Zammad 3.3 is available

I’m fairly late - sorry about that. Zammad 3.3 is out and mainly focusses on security fixes.

We strongly encourage users to update their existing installations.
Some of these security issues are rated high and thus may be very crucial for your installation!

For the records, here’s a list of the advisories:

1. technical remarks / changes

1.1 Elasticsearch search index

Please note that with updating to Zamamd 3.3, just like Zammad 3.2 a reindex (zammad run rake searchindex:rebuild) of your Zammad installation is required.

Attention docker-compose users:
Please note that Zammad 3.3.0-12 upgrades the elasticsearch being used - this requires you to remove the existing indicies. More information on this topic can be found here: https://github.com/zammad/zammad-docker-compose#from--330-12

1.2 Possible need to update your vhost configuration

Our default configuration files we suggest earlier provided the webserver version being used. This is potentially a bad idea.

nginx users

Nginx users simply add the following directive to your configuration:
server_tokens off;

You can also set this globally within your nginx.conf if needed

apache2 users

Apache2 users just have to add ServerTokens Prod or (even you want to be even sneakier) ServerSignature Of to your vhost or webserver configuration.

Just like nginx you can set this globally if needed.

1.3 performance improvements

With Zammad 3.3 we’re happy to announce that we could further tweak Zammads performance. Searchindex updates are now much faster and priotize less important than communication tasks with your users.

This should also help greatly during performance issues, as on earlier versions raising counts of delayed jobs (mainly for searchindexes) were also holding back communication tasks.

Amazing news, right?!

2. Feature addition to triggers and schedulers

We’re happy to announce that you now can also use calendars within triggers and schedulers. This allows you to only fire e.g. during or outside of your business hours.

This allows you to e.g. send very specific mails to your users. We hope that this helps you and your users to be even more flexible.


That’s it for now - happy hacking as we at Zammad would say! :slight_smile:

3 Likes