Tim Abbott

Tim Abbott is the lead developer of the Zulip open source project and CEO of Kandra Labs, the company providing Zulip hosting and commercial support. Previously, he was founder and CTO of Ksplice.

📍 San Francisco

Why Zulip will stand the test of time

Quill, a team chat company with $16 million in venture capital funding, was acquired by Twitter and shut down their product last week. Users were given a mere four days to export their data prior to deletion; direct messages and private channels could not be exported at all. Our sympathies

Why Zulip will not get on the blockchain bandwagon

This week, Discord teased plans to integrate a crypto asset wallet. After backlash from their user community, Discord clarified that the feature isn’t ready to ship “for now”. With many popular social and chat apps already on the blockchain bandwagon (including Facebook, Telegram, Signal, Twitter and Reddit), some are

Release announcements

Zulip Server 4.6 bug fix release

We released Zulip Server 4.6 today! This is a bug fix release, containing a few dozen cherry-picked changes since Zulip Server 4.5. What’s newThis release fixes the following issues: Documented official support for Debian 11 Bullseye, now that it is officially released by Debian upstream.Fixed installation

Zulip releases ‘Teach a course’ education product

Zulip for Education is a new open source team chat product used at university departments around the world, including MIT, University of California San Diego and Technical University of Munich, Germany. SAN FRANCISCO, CA – July 26, 2021 – Zulip, the threaded open source team chat app with the most active open-source

Release announcements

Zulip Server 4.3 bug fix release

We released Zulip Server 4.3 today! This is a bug fix release, containing a few cherry-picked changes since Zulip Server 4.2. What’s newThis release fixes the following issues: Fixed exception when upgrading older servers that had disabled the Jitsi integration by setting JITSI_SERVER_URL to None.

Zulip 4.0: Threaded open source team chat

We’re excited to announce the release of Zulip Server 4.0, containing hundreds of new features and bug fixes! Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Fortune 500 companies, leading

March 18 Zulip Cloud security incident

On Thursday, March 18, 2021, Zulip Cloud had an important security incident. In short, a subtle caching bug resulted in up to 149 users being shown a broken read-only version of the Zulip UI from one of 26 other users whose data was incorrectly cached. This malfunctioning interface did not

Release announcements

Zulip Server 3.1 bug fix release

We released Zulip Server 3.1 today. This is a bug fix release, containing a few dozen cherry-picked changes since Zulip Server 3.0. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: Removed unused short_name field from

Zulip 3.0: Threaded open source team chat

We’re excited to announce the release of Zulip Server 3.0, containing hundreds of new features and bug fixes to help distributed and remote teams stay productive and focused. Zulip is the open-source threaded team chat app, used by thousands of teams globally. Zulip’s unique topic-based threading experience

Release announcements

Zulip Server 2.1.7 security release

We released Zulip Server 2.1.7 today. This is a security release, containing a couple cherry-picked changes since Zulip Server 2.1.6. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-15070: Fix privilege escalation vulnerability with

Release announcements

Zulip Server 2.1.5 security release

We released Zulip Server 2.1.5 today. This is a security release, containing a dozen cherry-picked changes since Zulip Server 2.1.4. What’s newThis releases fixes several important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-12759: Fix reflected XSS vulnerability in

Release announcements

Zulip Server 2.1.4 bug fix release

We released Zulip Server 2.1.4 today. This is a bug fix release, containing several cherry-picked changes since Zulip 2.1.3. What’s newThis releases fixes a few important bugs in previous versions of Zulip. It contains fixes for the following issues: Fixed a regression in 2.1.

Release announcements

Zulip server 2.1.3 security release

We released Zulip Server 2.1.3 today. This is a security release, containing a few dozen cherry-picked changes since Zulip 2.1.2. What’s newThis releases fixes several important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-9444: Reverse tabnabbing vulnerability in Zulip

Release announcements

Zulip Desktop 5.0.0 security release

Today we released Zulip Desktop 5.0.0, fixing multiple critical security issues as well as several other important issues: CVE-2020-10856: Remote code execution due to missing context isolation.CVE-2020-10857: Remote code execution due to unsafe use of shell.openExternal and shell.openItem.Downloaded files will no longer be opened

Release announcements

Zulip Desktop 4.0.3 security release

Today we released Zulip Desktop 4.0.3, fixing a critical security issue: CVE-2020-9443: Web security was disabled in the Electron webview.This is a critical security issue because Zulip's security model for uploaded files relies on the browser (in this case Electron) enforcing the web security model. Huge thanks

Release announcements

Zulip 2.1.2 security release

We released Zulip Server 2.1.2 today. This is a security release, containing a few dozen cherry-picked changes since Zulip 2.1.1. What’s newThis releases fixes several important bugs in previous versions of Zulip. It contains fixes for the following issues: Corrected fix for CVE-2019-19775 (the original

Release announcements

Zulip 2.1.1 bug fix release

We released Zulip Server 2.1.1 today. This is a bug fix release, containing several cherry-picked changes since Zulip 2.1.1. What’s newThis releases fixes a few important bugs in previous versions of Zulip. It contains fixes for the following issues: Fixed upgrading to 2.1.x

Zulip 2.1: Open source team chat

We're excited to announce the release of Zulip Server 2.1, containing hundreds of new features and bug fixes. Zulip is the world’s most productive team chat software, used by thousands of teams as an alternative to Slack, HipChat, Mattermost and IRC. Zulip's unique topic-based threading combines the immediacy

Release announcements

Zulip 2.0.8 security release

We released Zulip Server 2.0.8 today. This is a security release, containing a handful of cherry-picked changes since Zulip 2.0.7. What’s newThis release fixes a security bug in Zulip 1.9.0 and greater: CVE-2019-19775: Close open redirect in thumbnail view.UpgradingAll installations should upgrade

Release announcements

Zulip 2.0.7 security release

We released Zulip Server 2.0.7 today. This is a security release, containing a handful of cherry-picked changes since Zulip 2.0.6. What’s newThis release fixes an important security bug in previous versions of Zulip. Quoting from the commit fixing it: CVE-2019-18933: Fix insecure account creation via

Release announcements

Zulip 2.0.6 bug fix release

We released Zulip Server 2.0.6 today. This is a bug fix release, containing several cherry-picked changes since Zulip 2.0.5. What’s new This releases fixes a few important bugs in previous versions of Zulip. It contains fixes for the following issues: Updated signing keys for the

Release announcements

Zulip Server 2.0.5 security release

We released Zulip Server 2.0.5 today. This is a security release, containing a handful of cherry-picked changes since Zulip 2.0.4. What’s new This releases fixes a few important bugs in previous versions of Zulip. It contains fixes for the following security issues: CVE-2019-16215: Fix DoS

Release announcements

Zulip Server 2.0.4 bug fix release

We released Zulip Server 2.0.4 today. This is a bug fix release, containing a dozen cherry-picked changes since Zulip 2.0.3. What’s new This releases fixes a few important bugs in Zulip 2.0.3. It contains the following changes: Fixed several configuration-dependent bugs that caused

Release announcements

Zulip Server 2.0.3 bug fix release

We released Zulip Server 2.0.3 today. This is a bug fix release, containing a few dozen cherry-picked changes since Zulip 2.0.2. What’s new This releases fixes a few important bugs in Zulip 2.0.2. It contains the following changes: Added documentation for upgrading the

Release announcements

Zulip Server 2.0.2 bug fix release

We released Zulip Server 2.0.2 today. This is a bug fix release, containing a dozen cherry-picked changes since Zulip 2.0.1. What’s new This releases fixes a few important bugs in Zulip 2.0.1. It contains the following changes: Fixed a regression in the puppet