Zulip Server 4.7 security release We released Zulip Server 4.7 today! This is a security release, containing minor security fixes since Zulip Server 4.6. What's newThis release fixes CVE-2021-41115, which prevents organization administrators from affecting the server with a regular expression denial-of-service attack through linkifier patterns. Parts of this vulnerability were discovered by
Announcements Zulip's Google Summer of Code 2021 This summer, the Zulip developer community welcomed 18 student participants through the Google Summer of Code (GSoC) program. This was the 5th consecutive year that Zulip participated in GSoC; more than 85 students have now completed one of our formal internship programs, primarily through Google Summer of Code and Outreachy.
Release announcements Zulip Server 4.6 bug fix release We released Zulip Server 4.6 today! This is a bug fix release, containing a few dozen cherry-picked changes since Zulip Server 4.5. What’s newThis release fixes the following issues: Documented official support for Debian 11 Bullseye, now that it is officially released by Debian upstream.Fixed installation
Announcements Zulip releases ‘Teach a course’ education product Zulip for Education is a new open source team chat product used at university departments around the world, including MIT, University of California San Diego and Technical University of Munich, Germany. SAN FRANCISCO, CA – July 26, 2021 – Zulip, the threaded open source team chat app with the most active open-source
Release announcements Zulip Server 4.4 security release We released Zulip Server 4.4 today! This is a security release, containing important security fixes, as well as important cherry-picked bug fixes, since Zulip Server 4.3. What’s newThis release fixes the following issues: Added a tool to fix potential database corruption caused by host OS upgrades; see
Release announcements Zulip Server 4.3 bug fix release We released Zulip Server 4.3 today! This is a bug fix release, containing a few cherry-picked changes since Zulip Server 4.2. What’s newThis release fixes the following issues: Fixed exception when upgrading older servers that had disabled the Jitsi integration by setting JITSI_SERVER_URL to None.
Major releases Zulip 4.0: Threaded open source team chat We’re excited to announce the release of Zulip Server 4.0, containing hundreds of new features and bug fixes! Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Fortune 500 companies, leading
Announcements Why Zulip is on GitHub Sponsors At Zulip, we’re out to build the world’s best collaboration platform, and we’re committed to keeping it 100% open source. If you’ve been using Zulip, love the product and its innovative threading model, and want to help share it with the world, please consider supporting us.
Release announcements Zulip Server 3.4 security release Zulip Server 3.4 was released today! This is a security release, containing important security updates for the 3.x series of Zulip Server. This will likely be the last release in the 3.x stable release series, as we are getting close to publishing the first release candidate for
Security March 18 Zulip Cloud security incident On Thursday, March 18, 2021, Zulip Cloud had an important security incident. In short, a subtle caching bug resulted in up to 149 users being shown a broken read-only version of the Zulip UI from one of 26 other users whose data was incorrectly cached. This malfunctioning interface did not
Release announcements Zulip Server 3.3 bug fix release We released Zulip Server 3.3 today! This is a bug fix release, containing a few cherry-picked changes since Zulip Server 3.2. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: Guest users should not be allowed to
Getting Started Getting started with Zulip on DigitalOcean Hosting Zulip on DigitalOcean is easy.As an open source project, Zulip is committed to making it convenient for every organization to use Zulip. For those who cannot maintain their own server, we offer the convenient Zulip Cloud SaaS service. For organizations concerned about privacy, data control, and compliance, we
Press Zulip in the Press Interview with Founder and CEO Tim Abbott, and Building the Mathematical Library of the Future with Zulip
Release announcements Zulip Server 3.2 bug fix release We released Zulip Server 3.2 today! This is a bug fix release, containing a few cherry-picked changes since Zulip Server 3.1. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: Switched from libmemcached to python-binary-memcached, a pure-Python
Security Zulip Desktop 5.4.3 security release Today we released Zulip Desktop 5.4.3, fixing a security issue: CVE-2020-24582: Zulip Desktop failed to escape various strings interpolated into the user interface HTML. This could result in code execution when connecting to a maliciously altered Zulip server. The Zulip security team discovered this issue during internal auditing.
Release announcements Zulip Server 3.1 bug fix release We released Zulip Server 3.1 today. This is a bug fix release, containing a few dozen cherry-picked changes since Zulip Server 3.0. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: Removed unused short_name field from
Major releases Zulip 3.0: Threaded open source team chat We’re excited to announce the release of Zulip Server 3.0, containing hundreds of new features and bug fixes to help distributed and remote teams stay productive and focused. Zulip is the open-source threaded team chat app, used by thousands of teams globally. Zulip’s unique topic-based threading experience
Release announcements Zulip Server 2.1.7 security release We released Zulip Server 2.1.7 today. This is a security release, containing a couple cherry-picked changes since Zulip Server 2.1.6. What’s newThis releases fixes multiple important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-15070: Fix privilege escalation vulnerability with
Release announcements Zulip Server 2.1.5 security release We released Zulip Server 2.1.5 today. This is a security release, containing a dozen cherry-picked changes since Zulip Server 2.1.4. What’s newThis releases fixes several important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-12759: Fix reflected XSS vulnerability in
Free Trials Zulip Responds to the Pandemic with 60-Day Free Trial Zulip Responds to the Pandemic with 60-Day Free Trial. Zulip helps distributed teams and communities increase productivity and communicate more effectively.
Release announcements Zulip Desktop 5.2.0 security release Today we released Zulip Desktop 5.2.0, fixing a critical security issue: CVE-2020-12637: Zulip Desktop 0.5.10 introduced a certificate validation handler to support the undocumented ignoreCerts option available by manually editing the configuration file. However, the handler inadvertently disabled all certificate validation, whether or not ignoreCerts was
Release announcements Zulip Server 2.1.4 bug fix release We released Zulip Server 2.1.4 today. This is a bug fix release, containing several cherry-picked changes since Zulip 2.1.3. What’s newThis releases fixes a few important bugs in previous versions of Zulip. It contains fixes for the following issues: Fixed a regression in 2.1.
Release announcements Zulip server 2.1.3 security release We released Zulip Server 2.1.3 today. This is a security release, containing a few dozen cherry-picked changes since Zulip 2.1.2. What’s newThis releases fixes several important bugs in previous versions of Zulip. It contains fixes for the following issues: CVE-2020-9444: Reverse tabnabbing vulnerability in Zulip
Release announcements Zulip Desktop 5.0.0 security release Today we released Zulip Desktop 5.0.0, fixing multiple critical security issues as well as several other important issues: CVE-2020-10856: Remote code execution due to missing context isolation.CVE-2020-10857: Remote code execution due to unsafe use of shell.openExternal and shell.openItem.Downloaded files will no longer be opened
Release announcements Zulip Desktop 4.0.3 security release Today we released Zulip Desktop 4.0.3, fixing a critical security issue: CVE-2020-9443: Web security was disabled in the Electron webview.This is a critical security issue because Zulip's security model for uploaded files relies on the browser (in this case Electron) enforcing the web security model. Huge thanks
