Zimbra not affected by log4j (CVE-2021-44228)
After intensive review and testing, Zimbra Development determined that the 0-day exploit vulnerability for log4j (CVE-2021-44228) does not affect the current Supported Zimbra versions (9.0.0 & 8.8.15). Zimbra Collaboration Server currently uses log4j1 version 1.2.16 which doesn't contain the lookup expression feature that is found within versions 2.0 to 2.17, which is the cause of the vulnerability. Also, Redhat (CVE-2021-4104) vulnerability does not affect the Zimbra Collaboration Server version (8.8.15 & 9.0.0). For this vulnerability to affect the server, it needs JMSAppender, which the ZCS Server does not use, and the ability to append configuration files.

Upgrade from Ubuntu 14.04 to 16.04 lost Zimbra

Ask questions about your setup or get help installing ZCS server (ZD section below).
viz_supp
Posts: 1
Joined: Mon Dec 05, 2016 1:00 am

Upgrade from Ubuntu 14.04 to 16.04 lost Zimbra

Postby viz_supp » Mon Dec 05, 2016 1:18 am

Morning,

I am trying to upgrade my Ubuntu to the latest version (already running Zimbra 8.7.1) but having problems.
There is not a lot of documentation that i can find regarding this upgrade, so i have been following some similar documents that i can find:

https://wiki.zimbra.com/wiki/Ubuntu_Upgrades

The issue i am having, after a successful Ubuntu upgrade Zimbra will not reinstall / detect the old installation.
- I download Zimbra 8.7.1 for Ubuntu 16.04
- Extract and run through the install with .\install.sh -s --skip-activation-check

All the documents i have found say that the installer should prompt for an Upgrade - this is not the case.
The installer does not locate any of the old Zimbra installations:

Image

Am i doing something wrong? Is this expected behavior? how do i get my Zimbra reinstalled with config / mailboxes etc intact?

Thanks

Daniel


vchong68
Posts: 22
Joined: Sat Apr 30, 2016 4:45 am
Location: Singapore
ZCS/ZD Version: Release 8.7.11.GA.1854.UBUNTU16.64

Re: Upgrade from Ubuntu 14.04 to 16.04 lost Zimbra

Postby vchong68 » Mon Dec 05, 2016 9:37 am

On Ubuntu 14.04 with Zimbra 8.71, here is a quick way to upgrade to 16.04.
1) Shutdown zimbra.

2) Do_release_upgrade on term1.

3) When prompted on disable 3rd party repo, immediately open another term2 to edit /etc/apt/sources.list.d/zimbra.list to leave the 2 lines uncommented.
deb [arch=amd64] https://repo.zimbra.com/apt/87 xenial zimbra
deb-src [arch=amd64] https://repo.zimbra.com/apt/87 xenial zimbra
now can close term2


4) Continue the upgrade process on term1 until before reboot

5) Edit /etc/network/interfaces, replace eth0 with ens32.

6) reboot

Return to “Installation and Upgrade”

Who is online

Users browsing this forum: No registered users and 8 guests