[Users] Zimbra 8.8.8 Patch 1 release - Seems to break FOSS only servers
Barry de Graaff
info at barrydegraaff.tk
Tue Apr 17 12:45:10 CEST 2018
I am with David on this, as long as the `releases` are as
confusing as they are now, and there remains a need to do
stuff manually. Automatic upgrades do not make sense.
I have no longer a clue on what can be considered a
stable release, nor what the release schedule is.
That is some basic info that I need for planning..
Security patches should come from a repo and should work
automatically. Version upgrades should be done manual.
Like Debian. IMHO.
Maybe Zimbra could do a little more on the communication to
explain what they are trying to achieve with the repo atm?
Barry de Graaff
Co-founder & Developer
zetalliance.org | github.com/Zimbra-Community
+31 617 220 227 | skype: barrydegraaff.tk
----- Original Message -----
From: "David Touitou" <david at network-studio.com>
To: "Lorenzo Milesi" <maxxer at yetopen.it>
Cc: "users" <users at lists.zetalliance.org>
Sent: Tuesday, April 17, 2018 12:24:30 PM
Subject: Re: [Users] Zimbra 8.8.8 Patch 1 release - Seems to break FOSS only servers
>> Look at the IMAP issue in 8.8.6 (bug #108414).
>> Do you seriously want your system to upgrade automatically to such a version?
> We're talking about security updates, not version upgrades.
They have not released any "security updates" yet.
They release a mix of "security updates and bug fixes" through patches or new versions.
8.8.8-P1 is such a patch, it's a mix.
So let them first prove us they're able to release QA'ed security updates.
For all supported versions (*).
And we'll have the talk about "automatic upgrades".
(*) As you might guess, I'm thinking of 8.6.
It's supported but not patched against known vulnerabilities.
8.6's last patch was released _one_month_ after they knew about CVE-2018-6882.
It was done on purpose, they chosed not to provide a fix within previous patch.
I got a mail yesterday they eventually backported the fix but still don't know when they'll release it (next patch)
More information about the Users