8.8.15 patch 46

Ask questions about your setup or get help installing ZCS server (ZD section below).
Klug
Ambassador
Ambassador
Posts: 2788
Joined: Mon Dec 16, 2013 11:35 am
Location: France - Drôme
ZCS/ZD Version: All of them
Contact:

8.8.15 patch 46

Post by Klug »

Hi all.

A patch 46 has been issued for 8.8.15 even if it's out of support, thank you Synacor team.
It fixes several XSS issues, see: https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46

I just tried to update a test server (8.8.15-OSE) and: nothing.
Same problem on Ubuntu 18.04 and 20.04...

Code: Select all

# apt list --upgradable
Listing... Done
apparmor/focal-updates,focal-security 2.13.3-7ubuntu5.3build2 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
kpartx/focal-updates 0.8.3-1ubuntu2.4 amd64 [upgradable from: 0.8.3-1ubuntu2.3]
krb5-locales/focal-updates 1.17-6ubuntu4.7 all [upgradable from: 1.17-6ubuntu4.6]
landscape-common/focal-updates 23.02-0ubuntu1~20.04.3 amd64 [upgradable from: 19.12-0ubuntu4.3]
libapparmor1/focal-updates,focal-security 2.13.3-7ubuntu5.3build2 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
libgssapi-krb5-2/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libk5crypto3/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5-3/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5support0/focal-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
multipath-tools/focal-updates 0.8.3-1ubuntu2.4 amd64 [upgradable from: 0.8.3-1ubuntu2.3]
python3-twisted-bin/focal-security 18.9.0-11ubuntu0.20.04.4 amd64 [upgradable from: 18.9.0-11ubuntu0.20.04.3]
python3-twisted/focal-security 18.9.0-11ubuntu0.20.04.4 all [upgradable from: 18.9.0-11ubuntu0.20.04.3]
python3-update-manager/focal-updates 1:20.04.10.21 all [upgradable from: 1:20.04.10.20]
thermald/focal-updates 1.9.1-1ubuntu0.7 amd64 [upgradable from: 1.9.1-1ubuntu0.6]
tzdata/focal-updates 2024a-0ubuntu0.20.04.1 all [upgradable from: 2024a-0ubuntu0.20.04]
ubuntu-advantage-tools/focal-updates 33.2~20.04 all [upgradable from: 31.2.2~20.04]
ubuntu-pro-client-l10n/focal-updates 33.2~20.04 amd64 [upgradable from: 31.2.2~20.04]
ubuntu-pro-client/focal-updates 33.2~20.04 amd64 [upgradable from: 31.2.2~20.04]
update-manager-core/focal-updates 1:20.04.10.21 all [upgradable from: 1:20.04.10.20]
vim-common/focal-updates 2:8.1.2269-1ubuntu5.23 all [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim-runtime/focal-updates 2:8.1.2269-1ubuntu5.23 all [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim-tiny/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
vim/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
xxd/focal-updates 2:8.1.2269-1ubuntu5.23 amd64 [upgradable from: 2:8.1.2269-1ubuntu5.22]
It seems to work for 8.8.15-NE:

Code: Select all

# apt list --upgradable
Listing... Done
base-files/bionic-updates 10.1ubuntu2.12 amd64 [upgradable from: 10.1ubuntu2.11]
filebeat/stable 7.17.23 amd64 [upgradable from: 7.17.15]
logstash/stable 1:7.17.23-1 amd64 [upgradable from: 1:7.17.15-1]
python3-update-manager/bionic-updates 1:18.04.12 all [upgradable from: 1:18.04.11.13]
ubuntu-advantage-tools/bionic-updates 33.2~18.04 amd64 [upgradable from: 30~18.04]
ubuntu-pro-client-l10n/bionic-updates 33.2~18.04 amd64 [upgradable from: 30~18.04]
update-manager-core/bionic-updates 1:18.04.12 all [upgradable from: 1:18.04.11.13]
update-notifier-common/bionic-updates 3.192.1.21 all [upgradable from: 3.192.1.19]
zimbra-patch/unknown 8.8.15.1723777774.p46-2.u18 amd64 [upgradable from: 8.8.15.1701429424.p45-2.u18]
zimbra-zco/unknown 8.8.15.1941.1704785241-1.u18 amd64 [upgradable from: 8.8.15.1939.1703224217-1.u18]
Did anyone yet manage to update his OSE servers?
Are the repository up-to-date?

Additional question: does this patch includes the previous unpatched for 8.8.15 but patched for 9.x issues?
Such as ZBUG-3730 and ZBUG-3625?
liverpoolfcfan
Elite member
Elite member
Posts: 1132
Joined: Sat Sep 13, 2014 12:47 am

Re: 8.8.15 patch 46

Post by liverpoolfcfan »

I just checked on Rocky 8 - FOSS, and it shows that the files are available. I have not applied the patch yet.

Code: Select all

[root@mail ~]# yum clean all
56 files removed
[root@mail ~]# yum check-update
Rocky Linux 8 - AppStream                                                                     1.0 MB/s |  12 MB     00:12
Rocky Linux 8 - BaseOS                                                                        495 kB/s | 6.1 MB     00:12
Rocky Linux 8 - Extras                                                                        1.4 kB/s |  14 kB     00:10
Rocky Linux 8 - PowerTools                                                                    281 kB/s | 3.2 MB     00:11
Extra Packages for Enterprise Linux 8 - x86_64                                                1.1 MB/s |  14 MB     00:12
Zimbra RPM Repository                                                                          42 kB/s | 301 kB     00:07
Zimbra New RPM Repository                                                                     712 kB/s | 4.5 MB     00:06

zimbra-common-core-jar.x86_64                               8.8.15.1723726984-1.r8                             zimbra-8815-oss
zimbra-mbox-admin-console-war.x86_64                        8.8.15.1723635850-1.r8                             zimbra-8815-oss
zimbra-mbox-webclient-war.x86_64                            8.8.15.1723641096-1.r8                             zimbra-8815-oss
zimbra-mta-patch.x86_64                                     8.8.15.1723777774.p46-1.r8                         zimbra-8815-oss
zimbra-patch.x86_64                                         8.8.15.1723777774.p46-1.r8                         zimbra-8815-oss
Klug
Ambassador
Ambassador
Posts: 2788
Joined: Mon Dec 16, 2013 11:35 am
Location: France - Drôme
ZCS/ZD Version: All of them
Contact:

Re: 8.8.15 patch 46

Post by Klug »

Now available on Ubuntu too, I was too impatient (or actually thought the newsletter was sent _after_ the repo were updated).

Code: Select all

zimbra-common-core-jar/unknown 8.8.15.1723726984-1.u20 amd64 [upgradable from: 8.8.15.1701335039-1.u20]
zimbra-mbox-admin-console-war/unknown 8.8.15.1723635850-1.u20 amd64 [upgradable from: 8.8.15.1695221315-1.u20]
zimbra-mbox-webclient-war/unknown 8.8.15.1723641096-1.u20 amd64 [upgradable from: 8.8.15.1701417049-1.u20]
zimbra-mta-patch/unknown 8.8.15.1723777774.p46-1.u20 amd64 [upgradable from: 8.8.15.1701429424.p45-1.u20]
zimbra-patch/unknown 8.8.15.1723777774.p46-1.u20 amd64 [upgradable from: 8.8.15.1701429424.p45-1.u20]
liverpoolfcfan
Elite member
Elite member
Posts: 1132
Joined: Sat Sep 13, 2014 12:47 am

Re: 8.8.15 patch 46

Post by liverpoolfcfan »

Given that the main Releases page https://wiki.zimbra.com/wiki/Zimbra_Releases and the blog have not been updated yet to reflect the new patch, I suspect they are in the process of rolling out the builds to the repositories before publishing
kenji.21
Posts: 8
Joined: Sat Sep 13, 2014 2:39 am

Re: 8.8.15 patch 46

Post by kenji.21 »

Issue after upgrade from 45 :

Code: Select all

$ zmcontrol status
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
Connect: Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Upgrade infos:

Code: Select all

cat /var/log/apt/history.log

Start-Date: 2024-09-05  07:55:26
Commandline: /usr/bin/apt-get -y -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef dist-upgrade
Upgrade: zimbra-mta-patch:amd64 (8.8.15.1701429424.p45-1.u18, 8.8.15.1723777774.p46-1.u18), zimbra-patch:amd64 (8.8.15.1701429424.p45-1.u18, 8.8.15.1723777774.p46-1.u18), zimbra-mbox-admin-console-war:amd64 (8.8.15.1695221315-1.u18, 8.8.15.1723635850-1.u18), zimbra-common-core-jar:amd64 (8.8.15.1701335039-1.u18, 8.8.15.1723726984-1.u18), zimbra-mbox-webclient-war:amd64 (8.8.15.1701417049-1.u18, 8.8.15.1723641096-1.u18)
End-Date: 2024-09-05  07:55:59
glenndm
Advanced member
Advanced member
Posts: 126
Joined: Fri Sep 12, 2014 10:35 pm
ZCS/ZD Version: Release 8.8.15.GA.3829.UBUNTU16.64

Re: 8.8.15 patch 46

Post by glenndm »

fyi: a scare while installing the patch:

during the install, patching seemed to be looping during a certificate section.
the patch was repeatedly complaining that certificates use 1024 bits rsa and missing files
It took about 5 minutes of these kind of messages:

Code: Select all

ERROR: Can't read file '/opt/zimbra/.saveconfig/zimbra-openjdk-cacerts-1.0.5-1zimbra8.7b1.14.04/tmp/ubuntu14_64/hbuo9a17cf/mmbf5linjw.der.crt'
keytool error: java.io.FileNotFoundException: /opt/zimbra/.saveconfig/zimbra-openjdk-cacerts-1.0.5-1zimbra8.7b1.14.04/tmp/ubuntu14_64/hbuo9a17cf/mojs0sjtzc.der.crt (No such file or directory)
/bin/chown: cannot access '/opt/zimbra/.saveconfig/zimbra-openjdk-cacerts-1.0.5-1zimbra8.7b1.14.04/tmp/ubuntu14_64/hbuo9a17cf/mojs0sjtzc.der.crt': No such file or directory
Luckily the patch eventually concluded and Zimbra is up and running after reboot.

best regards
User avatar
oetiker
Outstanding Member
Outstanding Member
Posts: 300
Joined: Fri Mar 07, 2014 1:05 pm
Location: Switzerland
ZCS/ZD Version: Release 10.1.0.GA.4633.UBUNTU20.64
Contact:

Re: 8.8.15 patch 46 Touch Client does not load

Post by oetiker »

Hi

After applying P46 the mobile touch client does not load ... and shows the entry screen with the logo and the
circling dashes going round forever.

Anybody facing the same issue?

https://[URL]/zimbra/t/

Release 8.8.15.GA.3829.UBUNTU16.64 UBUNTU16_64 NETWORK edition, Patch 8.8.15_P46.
Release 8.8.15.GA.4177.UBUNTU20.64 UBUNTU20_64 NETWORK edition, Patch 8.8.15_P46.
Klug
Ambassador
Ambassador
Posts: 2788
Joined: Mon Dec 16, 2013 11:35 am
Location: France - Drôme
ZCS/ZD Version: All of them
Contact:

Re: 8.8.15 patch 46

Post by Klug »

I just tried with an iPhone with last IOS (17.6.1), I can log in with Safari (OSE server).
I have not tried with Android (nor another browser - I had issues with Firefox on Android for years).

But just like you it doesn't work with Network Edition either.
The login screen looks like ModernUI (while it's the ClassicUI on OSE) and it doesn't work...

I guess something for backported from 9.0 and not checked.
User avatar
oetiker
Outstanding Member
Outstanding Member
Posts: 300
Joined: Fri Mar 07, 2014 1:05 pm
Location: Switzerland
ZCS/ZD Version: Release 10.1.0.GA.4633.UBUNTU20.64
Contact:

Re: 8.8.15 patch 46 Touch Client is not working

Post by oetiker »

Hi

I just get the answer of Zimbra Support about the BUG of P46 make the Touch Client unusable.......
Zimbra version 8.8.15 has reached its End-of-Life as of December 2023 and is no longer supported. To ensure continued support and access to the latest features and security updates, please upgrade to Zimbra 10, the most recent supported version, at your earliest convenience.
At the moment I have no words for that ... :(
kenji.21
Posts: 8
Joined: Sat Sep 13, 2014 2:39 am

Re: 8.8.15 patch 46

Post by kenji.21 »

kenji.21 wrote: Thu Sep 05, 2024 7:16 am Issue after upgrade from 45 :

Code: Select all

$ zmcontrol status
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
Connect: Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Upgrade infos:

Code: Select all

cat /var/log/apt/history.log

Start-Date: 2024-09-05  07:55:26
Commandline: /usr/bin/apt-get -y -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef dist-upgrade
Upgrade: zimbra-mta-patch:amd64 (8.8.15.1701429424.p45-1.u18, 8.8.15.1723777774.p46-1.u18), zimbra-patch:amd64 (8.8.15.1701429424.p45-1.u18, 8.8.15.1723777774.p46-1.u18), zimbra-mbox-admin-console-war:amd64 (8.8.15.1695221315-1.u18, 8.8.15.1723635850-1.u18), zimbra-common-core-jar:amd64 (8.8.15.1701335039-1.u18, 8.8.15.1723726984-1.u18), zimbra-mbox-webclient-war:amd64 (8.8.15.1701417049-1.u18, 8.8.15.1723641096-1.u18)
End-Date: 2024-09-05  07:55:59
I retried the upgrade manually, here is the log :

Code: Select all

Preparing to unpack .../zimbra-common-core-jar_8.8.15.1723726984-1.u18_amd64.deb ...
Unpacking zimbra-common-core-jar (8.8.15.1723726984-1.u18) over (8.8.15.1701335039-1.u18) ...
Preparing to unpack .../zimbra-mbox-admin-console-war_8.8.15.1723635850-1.u18_amd64.deb ...
Unpacking zimbra-mbox-admin-console-war (8.8.15.1723635850-1.u18) over (8.8.15.1695221315-1.u18) ...
Preparing to unpack .../zimbra-mbox-webclient-war_8.8.15.1723641096-1.u18_amd64.deb ...
Unpacking zimbra-mbox-webclient-war (8.8.15.1723641096-1.u18) over (8.8.15.1701417049-1.u18) ...
Preparing to unpack .../zimbra-mta-patch_8.8.15.1723777774.p46-1.u18_amd64.deb ...
Unpacking zimbra-mta-patch (8.8.15.1723777774.p46-1.u18) over (8.8.15.1701429424.p45-1.u18) ...
Preparing to unpack .../zimbra-patch_8.8.15.1723777774.p46-1.u18_amd64.deb ...
Unpacking zimbra-patch (8.8.15.1723777774.p46-1.u18) over (8.8.15.1701429424.p45-1.u18) ...
Setting up zimbra-common-core-jar (8.8.15.1723726984-1.u18) ...
Setting up zimbra-mbox-webclient-war (8.8.15.1723641096-1.u18) ...
**** Fixing up the permission ****
Set capability for /opt/zimbra/common/libexec/slapd
Setting up zimbra-mbox-admin-console-war (8.8.15.1723635850-1.u18) ...
**** Fixing up the permission ****
Set capability for /opt/zimbra/common/libexec/slapd
Setting up zimbra-mta-patch (8.8.15.1723777774.p46-1.u18) ...
*** updating unbound.conf.in ***
*** updating clamd.conf.in ***
Set capability for /opt/zimbra/common/libexec/slapd
**** Installation Completed for MTA Patch. ****
**** Restart all the service as zimbra user. Run zmcontrol restart. ****
Setting up zimbra-patch (8.8.15.1723777774.p46-1.u18) ...
*** Updating Zimbra ldaputils ***
*** Updating com_zimbra_bulkprovision.jar ***
*** updating clamscanner jar ***
*** updating zm-openid-consumer-store jar ***
*** updating milter.log4j.properties ***
*** updating unbound.conf.in ***
*** updating log4j.properties ***
*** updating zmgql jar ***
*** updating nginx-lookup jar ***
*** updating zmoauthsocial jar ***
*** updating zm-ssdb-ephemeral-store jar ***
*** updating com_zimbra_cert_manager jar ***
*** updating clamd.conf.in ***
*** Removing clientuploader zimlet ***
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
mailboxd is running.
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory
*** Removing clientuploader extension ***
*** Help package is not installed... ***
*** updating zm-taglib jar at /opt/zimbra/jetty_base/webapps/service/WEB-INF/lib/ ***
*** updating zm-taglib jar at /opt/zimbra/jetty_base/webapps/zimbraAdmin/WEB-INF/lib/ ***
**** Fixing up the permission ****
Set capability for /opt/zimbra/common/libexec/slapd
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory
updateRsyslogd: Updating /etc/rsyslog.d/50-default.conf...done.
/opt/zimbra/common/jetty_home/resources/jetty-logging.properties already exists
**** Installation Completed. ****
**** Restart all the service as zimbra user. Run zmcontrol restart. ****
Rollbacked (thanks ZFS) to previous version, and I reproduced the error doing :

Code: Select all

# mv /opt/zimbra/lib/jars/zimbrastore.jar /opt/zimbra/lib/jars/zimbrastore.jar.old
# su - zimbra -c /opt/zimbra/bin/zmlocalconfig
Error: Could not find or load main class com.zimbra.cs.localconfig.LocalConfigCLI
Caused by: java.lang.ClassNotFoundException: com.zimbra.cs.localconfig.LocalConfigCLI
Post Reply