Revisions of matrix-synapse
Ana Guerrero (anag+factory)
accepted
request 1181474
from
Marcus Rueckert (darix)
(revision 102)
Forwarded request #1181473 from darix - Update to 1.109.0
Ana Guerrero (anag+factory)
accepted
request 1177340
from
Marcus Rueckert (darix)
(revision 101)
Forwarded request #1177339 from darix - Update to 1.108.0
Ana Guerrero (anag+factory)
accepted
request 1174029
from
Marcus Rueckert (darix)
(revision 100)
Forwarded request #1174027 from darix - Update to 1.107.0
Dominique Leuenberger (dimstar_suse)
accepted
request 1171009
from
Marcus Rueckert (darix)
(revision 99)
- Update to 1.106.0
Ana Guerrero (anag+factory)
accepted
request 1169911
from
Marcus Rueckert (darix)
(revision 98)
- Update to 1.105.1 (boo#1223319)
- Security
- GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity
Weakness in auth chain indexing allows DoS from remote room
members through disk fill and high CPU usage.
See the advisories for more details. If you have any
questions, email security@element.io.
Ana Guerrero (anag+factory)
accepted
request 1132776
from
Marcus Rueckert (darix)
(revision 94)
1.98.0
Ana Guerrero (anag+factory)
accepted
request 1129637
from
Marcus Rueckert (darix)
(revision 93)
- Update to 1.97.0
Ana Guerrero (anag+factory)
accepted
request 1127380
from
Marcus Rueckert (darix)
(revision 92)
- Update to 1.96.0
Ana Guerrero (anag+factory)
accepted
request 1122657
from
Marcus Rueckert (darix)
(revision 90)
add missing bugnumber
Dominique Leuenberger (dimstar_suse)
accepted
request 1121497
from
Marcus Rueckert (darix)
(revision 89)
- Update to 1.95.1
- Security:
- GHSA-mp92-3jfm-3575 / CVE-2023-43796 — Moderate Severity
Cached device information of remote users can be queried from
Synapse. This can be used to enumerate the remote users known
to a homeserver.
Ana Guerrero (anag+factory)
accepted
request 1120125
from
Marcus Rueckert (darix)
(revision 88)
- Update to 1.95.0
Ana Guerrero (anag+factory)
accepted
request 1116889
from
Marcus Rueckert (darix)
(revision 87)
- Update to 1.94.0 (boo#1216126 CVE-2023-45129) GHSA-5chr-wjw5-3gq4 / CVE-2023-45129 — Moderate Severity A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.
Ana Guerrero (anag+factory)
accepted
request 1116700
from
Marcus Rueckert (darix)
(revision 86)
- Update to 1.94.0 (forwarded request 1116682 from darix)
Dominique Leuenberger (dimstar_suse)
accepted
request 1113708
from
Marcus Rueckert (darix)
(revision 85)
- Update to 1.93.0 The following issues are fixed in 1.93.0 (and RCs). GHSA-4f74-84v3-j9q5 / CVE-2023-41335 — Low Severity https://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5 Temporary storage of plaintext passwords during password changes. GHSA-7565-cq32-vx2x / CVE-2023-42453 — Low Severity https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x Improper validation of receipts allows forged read receipts. See the advisories for more details. If you have any questions, email security@matrix.org.
Ana Guerrero (anag+factory)
accepted
request 1109346
from
Marcus Rueckert (darix)
(revision 84)
- Update to 1.91.2
Displaying revisions 1 - 20 of 102
