Mattermost security update 4.3.1/4.2.1/4.1.2 released

We are releasing a recommended security update via Mattermost Team Edition 4.3.1, 4.2.1, and 4.1.2 and Mattermost Enterprise Edition 4.3.1, 4.2.1, and 4.1.2. This security update addresses a low severity vulnerability discovered during a security research review by Frans Rosén.

Follow the standard upgrade instructions to apply the updates.

Per the Mattermost Responsible Disclosure Policy, details of the update will be posted on our security updates page 14 days after release.

Mattermost 4.3.1 also resolves the following bugs in the Mattermost 4.3 release:

  • Fixed an upgrade issue where the database schema would appear to be out of date and throw a log warning (#7959).
  • Fixed the Idle Timeout setting in config.json by changing the setting title from SessionIdleTimeout to SessionIdleTimeoutInMinutes (#7960).
  • Fixed a regression where slash commands were not functional in Direct or Group Messages (#7915).

Share this article:


Amy Blais

Amy Blais is the Release Manager at Mattermost, Inc. Her other roles include Community and Customer Support. She previously served as the company’s Associate Marketing Manager.

To get future blog posts to your inbox, subscribe below.

We use cookies for advertising, social media and analytics purposes. Read about how we use cookies here. By continuing to use this site, you consent to our use of cookies.