A new security patch has been released to further address CVE-2022-27924.
This issue has been ranked as High by the Zimbra Team and we recommend that you use the most recent release available to avoid any issues.
https://blog.zimbra.com/2022/05/new-zimbra-security-patches-9-0-0-patch-24-1-and-8-8-15-patch-31-1/ (May 10th 2022)

Zimbra 8.8.15 patch 20 CVE rating 9.8

Official Zimbra news, events, releases, and updates.
Advanced member
Advanced member
Posts: 90
Joined: Sat Sep 13, 2014 12:54 am
Location: Netherlands
ZCS/ZD Version: Zimbra version doesn't fit in field

Zimbra 8.8.15 patch 20 CVE rating 9.8

Postby halfgaar » Wed Mar 31, 2021 8:51 am

By lack of announcement topic, I'm taking the liberty:

Zimbra Collaboration Joule 8.8.15 Patch 20 GA Release

I don't know what a joule is (aside from a unit of energy), but I guess it's a suite.

"Heap-based buffer overflow vulnerabilities in PHP < 7.3.10" has a 9.8 rating. "Upgraded Apache to 2.4.46 to avoid multiple vulnerabilities. " has a 7.8.

On my server, there are 59 Zimbra updates waiting.

Posts: 2504
Joined: Mon Dec 16, 2013 11:35 am

Re: Zimbra 8.8.15 patch 20 CVE rating 9.8

Postby Klug » Wed Mar 31, 2021 4:12 pm

Joule is the nickname of this ZCS version (8.8.15).

Return to “Announcements”

Who is online

Users browsing this forum: No registered users and 2 guests