A patch 46 has been issued for 8.8.15 even if it's out of support, thank you Synacor team.
It fixes several XSS issues, see: https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46
I just tried to update a test server (8.8.15-OSE) and: nothing.
Same problem on Ubuntu 18.04 and 20.04...
Code: Select all
# apt list --upgradable
Listing... Done
apparmor/focal-updates,focal-security 2.13.3-7ubuntu5.3build2 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
kpartx/focal-updates 0.8.3-1ubuntu2.4 amd64 [upgradable from: 0.8.3-1ubuntu2.3]
krb5-locales/focal-updates 1.17-6ubuntu4.7 all [upgradable from: 1.17-6ubuntu4.6]
landscape-common/focal-updates 23.02-0ubuntu1~20.04.3 amd64 [upgradable from: 19.12-0ubuntu4.3]
libapparmor1/focal-updates,focal-security 2.13.3-7ubuntu5.3build2 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
libgssapi-krb5-2/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libk5crypto3/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5-3/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5support0/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
multipath-tools/focal-updates 0.8.3-1ubuntu2.4 amd64 [upgradable from: 0.8.3-1ubuntu2.3]
python3-twisted-bin/focal-security 18.9.0-11ubuntu0.20.04.4 amd64 [upgradable from: 18.9.0-11ubuntu0.20.04.3]
python3-twisted/focal-security 18.9.0-11ubuntu0.20.04.4 all [upgradable from: 18.9.0-11ubuntu0.20.04.3]
python3-update-manager/focal-updates 1:20.04.10.21 all [upgradable from: 1:20.04.10.20]
thermald/focal-updates 1.9.1-1ubuntu0.7 amd64 [upgradable from: 1.9.1-1ubuntu0.6]
tzdata/focal-updates 2024a-0ubuntu0.20.04.1 all [upgradable from: 2024a-0ubuntu0.20.04]
ubuntu-advantage-tools/focal-updates 33.2~20.04 all [upgradable from: 31.2.2~20.04]
ubuntu-pro-client-l10n/focal-updates 33.2~20.04 amd64 [upgradable from: 31.2.2~20.04]
ubuntu-pro-client/focal-updates 33.2~20.04 amd64 [upgradable from: 31.2.2~20.04]
update-manager-core/focal-updates 1:20.04.10.21 all [upgradable from: 1:20.04.10.20]
vim-common/focal-updates 2:8.1.2269-1ubuntu5.23 all [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim-runtime/focal-updates 2:8.1.2269-1ubuntu5.23 all [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim-tiny/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
xxd/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
Code: Select all
# apt list --upgradable
Listing... Done
base-files/bionic-updates 10.1ubuntu2.12 amd64 [upgradable from: 10.1ubuntu2.11]
filebeat/stable 7.17.23 amd64 [upgradable from: 7.17.15]
logstash/stable 1:7.17.23-1 amd64 [upgradable from: 1:7.17.15-1]
python3-update-manager/bionic-updates 1:18.04.12 all [upgradable from: 1:18.04.11.13]
ubuntu-advantage-tools/bionic-updates 33.2~18.04 amd64 [upgradable from: 30~18.04]
ubuntu-pro-client-l10n/bionic-updates 33.2~18.04 amd64 [upgradable from: 30~18.04]
update-manager-core/bionic-updates 1:18.04.12 all [upgradable from: 1:18.04.11.13]
update-notifier-common/bionic-updates 3.192.1.21 all [upgradable from: 3.192.1.19]
zimbra-patch/unknown 8.8.15.1723777774.p46-2.u18 amd64 [upgradable from: 8.8.15.1701429424.p45-2.u18]
zimbra-zco/unknown 8.8.15.1941.1704785241-1.u18 amd64 [upgradable from: 8.8.15.1939.1703224217-1.u18]
Are the repository up-to-date?
Additional question: does this patch includes the previous unpatched for 8.8.15 but patched for 9.x issues?
Such as ZBUG-3730 and ZBUG-3625?