Mattermost security updates 9.4.3, 9.3.2, 9.2.6, 8.1.10 (ESR) available

By Darren Nathanael, Mattermost on Tue, Feb 20, 2024

Update your Mattermost installation! Just got this mail @ 16:15 UTC Feb / 20 / 2024


Dear customer,

We’re writing to inform you about a Mattermost security update. This security update addresses low to high level severity vulnerabilities that were discovered during security research reviews by vultza (via HackerOne), Leandro Chaves (via HackerOne), themarkib0x0 (via HackerOne), and Juho Nurminen. The security update is available for Mattermost releases 9.4.3, 9.3.2, 9.2.6, 8.1.10 (Extended Support Release), for both Team Edition and Enterprise Edition. They are available for download here. Please follow the standard upgrade instructions to apply updates.

Your safety and data security is of utmost priority for Mattermost. For all our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on the vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.

Sincerely,
The Mattermost product and security team

© Mattermost, Inc. 2024.
530 Lytton Avenue, Suite 201, Palo Alto, CA, 94301, USA