Check out the Security Fixes, What's New, Fixed Issues and Known Issues for this version of Zimbra Collaboration. As always, you’re encouraged to tell us what you think in the Forums, or open a support ticket to report issues.

Security Fixes

Information about security fixes, security response policy and vulnerability rating classification are listed below. See the Zimbra Security Response Policy and the Zimbra Vulnerability Rating Classification information below for details.

Bug#	Summary	CVE-ID	CVSS Score	Zimbra Rating	Fix Release or Patch Version
109017	Non-persistent XSS - Web Client (HTML Search) [CWE-79]	CVE-2018-14013	4.3	Minor	8.8.11

What's New

 

Zimbra Collaboration Suite: Added UI support for "Default Calendar" user preference, zimbraPrefDefaultCalendarId. This can be set to any calendar folder on which the account user has write permissions (default: the primary calendar). All subsequent new appointments will be created in the selected default calendar. (See Known Issues.) Enhanced calendar free/busy reporting via Exchange Web Services. Added support for Detailed, Merged, FreeBusy View in ExchangeEWSFreeBusyProvider class in zm-mailbox.

Zimbra Connector for Outlook: Packaged the version of ZCO previously released with 8.8.10 Patch 4, with support for Outlook 2019 plus Outlook 2019 Click-to-run.

Zimbra Docs: No change.

Backup NG: No change.

Mobile NG: No change.

HSM NG: No change.

NG Admin Console: Improved HSM WebAdmin page: Added the capability to manage "cache" and "incoming" paths; Added checks and warning if the "incoming" is not properly configured in the "Add Primary storage" wizard

Zimbra Chat: No change.

Zimbra Drive NG (Beta) Advanced Search Panel Incremental migration from Briefcase Legacy Zimbra Drive based on Nextcloud / Owncloud integration has been renamed "Open Drive", and is compatible with: NextCloud versions 9, 10, 11, 12 and 13 only (See NextCloud store for latest.) ownCloud versions 9.0, 9.1, and 10 only