[Users] Zimbra vulnerability fix in the new patches released today
Fabio S. Schmidt
fabio at bktech.com.br
Thu Jun 4 18:56:56 CEST 2020
Hello Mark,
Thank you for the reply.
I agree that we partners should receive a warning about security fixes before Zimbra releasing a patch. I will discuss this with our Zimbra country manager for Brazil as well.
Best regards.
Fabio S. Schmidt
De: "L Mark Stone" <lmstone at lmstone.com>
Para: "Fabio Soares Schmidt" <fabio at bktech.com.br>, "users" <users at lists.zetalliance.org>
Enviadas: Quinta-feira, 4 de junho de 2020 11:03:46
Assunto: Re: Zimbra vulnerability fix in the new patches released today
We did not get any advance notice Fabio. I can't speak for other Partners.
I have spoken several times with senior Zimbra execs that failing to disclose exploitable security exploits to partners in advance invites bad actors to attempt to perform the exploits.
As a BSP, I was particularly disappointed about the cross-domain GAL search exploit that was fixed in a recent patch.
Usually, we like to test patches before deploying them, but in that case we felt we had no choice but to apply the patch immediately.
Mark
_________________________________________________
L. Mark Stone, Founder
North America's Leading Zimbra VAR/BSP/Training Partner
For Companies With Mission-Critical Email Needs
Need more email security & compliance? Ask me about Mimecast!
From: Users <users-bounces at lists.zetalliance.org> on behalf of Fabio S. Schmidt <fabio at bktech.com.br>
Sent:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20200604/d9bc9264/attachment.html>
More information about the Users
mailing list