Two critical security vulnerabilities have been resolved in these patch release. It is recommended that any customer running the following versions of Zimbra Collaboration Server, apply the patch release:
8.0.5, 8.0.4, 8.0.3
7.2.5, 7.2.4, 7.2.3, 7.2.2
These issues are being tracked in our Bugzilla systems as the following:
Bug # 80338
http://bugzilla.zimbra.com/show_bug.cgi?id=80338
Summary: Priviledge Escalation via LFI
Affected Versions: 7.2.2 and 8.0.2 and all previous releases
Bug # 84547
http://bugzilla.zimbra.com/show_bug.cgi?id=84547
Summary: Critical Security Vulnerability
Affected Versions: 7.2.5 and 8.0.5 and all previous releases
The official patch downloads and release notes can be found here:
Network Edition Downloads: Enterprise Messaging and Collaboration Software by Zimbra
Please follow the release notes for installation instructions. Each patch release is a cumulative update including any fixes from previous patch releases for that version.
Critical Security Patches posted for 8.0.X/7.2.X
-
jdybik33204
- Posts: 25
- Joined: Sat Sep 13, 2014 1:06 am