Revisions of matrix-synapse

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1181474 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 102)
Forwarded request #1181473 from darix

- Update to 1.109.0
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1177340 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 101)
Forwarded request #1177339 from darix

- Update to 1.108.0
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1174029 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 100)
Forwarded request #1174027 from darix

- Update to 1.107.0
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1169911 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 98)
- Update to 1.105.1 (boo#1223319)
  - Security
    - GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity
      Weakness in auth chain indexing allows DoS from remote room
      members through disk fill and high CPU usage.
      See the advisories for more details. If you have any
      questions, email security@element.io.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1122657 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 90)
add missing bugnumber
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1121497 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 89)
- Update to 1.95.1
  - Security:
    - GHSA-mp92-3jfm-3575 / CVE-2023-43796 — Moderate Severity
      Cached device information of remote users can be queried from
      Synapse. This can be used to enumerate the remote users known
      to a homeserver.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1116889 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 87)
- Update to 1.94.0 (boo#1216126 CVE-2023-45129)
  GHSA-5chr-wjw5-3gq4 / CVE-2023-45129 — Moderate Severity
  A malicious server ACL event can impact performance temporarily
  or permanently leading to a persistent denial of service.
  Homeservers running on a closed federation (which presumably do
  not need to use server ACLs) are not affected.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1116700 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 86)
- Update to 1.94.0 (forwarded request 1116682 from darix)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1113708 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 85)
- Update to 1.93.0
  The following issues are fixed in 1.93.0 (and RCs).
  GHSA-4f74-84v3-j9q5 / CVE-2023-41335 — Low Severity
  https://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5
  Temporary storage of plaintext passwords during password changes.
  GHSA-7565-cq32-vx2x / CVE-2023-42453 — Low Severity
  https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x
  Improper validation of receipts allows forged read receipts.
  See the advisories for more details. If you have any questions, email security@matrix.org.
Displaying revisions 1 - 20 of 102
openSUSE Build Service is sponsored by