Oliver Kurz (okurz) accepted request 940581 from Marcus Rueckert (darix) over 2 years ago (revision 202)

- Update to 1.49.0

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 934736 from Marcus Rueckert (darix) over 2 years ago (revision 201)

- Update to 1.48.0

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 934406 from Marcus Rueckert (darix) over 2 years ago (revision 200)

- bump ijson to make it clear that we really need 3.1
  https://github.com/matrix-org/synapse/pull/11439

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 933296 from Marcus Rueckert (darix) over 2 years ago (revision 199)

- Update to 1.47.1 (boo#1193005)

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 933284 from Marcus Rueckert (darix) over 2 years ago (revision 198)

- Update to 1.47.1
  This release fixes a security issue in the media store, affecting
  all prior releases of Synapse. Server administrators are
  encouraged to update Synapse as soon as possible. We are not
  aware of these vulnerabilities being exploited in the wild.
  Server administrators who are unable to update Synapse may use
  the workarounds described in the linked GitHub Security Advisory
  below.
  - Security Advisory:
    GHSA-3hfw-x7gx-437c / CVE-2021-41281: Path traversal when
    downloading remote media.
    Synapse instances with the media repository enabled can be
    tricked into downloading a file from a remote server into an
    arbitrary directory, potentially outside the media store
    directory.  The last two directories and file name of the path
    are chosen randomly by Synapse and cannot be controlled by an
    attacker, which limits the impact.  Homeservers with the media
    repository disabled are unaffected. Homeservers configured with
    a federation whitelist are also unaffected.  Fixed by
    91f2bd090.

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 931977 from Marcus Rueckert (darix) over 2 years ago (revision 197)

- Update to 1.47.0

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 928844 from Marcus Rueckert (darix) over 2 years ago (revision 196)

- Update to 1.46.0

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 926766 from Marcus Rueckert (darix) over 2 years ago (revision 195)

- Update to 1.45.1

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 920875 from Marcus Rueckert (darix) over 2 years ago (revision 194)

- Update to 1.43.0
- disable 10719-Fix-instert-of-duplicate-key-into-event_json.patch
  until upstream decided if they want to accept it

• Files Changed
• Browse Source

Oliver Kurz (okurz) accepted request 915742 from Jacob Michalskie (hellcp) over 2 years ago (revision 193)

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 917324 from Marcus Rueckert (darix) almost 3 years ago (revision 192)

- Update to 1.42.0

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 915279 from Marcus Rueckert (darix) almost 3 years ago (revision 191)

- Update to 1.41.1

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 914066 from Marcus Rueckert (darix) almost 3 years ago (revision 190)

- Update to 1.41.0

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 911268 from Marcus Rueckert (darix) almost 3 years ago (revision 189)

- Update to 1.40.0

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 909160 from Marcus Rueckert (darix) almost 3 years ago (revision 188)

- Update to 1.39.0

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 907791 from Marcus Rueckert (darix) almost 3 years ago (revision 187)

- Update to 1.38.1
  Always include device_one_time_keys_count key in /sync response
  to work around a bug in Element Android that broke encryption for
  new devices. (#10457)

• Files Changed
• Browse Source

Marcus Rueckert (darix) accepted request 906701 from Marcus Rueckert (darix) almost 3 years ago (revision 186)

- oidc can be enabled on TW as the Authlib package is in the distro 

- drop all conditionals that were enabled anyway
- rename remaining conditionals to have a synapse_ prefix

- Update to 1.38.0

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 903369 from Marcus Rueckert (darix) almost 3 years ago (revision 185)

- Update to 1.37.1
  This release resolves issues (such as #9490) where one busy room
  could cause head-of-line blocking, starving Synapse from
  processing events in other rooms, and causing all federated
  traffic to fall behind. Synapse 1.37.1 processes inbound
  federation traffic asynchronously, ensuring that one busy room
  won't impact others. Please upgrade to Synapse 1.37.1 as soon as
  possible, in order to increase resilience to other traffic
  spikes.
  - Features
    - Handle inbound events from federation asynchronously.
      (#10269, #10272)

• Files Changed
• Browse Source

Aleksa Sarai (cyphar) accepted request 903055 from Marcus Rueckert (darix) almost 3 years ago (revision 184)

- Update to 1.37.0

• Files Changed
• Browse Source

buildservice-autocommit accepted request 900301 from Aleksa Sarai (cyphar) almost 3 years ago (revision 183)

baserev update by copy to link target

• Files Changed
• Browse Source