Zimbra Forums

So much reading that I'm not sure at this point so best to simply ask. Please don't flame as saying I didn't read because I have but not 100% clear.

I'm running 8.8.11 GA 3799 FOSS, do I need to patch, update, do anything? Is this version secure now?

zim_mike wrote:I'm running 8.8.11 GA 3799 FOSS, do I need to patch, update, do anything? Is this version secure now?

You can see which vulnerability is fixed or patched in which version on this overview page: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
I would suggest to update to the latest version in case you're unsure. Keeping the installation updated is generally a good thing in terms of security.

Thanks for the lead, I'll take a look. It took a while to get back to this because I didn't get an email about the post .
Doesn't the server or the client let you know when there are updates?

zim_mike wrote:Doesn't the server or the client let you know when there are updates?

It doesn't seem to, to my dismay

The version check script checks for new versions, so if Synacor released an 8.8.16 version of Zimbra, the version check script would notify you.

Patches are as you know repo-based, and Zimbra has committed to releasing Patches on a monthly schedule.

So apt-get update && apt list —upgradable will let you know if there are any Zimbra and/or operating system updates available.

Plus, 8.8.15 is the only supported version of Zimbra available at the moment.

Hope that helps,
Mark

Hi
I have a problem to install the patch for this bug. when I use CLI to show my Zimbra version it displays Release 8.5.0_GA_3042.RHEL6_64_20140828192005 RHEL6_64 FOSS edition, Patch 8.5.0_P2. But when I use GUI (About) this display: 8.6.0_GA_1153.FOSS.
Please guide me on how can I solve it and what of them is correct?
Thank you so much.

The first thing I'd try, is to just upgrade to the latest version (8.8.15 Patch-7). You can download it at zimbra.org (although I don't know why they offer that, as opposed to zimbra.com, where you have to fill out a form for the open source edition).

There are some difficulties upgrading from 8.6 to 8.7, see here. Always make a easy to restore backup, before upgrading.

L. Mark Stone wrote:The version check script checks for new versions, so if Synacor released an 8.8.16 version of Zimbra, the version check script would notify you.

Patches are as you know repo-based, and Zimbra has committed to releasing Patches on a monthly schedule.

So apt-get update && apt list —upgradable will let you know if there are any Zimbra and/or operating system updates available.

Plus, 8.8.15 is the only supported version of Zimbra available at the moment.

Hope that helps,
Mark

Thank you so much mark.
I use " zmcontrol -v" and display zimbra 8.5.0.
but when i use GUI " about section from the top menu" display 8.6.0.
Why are the two different and which is correct?

best regard
fatemi

Whichever version of ZCS it is you should not me using it, i'd suggest you get onto the most recent 8.8.15 ASAP.