A critical security vulnerability is addressed in the 8.0.6 and 7.2.6 maintenance releases for Zimbra Collaboration (formerly Zimbra Collaboration Server). We strongly advise all customers to update as soon as possible. Customers and partners may download it at Zimbra.com.
This issue is being tracked in our Bugzilla system as the following:
Bug # 84547 Summary: Critical Security Vulnerability Affected Version: 7.2.5 and 8.0.5 and all previous releases
To protect customers, the bug is marked as private in our system and technical details are not publicly available. Patch releases will also be provided for the following maintenance releases: 7.2.2, 7.2.3, 7.2.4, 7.2.5, 8.0.3, 8.0.4, 8.0.5.
These patches will be available in mid-January, so we strongly advise customers and partners to update to 8.0.6 and 7.2.6 maintenance releases before then. At that time, more information about the nature of the vulnerability will be made available.
Please note that this is a separate issue from the issue that was reported on December 6, 2013 on exploit-db. This issue affected releases 8.0.2 and 7.2.2 and prior. It was resolved in February 2013 in 8.0.2 patch 1 and 7.2.2 patch 1 and all subsequent releases.
With the release of Zimbra Collaboration 8.0.6, we announced the end-of-life of our Zimbra Collaboration Appliance. With this release, we are not providing further updates to the Zimbra Appliance, and Appliance users are encouraged to follow our recommended upgrade path to Zimbra Collaboration (formerly Zimbra Collaboration Server) at their earliest convenience. Learn more about this announcement here.
In case you missed our webinar on email collaboration in the private cloud at the beginning of the month, it is now available on demand. Zimbra's VP of Product, Jon Dybik, discusses how Zimbra Collaboration (formerly Zimbra Collaboration Server), an integrated email, calendaring, file sharing and collaboration solution, is changing how businesses operate and how employees interact. Plus, Jon highlights the latest architectural enhancements and features for Zimbra Collaboration, and provides a demo of upcoming email innovations for 2014 and beyond.
View the webinar today.
Our new Telecom Interactive Voice Response (IVR) menu and Direct Inward Dialing (DID) numbers systems are now live. The main goal of these new support systems is to improve customer experience by getting our global customers, partners and any other caller to the right place on the first try, 24x7. With the new systems in place, our intent is to have live answers to calls around the clock (no voicemail) and resolve the need of each caller on the first call if possible.
Interested in joining the Zimbra team? Zimbra is growing and currently has over two dozen job openings. Recent openings include:
Rob Howard, Zimbra Chief Technology Officer, shares his thoughts on social community and gamification in two recently published articles.
Interested in how government agencies are using online communities? Check out this article from Nextgov on the Defense Department's All Partners Access Network.
We are in the process of updating Zimbra.com, including our blog and forums, to reflect our new look and company information.
Download a 60-day free trial of Zimbra Collaboration.
Zimbra Experienced Strong Growth & Momentum in Q1 FY2014.
In last month's newsletter, we announced that we officially said goodbye to the Telligent social channels on November 11. As a reminder, we invite all of you to now join us in our Zimbra social channels for all the latest news, updates and conversations!