postalserver/postal 3.3.7

v3.3.7

on GitHub

3.3.7 (2026-06-03)

Bug Fixes

• http: prevent SSRF in outbound webhook and HTTP endpoint requests (11c9814)
• message-db: prevent SQL injection via condition keys (GHSA-x2hq-rfpg-3xr5) (4314a6e)
• specs: stub IPv6 support in address guard IPv6 literal spec (029bfe0)

Miscellaneous Chores

• deps: upgrade rack & rails (0445e5c)
• update security vulnerability reporting instructions (8be1e27)