We’re informing you about a Mattermost security update, which addresses low- to medium-level severity vulnerabilities. We highly recommend that you apply the update.
The security update is available for Mattermost dot releases 9.10.1, 9.9.2, 9.8.3, and 9.5.8 (Extended Support Release), for both Team Edition and Enterprise Edition. They are available for download here.
Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.
The v9.10.1 version also includes the following fixes:
- Pre-packaged Mattermost Copilot plugin version v0.8.3.
- Ensured that the web app only requests notification permissions when needed. Fixed an issue with desktop notifications not being sent on Safari.
- Fixed an issue where the app crashed on iOS Safari.
The v9.5.8 version also includes the following fix:
- Fixed an issue with text that looked like an emoji but wasn’t rendered in its original case.
You can follow the standard upgrade instructions to apply the updates.
The post Mattermost security updates 9.10.1 / 9.9.2 / 9.8.3 / 9.5.8 (ESR) released appeared first on Mattermost.