Mattermost security updates 7.10.3 / 7.9.5 / 7.8.7 (ESR) released
We’re informing you about a Mattermost security update, which addresses low- to medium-level severity vulnerabilities. We highly recommend that you apply the update.
The security update is available for Mattermost dot releases 7.10.3, 7.9.5, and 7.8.7 (Extended Support Release), for both Team Edition and Enterprise Edition. They are available for download here.
Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.
7.10.3 version also resolves the following bugs:
- Updated prepackaged Boards to v7.10.4.
- Included prepackaged Welcomebot plugin v1.3.0.
- For servers wanting to allow websockets to connect from other origins, please set the
ServiceSettings.AllowCorsFrom
config setting.
7.9.5 version also resolves the following bugs:
- Updated prepackaged Boards to v7.9.6.
- For servers wanting to allow websockets to connect from other origins, please set the
ServiceSettings.AllowCorsFrom
config setting.
7.8.7 version also resolves the following bugs:
- Updated prepackaged Boards to v7.8.7.
- Fixed typo in the database migration scripts that broke idempotency.
- For servers wanting to allow websockets to connect from other origins, please set the
ServiceSettings.AllowCorsFrom
config setting.
You can follow the standard upgrade instructions to apply the updates.