[Users] Zimbra vulnerability fix in the new patches released today

Fabio S. Schmidt fabio at bktech.com.br
Thu Jun 4 21:40:23 CEST 2020 

Hello Randy, 

Thank you for the information. I'm happy to see that there is a progress about this demand. 

Best regards. 


De: "Randy Leiker" <randy at skywaynetworks.com> 
Para: "users" <users at lists.zetalliance.org> 
Enviadas: Quinta-feira, 4 de junho de 2020 15:44:16 
Assunto: Re: [Users] Zimbra vulnerability fix in the new patches released today 

Fabio, 

In the Zeta Call Summary for June 2nd that I sent out last night, take a look at the section titled "Advance Patch Release Notes For Zimbra Partners". I think it will be of help as it relates to advance Zimbra partner notifications for security fixes. 


Randy Leiker ( randy at skywaynetworks.com ) 
Skyway Networks, LLC 


From: "Fabio S. Schmidt" <fabio at bktech.com.br> 
To: "users" <users at lists.zetalliance.org> 
Sent: Thursday, June 4, 2020 11:56:56 AM 
Subject: Re: [Users] Zimbra vulnerability fix in the new patches released today 



Hello Mark, 




Thank you for the reply. 




I agree that we partners should receive a warning about security fixes before Zimbra releasing a patch. I will discuss this with our Zimbra country manager for Brazil as well. 




Best regards. 

Fabio S. Schmidt 

De: "L Mark Stone" <lmstone at lmstone.com> 
Para: "Fabio Soares Schmidt" <fabio at bktech.com.br>, "users" <users at lists.zetalliance.org> 
Enviadas: Quinta-feira, 4 de junho de 2020 11:03:46 
Assunto: Re: Zimbra vulnerability fix in the new patches released today 

We did not get any advance notice Fabio. I can't speak for other Partners. 

I have spoken several times with senior Zimbra execs that failing to disclose exploitable security exploits to partners in advance invites bad actors to attempt to perform the exploits. 

As a BSP, I was particularly disappointed about the cross-domain GAL search exploit that was fixed in a recent patch. 

Usually, we like to test patches before deploying them, but in that case we felt we had no choice but to apply the patch immediately. 

Mark 


_________________________________________________ 
L. Mark Stone, Founder 

North America's Leading Zimbra VAR/BSP/Training Partner 
For Companies With Mission-Critical Email Needs 
Need more email security & compliance? Ask me about Mimecast! 


From: Users <users-bounces at lists.zetalliance.org> on behalf of Fabio S. Schmidt <fabio at bktech.com.br> 
Sent: 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20200604/1d80db9b/attachment.html>

More information about the Users mailing list