Mattermost security updates 11.1.1, 11.0.6, 10.12.4, and 10.11.8 (ESR) released 

We’re informing you about a Mattermost security update, which addresses a Critical severity vulnerability in the Jira plugin. Upgrading to this release as soon as possible is highly recommended. The security update is available for Mattermost dot releases 11.1.1, 11.0.6, 10.12.4, and 10.11.8 (Extended Support Release) for both Team Edition and Enterprise Edition. They are available for download here. You can follow the standard upgrade instructions to apply the updates. 

The 11.1.1, 11.0.6, 10.12.4, and 10.11.8 versions include the following fix: 

• Pre-packaged Jira plugin version v4.4.1.

The 11.1.1 version also includes the following fixes: 

• Fixed an issue where thread popouts did not show the current user’s status. 

• Fixed an issue where clicking on a permalink to a reply in another thread would not navigate the main window. 

• Fixed an issue where users could not add bots without an error message popping up. 

Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.