Mattermost security update for 5.36.1, 5.35.4, 5.34.5

We’re informing you about a Mattermost security update. This security update addresses a high level severity vulnerability that was discovered during a security research review by @shielder (on HackerOne). We highly recommend that you apply the update.

The security update is available for Mattermost dot releases 5.36.1, 5.35.4, 5.34.5 for both Team Edition and Enterprise Edition. It is available for download here.

Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on the vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.

Mattermost v5.36.1 also resolves the following bug:

  • Added performance improvements by reducing the time taken to re-render when a post is received.

You can follow the standard upgrade instructions to apply the updates.

Share this article:

mm

Amy Blais

Amy Blais is the Release Manager at Mattermost, Inc. Her other roles include Community and Customer Support. She previously served as the company’s Associate Marketing Manager.

To get future blog posts to your inbox, subscribe below.

We use cookies for advertising, social media and analytics purposes. Read about how we use cookies here. By continuing to use this site, you consent to our use of cookies.