Mattermost security updates 7.8.1 (ESR) / 7.7.2 / 7.1.6 (ESR) released
We’re informing you about a Mattermost security update, which addresses medium- to high-level severity vulnerabilities. We highly recommend that you apply the update.
The security update is available for Mattermost dot releases 7.8.1 (Extended Support Release), 7.7.2, 7.1.6 (Extended Support Release) for both Team Edition and Enterprise Edition. They are available for download here.
Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.
Mattermost 7.8.1 (ESR) version also resolves the following bug:
- Fixed an issue where the Shared Channels feature wasn’t properly included in the Professional license.
Mattermost 7.7.2 version also resolves the following bugs:
- Message Priority & Acknowledgement is now enabled by default for all instances. You may disable this feature in the System Console by going to Posts > Message Priority or via the config
PostPriority
setting. - Fixed an issue where threads were not marked as unread in the Threads view.
- Fixed an issue where the server sent a wrong badge number when marking a message as unread in a Direct Message channel.
- Fixed an issue where the Team edition returned a 400 Bad request for attempts to check CWS availability.
- Fixed an issue where file uploading would appear “stuck” in a processing state.
- Fixed an issue where the Shared Channels feature wasn’t properly included in the Professional license.
Mattermost 7.1.6 (ESR) version also resolves the following bugs:
- Fixed an issue where threads were not marked as unread in the Threads view.
- Fixed an issue where the server sent a wrong badge number when marking a message as unread in a Direct Message channel.
You can follow the standard upgrade instructions to apply the updates.