Mattermost security updates 8.1.1 (ESR) / 8.0.2 / 7.8.10 (ESR) released

We’re informing you about a Mattermost security update, which addresses low- to medium-level severity vulnerabilities. We highly recommend that you apply the update.

The security update is available for Mattermost dot releases 8.1.1 (Extended Support Release), 8.0.2, and 7.8.10 (Extended Support Release), for both Team Edition and Enterprise Edition. They are available for download here.

Customer safety and data security are the utmost priorities for Mattermost. For our customers’ protection, and as outlined in our Responsible Disclosure policy, Mattermost does not disclose specifics on this vulnerability until 30 days after this announcement. After 30 days, we will publish specific details on the vulnerability on our Security Updates webpage.

8.1.1 also resolves the following bugs:

• Fixed an issue preventing successful activation of trial licenses.
• Fixed several issues with loading of licenses.
• Fixed an issue where text copied from Microsoft OneNote pasted it as an image.
• Replaced Gfycat with Giphy in the gif picker.
• Fixed an issue where compliance export jobs were not able to start after disabling and enabling the compliance export.

8.0.2 also resolves the following bugs:

• Fixed an issue with missing time zone metadata in the Docker container.
• Fixed an issue preventing successful activation of trial licenses.
• Replaced Gfycat with Giphy in the gif picker.

7.8.10 also resolves the following bugs:

• Fixed an issue with missing time zone metadata in the Docker container.
• Replaced Gfycat with Giphy in the gif picker.

You can follow the standard upgrade instructions to apply the updates.