Request 818381: Submit matrix-synapse - openSUSE Build Service

This request supersedes: request 791956 (Show diff), request 799305 (Show diff), request 809987 (Show diff), request 811947 (Show diff), request 815339 (Show diff)

Overview

Request 818381 revoked

- Update to 1.15.2
- Security
- A malicious homeserver could force Synapse to reset the state
in a room to a small subset of the correct state. This
affects all Synapse deployments which federate with untrusted
servers. (96e9afe6)
- HTML pages served via Synapse were vulnerable to clickjacking
attacks. This predominantly affects homeservers with
single-sign-on enabled, but all server administrators are
encouraged to upgrade. (ea26e9a9) (forwarded request 818369 from darix)

Created by okurz almost 4 years ago
In state revoked
Supersedes 791956 799305 809987 811947 815339
Open review for licensedigger
Open review for openSUSE:Factory:Staging:adi:33

Submit matrix-synapse

Login required, please login in order to comment

Dominique Leuenberger (dimstar) - almost 4 years ago

reviewer

unresolvable: nothing provides python3-Twisted >= 20.3.0, (got version 19.10.0-2.6) `

Login required, please login in order to comment

Dominique Leuenberger (dimstar) - almost 4 years ago

reviewer

unresolvable: nothing provides (python3-prometheus_client >= 0.4.0 with python3-prometheus_client < 0.8.0)

Login required, please login in order to comment

Request History

okurz created request almost 4 years ago

- Update to 1.15.2
- Security
- A malicious homeserver could force Synapse to reset the state
in a room to a small subset of the correct state. This
affects all Synapse deployments which federate with untrusted
servers. (96e9afe6)
- HTML pages served via Synapse were vulnerable to clickjacking
attacks. This predominantly affects homeservers with
single-sign-on enabled, but all server administrators are
encouraged to upgrade. (ea26e9a9) (forwarded request 818369 from darix)

factory-auto added opensuse-review-team as a reviewer almost 4 years ago

Please review sources

factory-auto accepted review almost 4 years ago

Check script succeeded

dimstar_suse added openSUSE:Factory:Staging:adi:33 as a reviewer almost 4 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:33"

dimstar_suse accepted review almost 4 years ago

Picked "openSUSE:Factory:Staging:adi:33"

lrupp declined review almost 4 years ago

nothing provides (python3-prometheus_client >= 0.4.0 with python3-prometheus_client < 0.8.0)

lrupp declined request almost 4 years ago

nothing provides (python3-prometheus_client >= 0.4.0 with python3-prometheus_client < 0.8.0)

okurz revoked request almost 4 years ago

we would need https://github.com/matrix-org/synapse/issues/7641 to be fixed to support python-prometheus_client >= 0.8

openSUSE Build Service is sponsored by