diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3c8f52a..1d85283 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1218,3 +1218,8 @@
 * Fix server notice rooms not always being created as unencrypted rooms, even when encryption_enabled_by_default_for_room_type is in use (server notices are always unencrypted). (#17033)
 * Fix the .m.rule.encrypted_room_one_to_one and .m.rule.room_one_to_one default underride push rules being in the wrong order. Contributed by @Sumpy1. (#17043)
 
+[1.91.2]
+* Update Synapse to 1.105.1
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.105.1)
+* GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity . Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage.
+
diff --git a/CloudronManifest.json b/CloudronManifest.json
index 4e20b57..8c86ae5 100644
--- a/CloudronManifest.json
+++ b/CloudronManifest.json
@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.91.1",
-  "upstreamVersion": "1.105.0",
+  "version": "1.91.2",
+  "upstreamVersion": "1.105.1",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,
diff --git a/test/package-lock.json b/test/package-lock.json
index c5fd837..c028593 100644
--- a/test/package-lock.json
+++ b/test/package-lock.json
@@ -9,7 +9,7 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "chromedriver": "^123.0.3",
+        "chromedriver": "^123.0.4",
         "expect.js": "^0.3.1",
         "mocha": "^10.4.0",
         "selenium-webdriver": "^4.19.0"
@@ -233,9 +233,9 @@
       }
     },
     "node_modules/chromedriver": {
-      "version": "123.0.3",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.3.tgz",
-      "integrity": "sha512-35IeTqDLcVR0htF9nD/Lh+g24EG088WHVKXBXiFyWq+2lelnoM0B3tKTBiUEjLng0GnELI4QyQPFK7i97Fz1fQ==",
+      "version": "123.0.4",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.4.tgz",
+      "integrity": "sha512-3Yi7y7q35kkSAOTbRisiww/SL2w+DqafDPAaUShpSuLMmPaOvHQR0i3bm2/33QBiQ8fUb1J/MzppzVL6IDqvhA==",
       "hasInstallScript": true,
       "dependencies": {
         "@testim/chrome-version": "^1.1.4",
@@ -1644,9 +1644,9 @@
       }
     },
     "chromedriver": {
-      "version": "123.0.3",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.3.tgz",
-      "integrity": "sha512-35IeTqDLcVR0htF9nD/Lh+g24EG088WHVKXBXiFyWq+2lelnoM0B3tKTBiUEjLng0GnELI4QyQPFK7i97Fz1fQ==",
+      "version": "123.0.4",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.4.tgz",
+      "integrity": "sha512-3Yi7y7q35kkSAOTbRisiww/SL2w+DqafDPAaUShpSuLMmPaOvHQR0i3bm2/33QBiQ8fUb1J/MzppzVL6IDqvhA==",
       "requires": {
         "@testim/chrome-version": "^1.1.4",
         "axios": "^1.6.7",
diff --git a/test/package.json b/test/package.json
index afa4d9c..2db39a6 100644
--- a/test/package.json
+++ b/test/package.json
@@ -9,7 +9,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^123.0.3",
+    "chromedriver": "^123.0.4",
     "expect.js": "^0.3.1",
     "mocha": "^10.4.0",
     "selenium-webdriver": "^4.19.0"