Mattermost security updates 10.12.1, 10.11.4 (ESR), and 10.5.12 (ESR) released 

We’re informing you about a Mattermost security update, which addresses low to high severity vulnerabilities. We highly recommend that you apply the update. The security update is available for Mattermost dot releases 10.12.1, 10.11.4 (Extended Support Release), and 10.5.12 (Extended Support Release) for both Team Edition and Enterprise Edition. They are available for download here. You can follow the standard upgrade instructions to apply the updates. 

The 10.12.1 version also includes the following fixes: 

• Pre-packaged MS Teams plugin v2.2.2. 

• Upgraded to go version 1.24.6. 

The 10.11.4 version also includes the following fix: 

• Pre-packaged MS Teams plugin v2.2.2. 

• Upgraded to go version 1.24.6. 

• Fixed an issue with the mmctl system status to return non-zero exit codes when health checks fail, ensuring proper integration with container orchestration health check systems. 

The 10.5.12 version also includes the following fixes: 

• Pre-packaged MS Teams plugin v2.2.2. 

• Upgraded to go version 1.23.12. 

Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.