We released Zulip Server 7.4 today! This is a security release, containing
important security fixes and cherry-picked changes since Zulip Server 7.3.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, …
We have discovered and fixed a bug in Zulip that, in a rare situation, caused
uploaded attachments to be mistakenly deleted after 30 days. Specifically, if
someone chose to delete a message, Zulip deleted all the files that were
attached to that message. This behavior was incorrect for files that were …
We released Zulip Server 7.3 today! This is a security release, containing
important security fixes and cherry-picked changes since Zulip Server 7.2.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, …
We released Zulip Server 7.2 today! This is a bug fix release, containing
cherry-picked changes since Zulip Server 7.1.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort support is available
…
We released Zulip Server 7.1 today! This is a bug fix release, containing
cherry-picked changes since Zulip Server 7.0.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort support is available
…
We’re excited to announce the release of Zulip Server 7.0, containing hundreds
of new features and bug fixes!
Zulip is an open-source team chat application designed to
help people collaborate to solve any challenge. With conversations
organized by topic, Zulip is
ideal for both live and asynchronous
…
We released Zulip Server 6.2 today! This is a security release, containing two
security fixes and several cherry-picked changes since Zulip Server 6.1.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, …
Last week, the open-core team chat platform Mattermost
announced that
“Mattermost Cloud Free will no longer be offered after July 26, 2023.” This
likely came as an unpleasant surprise to users on that plan, as
less than a month before,
Mattermost’s pricing page featured the promise that the Cloud Free …
We released Zulip Server 6.1 today! This is a bugfix release, containing
cherry-picked changes since Zulip Server 6.0.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort support is available
…
As we head into the new year, we want to share some fun facts and highlights
from 2022.
Sending and receiving 💬
We often hear that Zulip helps keep everyone in the loop, and in 2022, Zulip
Cloud users sent more messages to public streams than anywhere else.
Stream messages were read an average of …
We’re excited to announce the release of Zulip Server 6.0, containing hundreds
of new features and bug fixes!
Zulip is an open-source team chat application designed to
help people collaborate to solve any challenge. With conversations
organized by topic, Zulip is ideal
for both live and asynchronous …
We released Zulip Server 5.7 today! This is a security release, containing a
security fix and several cherry-picked changes since Zulip Server 5.6.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort …
This summer,
15 contributors
completed the Google Summer of Code
(GSoC) program with the
Zulip development community. This
was the 7th consecutive year that Zulip participated in GSoC; over 100
contributors have now completed one of our formal internship programs, primarily
through Google Summer of …
On July 18, 2022,
Slack announced that
starting September 1, search history for organizations on Slack’s Free plan will
be limited to just the past 90 days of message history.
Instead of a 10,000-message limit and 5 GB of storage, we are giving full
access to the past 90 days of message history and …
We released Zulip Server 5.6 today! This is a security release, containing an
important security fix and several cherry-picked changes since Zulip Server 5.5.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need …
We released Zulip Server 5.5 today! This is a security release, containing an
important security fix and several cherry-picked changes since Zulip Server 5.4.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need …
Administrators of Zulip Cloud organizations can
export public data
from their organization via the organization settings menu. The exports include
all the data that appears in public streams, and can be used to migrate from
Zulip Cloud to self-hosting Zulip. Note that exporting private data is a
separate …
We released Zulip Server 5.4 today! This is a security release, containing a
security fix and several cherry-picked changes since Zulip Server 5.3.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort …
We released Zulip Server 5.3 today! This is a security release, containing a
minor security fix and several cherry-picked changes since Zulip Server 5.2.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, …
Today, we’re delighted to announce the general availability of Zulip’s public
access option. Open-source projects and other open communities
can now offer one-click access
(no login required!) to part or all of their Zulip chat.
For those who are not familiar with it, Zulip is a modern
team collaboration …
We released Zulip Server 5.2 today! This is a bugfix release, containing
cherry-picked changes since Zulip Server 5.1.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort support is available
…
We released Zulip Server 5.1 today! This is a bugfix release, containing a few
cherry-picked changes since Zulip Server 5.0, primarily to address upgrading
bugs.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you …
We’re excited to announce the release of Zulip Server 5.0, containing hundreds
of new features and bug fixes!
Zulip is an open-source team collaboration tool with
unique topic-based threading that is ideal for
both live and asynchronous conversations. Fortune 500 companies, leading
open-source projects, …
We released Zulip Server 4.11 today! This is a security release, containing a
minor security fix.
Upgrading
We recommend that all installations upgrade to this new release. See the
upgrade instructions
in the Zulip documentation. If you need help, best-effort support is available
on chat.zulip.org.
…
An internal investigation recently uncovered a vulnerability (identified as
CVE-2022-21706) in Zulip’s invitation links. Specifically, a
reusable invitation link
could be used to join a different organization than the one it was created for.
As a result, there was a potential for users to join any organization …
We released Zulip Server 4.10 today! This is a security release, containing
important security fixes, as well as important cherry-picked bug fixes, since
Zulip Server 4.9.
Upgrading
We strongly recommend that all installations upgrade to this new release. See
the
upgrade instructions
in the Zulip documentation. …
We released Zulip Server 4.9 today! This is a security release, containing
critical security fixes, as well as important cherry-picked bug fixes, since
Zulip Server 4.8.
Upgrading
We strongly recommend that all installations upgrade to this new release. See
the
upgrade instructions
in the Zulip documentation. …
This is an important security announcement for Zulip installations running the
main (development) branch of the Zulip server. The main branch of Zulip
Server, since
a commit merged on December 4th,
was vulnerable to a stored cross-site scripting vulnerability in stream names. A
malicious user with permission …
Quill, a team chat company with
$16 million in venture capital funding,
was acquired by Twitter and shut down their product last week. Users were given
a mere four days to export their data prior to deletion; direct messages and
private channels could not be exported at all.
Our sympathies go out to …
We released Zulip Server 4.8 today! This is a security release, containing
important security fixes, as well as important cherry-picked bug fixes, since
Zulip Server 4.7.
Deprecating support for Ubuntu 18.04 Bionic
With this release, we are deprecating support for Ubuntu 18.04 Bionic.
Specifically, …
This week, Discord
teased plans to
integrate a crypto asset wallet. After
backlash
from their user community, Discord clarified that the feature isn’t ready to
ship
“for now”.
With many popular social and chat apps already on the blockchain bandwagon
(including
Facebook,
Telegram,
Signal,
Twitter
and
…
We released Zulip Server 4.7 today! This is a security release, containing minor
security fixes since Zulip Server 4.6.
What’s new
This release fixes CVE-2021-41115, which prevents organization administrators
from affecting the server with a regular expression denial-of-service attack
through linkifier …
This summer, the
Zulip developer community welcomed
18 student participants
through the Google Summer of Code (GSoC)
program. This was the 6th consecutive year that Zulip participated in GSoC; more
than 85 students have now completed one of our formal internship programs,
primarily through Google Summer …
We released Zulip Server 4.6 today! This is a bug fix release, containing a few
dozen cherry-picked changes since Zulip Server 4.5.
What’s new
This release fixes the following issues:
Documented official support for Debian 11 Bullseye, now that it is officially
released by Debian upstream.
Fixed installation …
Zulip for Education is a new open-source team chat product used at university
departments around the world, including MIT, University of California San Diego
and Technical University of Munich, Germany.
SAN FRANCISCO, CA – July 26, 2021 – Zulip, the threaded
open-source team chat app with the most active …
We released Zulip Server 4.4 today! This is a security release, containing
important security fixes, as well as important cherry-picked bug fixes, since
Zulip Server 4.3.
What’s new
This release fixes the following issues:
Added a tool to fix potential database corruption caused by host OS upgrades;
…
We released Zulip Server 4.3 today! This is a bug fix release, containing a few
cherry-picked changes since Zulip Server 4.2.
What’s new
This release fixes the following issues:
Fixed exception when upgrading older servers that had disabled the Jitsi
integration by setting JITSI_SERVER_URL to None.
…
We’re excited to announce the release of Zulip Server 4.0, containing hundreds
of new features and bug fixes! Zulip is an open-source
team collaboration tool with unique
topic-based threading that combines the best of
email and chat to make remote work productive and delightful. Fortune 500
companies, …
At Zulip, we’re out to build the world’s best
collaboration platform, and we’re committed to keeping it 100% open source. If
you’ve been using Zulip, love the product and its
innovative threading model, and want to help
share it with the world, please consider
supporting us.
An important part of Zulip’s …
Zulip Server 3.4 was released today! This is a security release, containing
important security updates for the 3.x series of Zulip Server.
This will likely be the last release in the 3.x stable release series, as we are
getting close to publishing the first release candidate for Zulip 4.0.
What’s new
…
On Thursday, March 18, 2021, Zulip Cloud had an important security incident. In
short, a subtle caching bug resulted in up to 149 users being shown a broken
read-only version of the Zulip UI from one of 26 other users whose data was
incorrectly cached.
This malfunctioning interface did not display …
We released Zulip Server 3.3 today! This is a bug fix release, containing a few
cherry-picked changes since Zulip Server 3.2.
What’s new
This releases fixes multiple important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Guest users
should not be allowed to post to …
Hosting Zulip on DigitalOcean is easy.
As an open source project, Zulip is committed to making it convenient for every
organization to use Zulip. For those who cannot maintain their own server, we
offer the convenient Zulip Cloud SaaS service. For
organizations concerned about privacy, data control, …
Interview with Founder and CEO Tim Abbott, and Building the Mathematical Library of the Future with Zulip
We released Zulip Server 3.2 today! This is a bug fix release, containing a few
cherry-picked changes since Zulip Server 3.1.
What’s new
This releases fixes multiple important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Switched from libmemcached to python-binary-memcached, …
Today we released Zulip Desktop 5.4.3, fixing a security issue:
CVE-2020-24582: Zulip Desktop failed to escape various strings interpolated
into the user interface HTML. This could result in code execution when
connecting to a maliciously altered Zulip server.
The Zulip security team discovered this …
We released Zulip Server 3.1 today. This is a bug fix release, containing a few
dozen cherry-picked changes since Zulip Server 3.0.
What’s new
This releases fixes multiple important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Removed unused short_name field from …
We’re excited to announce the release of Zulip Server 3.0, containing hundreds
of new features and bug fixes to help distributed and remote teams stay
productive and focused.
Zulip is the open-source threaded team chat app, used by
thousands of teams globally. Zulip’s unique
topic-based threading experience …
We released Zulip Server 2.1.7 today. This is a security release, containing a
couple cherry-picked changes since Zulip Server 2.1.6.
What’s new
This releases fixes multiple important bugs in previous versions of Zulip. It
contains fixes for the following issues:
CVE-2020-15070: Fix privilege escalation …
We released Zulip Server 2.1.5 today. This is a security release, containing a
dozen cherry-picked changes since Zulip Server 2.1.4.
What’s new
This releases fixes several important bugs in previous versions of Zulip. It
contains fixes for the following issues:
CVE-2020-12759: Fix reflected XSS vulnerability …
Zulip Responds to the Pandemic with 60-Day Free Trial. Zulip helps distributed teams and communities increase productivity and communicate more effectively.
Today we released Zulip Desktop 5.2.0, fixing a critical security issue:
CVE-2020-12637: Zulip Desktop 0.5.10 introduced a certificate validation
handler to support the undocumented ignoreCerts option available by manually
editing the configuration file. However, the handler inadvertently disabled
…
We released Zulip Server 2.1.4 today. This is a bug fix release, containing
several cherry-picked changes since Zulip 2.1.3.
What’s new
This releases fixes a few important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Fixed a regression in 2.1.3 that impacted creating …
We released Zulip Server 2.1.3 today. This is a security release, containing a
few dozen cherry-picked changes since Zulip 2.1.2.
What’s new
This releases fixes several important bugs in previous versions of Zulip. It
contains fixes for the following issues:
CVE-2020-9444: Reverse tabnabbing vulnerability …
Today we released Zulip Desktop 5.0.0, fixing multiple critical security issues
as well as several other important issues:
CVE-2020-10856: Remote code execution due to missing context isolation.
CVE-2020-10857: Remote code execution due to unsafe use of shell.openExternal
and shell.openItem.
Downloaded …
Today we released Zulip Desktop 4.0.3, fixing a critical security issue:
CVE-2020-9443: Web security was disabled in the Electron webview.
This is a critical security issue because Zulip’s security model for uploaded
files relies on the browser (in this case Electron) enforcing the web security
model. …
We released Zulip Server 2.1.2 today. This is a security release, containing a
few dozen cherry-picked changes since Zulip 2.1.1.
What’s new
This releases fixes several important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Corrected fix for CVE-2019-19775 (the original …
We released Zulip Server 2.1.1 today. This is a bug fix release, containing
several cherry-picked changes since Zulip 2.1.1.
What’s new
This releases fixes a few important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Fixed upgrading to 2.1.x with the LDAP integration …
We’re excited to announce the release of Zulip Server 2.1, containing hundreds
of new features and bug fixes.
Zulip is the world’s most productive team chat
software, used by thousands of teams as an alternative to Slack, HipChat,
Mattermost and IRC. Zulip’s unique
topic-based threading combines the …
We released Zulip Server 2.0.8 today. This is a security release, containing a
handful of cherry-picked changes since Zulip 2.0.7.
What’s new
This release fixes a security bug in Zulip 1.9.0 and greater:
CVE-2019-19775: Close open redirect in thumbnail view.
Upgrading
All installations should upgrade …
We released Zulip Server 2.0.7 today. This is a security release, containing a
handful of cherry-picked changes since Zulip 2.0.6.
What’s new
This release fixes an important security bug in previous versions of Zulip.
Quoting from
the commit
fixing it:
CVE-2019-18933: Fix insecure account creation via …
We released Zulip Server 2.0.6 today. This is a bug fix release, containing
several cherry-picked changes since Zulip 2.0.5.
What’s new
This releases fixes a few important bugs in previous versions of Zulip. It
contains fixes for the following issues:
Updated signing keys for the PGroonga repository …
We released Zulip Server 2.0.5 today. This is a security release, containing a
handful of cherry-picked changes since Zulip 2.0.4.
What’s new
This releases fixes a few important bugs in previous versions of Zulip. It
contains fixes for the following security issues:
CVE-2019-16215: Fix DoS vulnerability …
We released Zulip Server 2.0.4 today. This is a bug fix release, containing a
dozen cherry-picked changes since Zulip 2.0.3.
What’s new
This releases fixes a few important bugs in Zulip 2.0.3. It contains the
following changes:
Fixed several configuration-dependent bugs that caused restore-backup to
…
We released Zulip Server 2.0.3 today. This is a bug fix release, containing a
few dozen cherry-picked changes since Zulip 2.0.2.
What’s new
This releases fixes a few important bugs in Zulip 2.0.2. It contains the
following changes:
Added documentation for
upgrading the underlying OS version.
Made uwsgi …
We released Zulip Server 2.0.2 today. This is a bug fix release, containing a
dozen cherry-picked changes since Zulip 2.0.1.
What’s new
This releases fixes a few important bugs in Zulip 2.0.1. It contains the
following changes:
Fixed a regression in the puppet configuration for S3 upload backend that …
We released Zulip Server 2.0.1 today. This is a bug fix release, containing a
dozen cherry-picked changes since Zulip 2.0.0.
What’s new
This releases fixes a few important bugs in Zulip 2.0.0. It contains the
following changes:
Fixed handling of uploaded file routing on Ubuntu Trusty.
Fixed buggy behavior …
We’re excited to announce the release of Zulip Server 2.0, containing hundreds
of new features and bug fixes.
Zulip is the world’s most productive team chat
software, used by thousands of teams as an alternative to Slack, HipChat,
Mattermost and IRC. Zulip’s unique
topic-based threading combines the …
We released Zulip Server 1.9.2 today. This is a bug fix release, containing a
few dozen cherry-picked changes since 1.9.1.
What’s new
This release is primarily to migrate Zulip off the deprecated Google+ API, which
Google plans to remove entirely on March 9. It also contains a few bug fixes for
the …
We released Zulip Server 1.9.1 today. This is a bug fix release, containing a
few dozen cherry-picked changes since 1.9.0.
What’s new
This release is primarily to improve the experience for users installing a new
Zulip server: new installer options, better error messages, etc.
This release contains …
We’re excited to announce the release of Zulip Server 1.9, containing hundreds
of new features and bug fixes. Especially relevant for users migrating from the
recently discontinued HipChat
is our new HipChat data import
tool.
Zulip is the world’s most productive team chat
software, an alternative to …
Today we’re releasing Zulip Server 1.8.1. This is a bug fix release, containing
a few dozen cherry-picked changes since 1.8.0.
What’s new
The highlights of this release are primarily for folks installing a new Zulip
server: a tool for automatically registering for push notifications, and a bunch
of …
We’re excited to announce the release of Zulip Server 1.8, containing hundreds
of new features and bug fixes.
Zulip is the world’s most productive team chat software,
an alternative to Slack, HipChat, and IRC. Zulip combines the immediacy of chat
with the asynchronous efficiency of email-style threading, …
Today we’re releasing Zulip Server 1.7.2. This is a security release, containing
just a handful of cherry-picked changes since 1.7.1.
What’s new
This release fixes several security issues:
CVE-2018-9986: Fix XSS issues with frontend markdown processor.
CVE-2018-9987: Fix XSS issue with muting notifications.
…
Today we’re releasing Zulip Server 1.7.1. This is a security release, containing
just a handful of cherry-picked changes since 1.7.0.
To readers in the US: happy Thanksgiving! We generally avoid making a security
release just before a major holiday, but we’ve made an exception in this case
because the …
We’re excited to announce the release of Zulip Server 1.7, containing hundreds
of new features and bug fixes.
Zulip is the world’s most productive team chat software,
an alternative to Slack, HipChat, and IRC. Zulip combines the immediacy of chat
with the asynchronous efficiency of email, and is 100% …
We’re excited to announce the release of Zulip Server 1.6.0, containing hundreds
of new features and bug fixes.
Zulip is the world’s most productive group chat software.
Zulip combines the immediacy of chat with the asynchronous efficiency of email,
and is 100% free and open source software.
This is …
Over the last few years, static type checkers have become available for popular
dynamic languages like PHP (Hack) and JavaScript
(Flow and
TypeScript), and have seen wide adoption. Two
years ago, a
provisional syntax for static type annotations
was added to Python 3. However, static types in Python …
Tim Abbott
Alex Vandiver
Alya Abbott
Greg Price
Matt Keller
Trent Lapinski
Anders Kaseorg