm assuming that this means all is well. I will gi...