Zimbra : Blog (original) (raw)

https://blog.zimbra.com/All Things Zimbra Thu, 28 May 2026 09:31:58 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 Patch Release Update: Zimbra 10.1.17 https://blog.zimbra.com/2026/05/patch-release-update-zimbra-10-1-17/https://blog.zimbra.com/2026/05/patch-release-update-zimbra-10-1-17/#respond Thu, 28 May 2026 09:31:58 +0000 https://blog.zimbra.com/?p=14378 Patch Security Severity: Medium Deployment Risk: Low We have released Zimbra Version 10.1.17, bringing meaningful improvements across the Modern WebClient — from how you compose and read email to how you schedule meetings — along with fixes for ZCO, mobile, and server components, and several important security patches your teams should be aware of. Zimbra 10.1.17 […]

The post Patch Release Update: Zimbra 10.1.17 appeared first on Zimbra : Blog.

]]> Patch Security Severity: Medium

Deployment Risk: Low

We have released Zimbra Version 10.1.17, bringing meaningful improvements across the Modern WebClient — from how you compose and read email to how you schedule meetings — along with fixes for ZCO, mobile, and server components, and several important security patches your teams should be aware of.

We strongly recommend all admins and users to upgrade for improved stability and enhanced email compatibility.

What’s New in 10.1.17

Security Patches

⚠ RHEL 9 and Ubuntu 22: SSHA256 password hashes on these platforms may cause authentication failures after password changes or migrations. Reset affected user passwords post-upgrade to restore access — passwords generated after the fix will be created correctly.

Key Bug & Improvements

Additional Fixed Issues

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.17 appeared first on Zimbra : Blog.

]]> https://blog.zimbra.com/2026/05/patch-release-update-zimbra-10-1-17/feed/ 0 Product Advisory: zmpurgeoldmbox May Delete External Storage Blobs After Mailbox Migration https://blog.zimbra.com/2026/03/product-advisory-zmpurgeoldmbox-may-delete-external-storage-blobs-after-mailbox-migration/ Fri, 27 Mar 2026 05:39:58 +0000 https://blog.zimbra.com/?p=14367 Applies to: Zimbra Collaboration Suite 10.1.15, 10.1.16 with external object storage (Scality, S3, OpenIO) Summary A regression in ZCS 10.1.15 causes zmpurgeoldmbox to delete external blobs (Scality, S3, OpenIO) after mailbox migration, even when zimbraMailboxMoveSkipBlobs=TRUE. This results in permanent, irrecoverable email data loss on the destination server. A fix is targeted for the 10.1.17 patch release. Until then, do not run zmpurgeoldmbox after mailbox migrations if you […]

The post Product Advisory: zmpurgeoldmbox May Delete External Storage Blobs After Mailbox Migration appeared first on Zimbra : Blog.

]]> Applies to: Zimbra Collaboration Suite 10.1.15, 10.1.16 with external object storage (Scality, S3, OpenIO)

Summary

What Happened

In ZCS 9.0, running zmpurgeoldmbox after a zmmboxmove correctly cleaned up only local metadata (MySQL + Lucene indexes) on the source server, leaving external blobs untouched. In ZCS 10.1.15, a code change inadvertently altered the logic that identifies external/centralized storage. As a result:

Am I Affected?

You are affected if all of the following are true:

  1. You are running ZCS 10.1.15 or 10.1.16
  2. You use external object storage (Scality, S3, OpenIO, or similar) as a primary or secondary (HSM) volume — especially with unified storage enabled
  3. You perform mailbox migrations using zmmboxmove with blob-skipping attributes (zimbraMailboxMoveSkipBlobs=TRUE or zimbraMailboxMoveSkipHsmBlobs=TRUE)
  4. You run zmpurgeoldmbox on the source server after migration

If you use only local (internal) storage and no external object storage, this issue does not affect you.

Behavior Comparison: ZCS 9.0 vs 10.1.15

Scenario ZCS 9.0 ZCS 10.1.15 (Bug)
External/unified storage, no –forceDeleteBlobs Blobs preserved Blobs DELETED
External/unified storage, with –forceDeleteBlobs Blobs preserved * Blobs DELETED
Internal (local) storage only Blobs deleted (expected) Blobs deleted (expected)

* In ZCS 9.0, –forceDeleteBlobs was not implemented for external stores (Bug 96149). It is being properly implemented as part of the fix.

Immediate Workaround

The Fix

The corrected behavior in 10.1.17 will be:

Storage Type Without –forceDeleteBlobs With –forceDeleteBlobs
Internal (local) Blobs deleted Blobs deleted
External (non-unified) Blobs preserved Blobs deleted
External (unified) Blobs preserved Blobs deleted

What To Do Next

  1. Immediately stop running zmpurgeoldmbox after mailbox migrations in any environment with external storage. Disable related automation.
  2. Audit recent migrations: if zmpurgeoldmbox was already run, verify blob integrity on the destination server using:

zmprov gmi user@example.com

zmblobchk -m -v –output-used-blobs start

If the output shows “blob not found” errors for external locators (containing @@), those blobs have been deleted.

  1. If data loss has occurred, check if your object storage provider supports versioning or soft-delete, there may be a recovery path.
  2. Plan for the 10.1.17 patch: after upgrading, you can safely resume zmpurgeoldmbox and clean up residual metadata from the workaround period.

Questions?

If you have questions, please contact Zimbra Support.

Affected versions: ZCS 10.1.15 through 10.1.16 (all editions)

Fix version: ZCS 10.1.17 (targeted)

Tracking reference: ZBUG-5265

Severity: Critical — potential data loss

The post Product Advisory: zmpurgeoldmbox May Delete External Storage Blobs After Mailbox Migration appeared first on Zimbra : Blog.

]]> Patch Release Update: Zimbra 10.1.16 https://blog.zimbra.com/2026/02/patch-release-update-zimbra-10-1-16/ Wed, 04 Feb 2026 10:06:56 +0000 https://blog.zimbra.com/?p=14351 We heard you! Enhanced Backup and Restore has been a top request from your customers, and from you. We know how critical this is for your deployments, and we’re grateful you stayed with us while we delivered on the commitment we made on our product roadmap. Stay tuned — more of those roadmap features are […]

The post Patch Release Update: Zimbra 10.1.16 appeared first on Zimbra : Blog.

]]> We heard you! Enhanced Backup and Restore has been a top request from your customers, and from you. We know how critical this is for your deployments, and we’re grateful you stayed with us while we delivered on the commitment we made on our product roadmap. Stay tuned — more of those roadmap features are coming throughout 2026.

In addition, this patch addresses multiple security vulnerabilities and Modern Web App improvements designed to streamline your email management and collaboration.

Patch Security Severity: High

Deployment Risk: High

We strongly recommend all admins and users to upgrade to Zimbra 10.1.16 for improved stability and enhanced email compatibility.

What’s New in 10.1.16

This release introduces major enhancements to the Backup & Restore module, delivering massive gains in performance and disk usage efficiency. Customers can experience up to 50% faster backup performance and up to 45% reduction in storage consumption, while maintaining full backward compatibility.

Backup and Restore Enhancements

For more details on the enhancements, configuration details, and upgrade guidance, see our Backup and Restore section in the admin guide.

Security Fixes

This release includes important security enhancements and stability improvements:

Key Modern Web App Improvements

Ubuntu 24 Support (Beta)

Ubuntu 24 Support (Beta) is now available with this release.

⚠ Beta Notice: Beta features are unsupported and intended for lab/testing environments only. Do not deploy on production systems.

Additional Improvements and Fixed Issues

Modern Web App Improvements

Additional Fixed Issues

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.16 appeared first on Zimbra : Blog.

]]> Patch Release Update: Zimbra 10.1.15 https://blog.zimbra.com/2025/11/patch-release-update-zimbra-10-1-15/ Tue, 25 Nov 2025 08:35:28 +0000 https://blog.zimbra.com/?p=14341 Patch Security Severity: Low Deployment Risk: Low We have released Zimbra Version 10.1.15, improving email rendering compatibility while maintaining critical security protections. Zimbra 10.1.15 (Release Notes) We strongly recommend all admins and users to upgrade to Zimbra 10.1.15 for improved stability and enhanced email compatibility. End of Life Notice: 10.0 Zimbra 10.0 will reach End of […]

The post Patch Release Update: Zimbra 10.1.15 appeared first on Zimbra : Blog.

]]> Patch Security Severity: Low

Deployment Risk: Low

We have released Zimbra Version 10.1.15, improving email rendering compatibility while maintaining critical security protections.

We strongly recommend all admins and users to upgrade to Zimbra 10.1.15 for improved stability and enhanced email compatibility.

End of Life Notice: 10.0

Zimbra 10.0 will reach End of Life on December 31, 2025. Customers using this version are advised to plan their upgrade/migration to the 10.1 version (our current supported version) to ensure continued security updates and access to the latest features. For assistance during this transition, our support team is available to address any inquiries.

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.15 appeared first on Zimbra : Blog.

]]> Emergency Patch Release: Zimbra 10.1.14 https://blog.zimbra.com/2025/11/emergency-patch-release-zimbra-10-1-14/ Wed, 12 Nov 2025 06:01:45 +0000 https://blog.zimbra.com/?p=14331 EMERGENCY SECURITY PATCH We have released Zimbra Version 10.1.14 to address a critical issue in Version 10.1.13 that impacts IMAP synchronization across multi-server Zimbra environments, causing incorrect message display and synchronization failures. For complete details and implementation guidance, please refer to our release notes: Zimbra 10.1.14 (Release Notes) Customers on Version 10.1.13 Patch Security Severity: Low […]

The post Emergency Patch Release: Zimbra 10.1.14 appeared first on Zimbra : Blog.

]]> EMERGENCY SECURITY PATCH

We have released Zimbra Version 10.1.14 to address a critical issue in Version 10.1.13 that impacts IMAP synchronization across multi-server Zimbra environments, causing incorrect message display and synchronization failures.

For complete details and implementation guidance, please refer to our release notes:

Customers on Version 10.1.13

Patch Security Severity: Low

Deployment Risk: Low

We strongly encourage all customers with a high IMAP user base who have upgraded to Version 10.1.13 to upgrade to Zimbra 10.1.14 immediately. Customers on Version 10.1.13 with a low IMAP usage pattern may continue using the current version and wait for the upcoming Version 10.1.15.

Customers on Version 10.1.12 or earlier

Patch Security Severity: High

Deployment Risk: Low

Customers currently on Patch Version 10.1.12 or earlier are recommended to upgrade directly to Version 10.1.14 for improved stability and fixes.

This new patch version also resolved slowdown issues when switching to the Zimbra user post-upgrade to Version 10.1.13. User switching is now significantly faster and more responsive through optimized license data caching.

End of Life Notice: Zimbra 10.0

Zimbra 10.0 will reach End of Life on December 31, 2025. Customers using this version are advised to plan their upgrade/migration to the 10.1 version (our current supported version) to ensure continued security updates and access to the latest features. For assistance during this transition, our support team is available to address any inquiries.

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Emergency Patch Release: Zimbra 10.1.14 appeared first on Zimbra : Blog.

]]> Patch Release Update: Zimbra 10.1.13, 10.0.18 https://blog.zimbra.com/2025/11/patch-release-update-zimbra-10-1-13-10-0-18/ Thu, 06 Nov 2025 08:50:45 +0000 https://blog.zimbra.com/?p=14318 Patch Security Severity: High Deployment Risk: Medium This patch fixes a stored cross-site scripting (XSS) vulnerability and enhances protection by upgrading AntiSamy to version 1.7.8 and removing the outdated code. It includes critical fixes and user experience improvements for the following editions: Zimbra 10.1.13 (Release Notes) Zimbra 10.0.18 (Release Notes) We recommend all administrators and users […]

The post Patch Release Update: Zimbra 10.1.13, 10.0.18 appeared first on Zimbra : Blog.

]]> Patch Security Severity: High

Deployment Risk: Medium

This patch fixes a stored cross-site scripting (XSS) vulnerability and enhances protection by upgrading AntiSamy to version 1.7.8 and removing the outdated code. It includes critical fixes and user experience improvements for the following editions:

We recommend all administrators and users to apply this update to strengthen your system’s stability and ensures uninterrupted service performance.

What’s New in 10.1.13

Communication & Collaboration

Modern UI Enhancements

Security Updates

Performance Optimizations

End of Life Notice: 10.0

Zimbra 10.0 will reach End of Life on December 31, 2025. Customers using this version are advised to plan their upgrade/migration to the 10.1 version (our current supported version) to ensure continued security updates and access to the latest features. For assistance during this transition, our support team is available to address any inquiries.

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.13, 10.0.18 appeared first on Zimbra : Blog.

]]> Emergency Patch Release: Zimbra 10.1.12 https://blog.zimbra.com/2025/10/patch-release-update-zimbra-10-1-12/ Thu, 16 Oct 2025 08:40:56 +0000 https://blog.zimbra.com/?p=14310 EMERGENCY SECURITY PATCH Patch Security Severity: High Deployment Risk: Low This patch fixes a critical security vulnerability related to a Server-Side Request Forgery (SSFR) in the chat proxy configuration. We recommend all users and administrators, especially those on Zimbra versions 10.1.5 to 10.1.11 to apply this update immediately. It will strengthen your system’s stability and ensures […]

The post Emergency Patch Release: Zimbra 10.1.12 appeared first on Zimbra : Blog.

]]> EMERGENCY SECURITY PATCH

Patch Security Severity: High

Deployment Risk: Low

This patch fixes a critical security vulnerability related to a Server-Side Request Forgery (SSFR) in the chat proxy configuration.

We recommend all users and administrators, especially those on Zimbra versions 10.1.5 to 10.1.11 to apply this update immediately. It will strengthen your system’s stability and ensures uninterrupted service performance:

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Emergency Patch Release: Zimbra 10.1.12 appeared first on Zimbra : Blog.

]]> Patch Release Update: Zimbra 10.1.11, 10.0.17 https://blog.zimbra.com/2025/08/patch-release-update-zimbra-10-1-11-10-0-17/ Fri, 08 Aug 2025 10:39:18 +0000 https://blog.zimbra.com/?p=14300 Patch Security Severity: Low Deployment Risk: Low This patch updated on August 8th, 2025 includes hotfix for the following editions: Zimbra 10.1.11 (Release Notes) Zimbra 10.0.17 (Release Notes) Hotfix for 10.1.11 & 10.0.17 ActiveSync: Resolves an issue that was affecting the iOS Mail app, ensuring improved functionality for all users. We recommend applying this hotfix for a […]

The post Patch Release Update: Zimbra 10.1.11, 10.0.17 appeared first on Zimbra : Blog.

]]> Patch Security Severity: Low

Deployment Risk: Low

This patch updated on August 8th, 2025 includes hotfix for the following editions:

Hotfix for 10.1.11 & 10.0.17

ActiveSync: Resolves an issue that was affecting the iOS Mail app, ensuring improved functionality for all users. We recommend applying this hotfix for a seamless experience.

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.11, 10.0.17 appeared first on Zimbra : Blog.

]]> Patch Release Update: Zimbra 10.1.10, 10.0.16 https://blog.zimbra.com/2025/07/patch-release-update-zimbra-daffodil-10-1-10-10-0-16/ Fri, 18 Jul 2025 08:34:42 +0000 https://blog.zimbra.com/?p=14242 Patch Security Severity: Medium Deployment Risk: Low This patch updated on July 18th, 2025 focuses on essential fixes and user experience improvements for the following editions: Zimbra 10.1.10 (Release Notes) Zimbra Daffodil 10.0.16 (Release Notes) End of Life (EOL) Notice Zimbra Daffodil 10.0: Zimbra Daffodil 10.0 reached the end of General Support on June 30th, […]

The post Patch Release Update: Zimbra 10.1.10, 10.0.16 appeared first on Zimbra : Blog.

]]> Patch Security Severity: Medium

Deployment Risk: Low

This patch updated on July 18th, 2025 focuses on essential fixes and user experience improvements for the following editions:

End of Life (EOL) Notice

Zimbra Daffodil 10.0: Zimbra Daffodil 10.0 reached the end of General Support on June 30th, 2025, and is set to reach EOL on December 31st, 2025. No further updates will be provided after this date. Customers using these versions are advised to plan their migration to the 10.1 version to ensure continued security updates and access to the latest features.

Zimbra 9.0: Zimbra 9.0 reached EOL on June 30th, 2025.

We strongly recommend upgrading to a supported version like Zimbra 10.1 to maintain security, performance, and access to our dedicated support. We’re here to help make this transition as smooth as possible:

CentOS 7, RHEL 7, and Oracle Linux 7

RHEL7 and CentOS 7 reached EOL in June 2024, and Oracle Linux 7 in December 2024.

Zimbra will deprecate support for these operating systems following the release of Zimbra 10.1.10 by July 2025. After this release, no further updates, patches, or official support will be provided for RHEL/CentOS/Oracle 7 operating systems.

We recommend upgrading to RHEL/Rocky/Oracle Linux 9. For assistance, please contact our Support team.

Things to know before you upgrade

Changes to SpamAssassin

Apache SpamAssassin has been upgraded to version 4.0.1 to fix multiple bugs. If you have made custom changes to this file, please back up your current file before the upgrade and after the upgrade, re-apply your changes manually to the new salocal.cf.in. Please refer to the Release Notes for more details.

What’s New in 10.1.10

User Interface (UI) & Usability:

Password expiry reminder

This feature allows system administrators to enable password expiry reminders for users so that they are informed about the upcoming password expiration of their account and accordingly can take the required action.

Modern UI Enhancements

Display a tag icon in the message list

Tagged emails and conversations threads will now display a tag icon directly in the message list, positioned near the attachment icon.

Improved Dark Mode

Previously, mail contents was not visible as expected in dark mode. Modern UI dark theme has been improved to ensure mail contents are displayed correctly.

Smart Scroll Handling

The chat interface now auto-scrolls to new messages, even in active conversations.

Preview markdown files in Modern UI

This feature supports previewing attached Markdown (.md) files directly within the Modern UI. Users can view Markdown content seamlessly in side panel, files stored in Briefcase and included in calendar invites.

Security

Block attachment downloads

Modern UI The “zimbraAttachmentsBlocked” attribute now works as expected for the Modern UI. When it is set to true, it blocks attachment downloads for the emails with attachments.

Provide a new option to update the digital certificate for S/MIME

Users can now not only upload but also replace or remove the digital uploaded S/MIME certificate.

Communication & Collaboration

ZCO / ActiveSync / EWS

Multiple enhancements and fixes in calendaring, sharing, delegation, and mail syncing with Outlook and other Apps.

Chat

Security Fix 10.1.10 & 10.0.16

Refer to our Zimbra Security Center to ensure your system is safe.

Fixed Issues – 10.1.10

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Patch Release Update: Zimbra 10.1.10, 10.0.16 appeared first on Zimbra : Blog.

]]> Emergency Patch Release: Zimbra Daffodil 10.1.9, 10.0.15 and Zimbra 9.0.0 P46 https://blog.zimbra.com/2025/06/emergency-patch-release-zimbra-daffodil-10-1-9-10-0-15-and-zimbra-9-0-0-p46/ Wed, 18 Jun 2025 08:13:35 +0000 https://blog.zimbra.com/?p=14179 Patch Security Severity: High Deployment Risk: Low This patch updated on June 18, 2025 focuses on essential security fixes for the following editions: Zimbra Daffodil 10.1.9 (Release Notes) Zimbra Daffodil 10.0.15 (Release Notes) 9.0.0 P46 (Release Notes) Security Fix – 10.1.9, 10.1.15, 9.0.0 P46 Addressed a XSS attack with ICS file in Classic UI Addressed a denial […]

The post Emergency Patch Release: Zimbra Daffodil 10.1.9, 10.0.15 and Zimbra 9.0.0 P46 appeared first on Zimbra : Blog.

]]> Patch Security Severity: High

Deployment Risk: Low

This patch updated on June 18, 2025 focuses on essential security fixes for the following editions:

Security Fix 10.1.9, 10.1.15, 9.0.0 P46

Please note that this is the final patch release for:

After this date, no further updates will be provided to the 10.0.x and 9.0 editions.

We’re Here to Support Your Migration

We strongly recommend upgrading to a supported version like Zimbra Daffodil 10.1 to maintain security, performance, and access to our dedicated support. We’re here to help make this transition as smooth as possible:

To ensure you benefit from the most secure and advanced solutions, please note the upcoming product lifecycle updates for the following Zimbra editions:

Upgrade Documents

Non-NG setup

In-Place Upgrade Guide (Single and Multi-Node setup)

Rolling-Upgrade Guide (Multi-Node setup)

NG setup – For 9.0.0, 8.8.15 (Network and FOSS)

In-Place Upgrade Multi-Node | In-Place Upgrade Single-Node

Rolling Upgrade Multi-Node | Rolling Upgrade Single-Node

For assistance during this transition, contact Zimbra Support.

Zimbra Daffodil 10.1 is the active and supported version.

CentOS/RHEL 7 OS and Oracle Linux 7

It is equally important to install operating system security updates and have Zimbra run on supported operating systems. After July 1, 2025, RHEL/CentOS 7 and Oracle Linux 7 will no longer be supported for Zimbra.

We recommend upgrading to RHEL/Rocky/Oracle Linux 9. If you have questions or need guidance with upgrading your operating system, please open a support case through the Zimbra Support.

We continuously offer our Buy One, Get One promotion on Zimbra Advanced Chat.

Key Offer Details:

#ICYMI (In-Case-You-Missed-It)

New License Key Required for Zimbra Daffodil 10.1

It is mandatory to obtain a new license key to run the Zimbra Daffodil 10.1 software.
You will not be able to proceed without a new Zimbra Daffodil V10.1 license key (including trial license). Watch the video or read the blog to find out more.

Youtube Link to License Management Video

YouTube link to License Management Video

Refer to the release notes for the patch installation on Red Hat and Ubuntu platforms.

An upgrade to the latest patch for your version is highly recommended. Refer to our blog and the Zimbra Security Center for steps to ensure your system is safe.

Customer Feedback Portal

Vote on suggested features, propose your own and stay updated with our product roadmap. Join us at pm.zimbra.com, our dedicated customer portal, for product feedback. Contribute to Zimbra’s evolution!

The post Emergency Patch Release: Zimbra Daffodil 10.1.9, 10.0.15 and Zimbra 9.0.0 P46 appeared first on Zimbra : Blog.

]]>