Because of Zimbra Patch Alert: the ClamAV package has been upgraded to version 0.105.2 to fix multiple vulnerabilities.
Zimbra 9.0.0 Kepler Patch 31 and 8.8.15 James Prescott Joule Patch 38
As part of this patch, we are releasing the updated ClamAV and its related packages which are installed only on MTA nodes. Since this patch will not get installed on other nodes (e.g. Mailbox, LDAP), it will continue to display the previously installed patch versions as Patch 9.0.0_P30/Patch 8.8.15_P37.
This alert is sent out to all Zimbra partners.
The patches include the following listed in their respective releases
- What’s New
- Security Fixes
- Known Issues
Please refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.
An upgrade to the latest patch for your version is highly recommended. More information about the recommended patch can be found at:
We plan to make additional information available on our Security Center page as it becomes available.
Note: Additional configuration for further hardening your Zimbra setup can be found on the Zimbra Support Portal. It is recommended that all customers consider these additional steps.