Security Release

Zammad 5.0.1

ยท Just after delivering you our new major release, Zammad 5.0, we're adding a security release on top. ๐Ÿšจ It fixes an issue that transpired in the last few days, ensuring that you can use the full scope of the new features without any bumps.

Security Release ๐Ÿ‘ฎ

After upgrading to Zammad 5.0, a few users with special constellations noticed an unwelcome change: They suddenly saw tickets in the Overview that belonged to groups they were not a part of. While the tickets as such were not accessible to them (they could only see the metadata), it still represents a flaw from a privacy and security perspective. ๐Ÿ†˜

We have already put a fix in place which is fully deployed. So what does that mean for you? Here's what actions (if any) you should take.

๐Ÿ  If you're using Zammad on-prem

If you are self-hosting Zammad and you have already performed an upgrade to Zammad 5.0, please ensure to install the new security release as well. โ˜๏ธ
If you have not yet upgraded to Zammad 5.0, you can jump right to 5.0.1 when you're ready.

โ˜๏ธ If you're using a hosted version of Zammad

Great - then you don't have to do anything! ๐Ÿ˜Ž We're updating all hosted instances, which should be completed by end-of-day on Friday, October 8, 2021.


You can find the corresponding advisory here:


You will find all improvements in the Changelog.

Download Zammad 5.0.1

Changelog (2021-10-08)

Source code



You can find information on an upgrade of your Zammad installation here:


Node.js dependency

Please note that starting with Zammad 5.0 you'll need Node.js to run 'rake assets:precompile'.
This affects all source code installations and those who change javascript or stylesheet files in Zammad.

Find out more in our documentation.

Browser Deprecation List: Required for Zammad 5.1.0

  • Chrome: 83
  • Firefox: 78
  • Explorer: 11
  • Safari: 11
  • Opera: 69
  • Edge: 83
Together we turn your customers into fans.
Start free trial!
All releases and news directly in your inbox.
Subscribe to the newsletter