andreas/synapse-app-mas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update package version to 1.120.1

Browse Source
This commit is contained in:
Package Updates
2025-10-07 16:56:40 +00:00
parent bce2eb54b5
commit 27d01a431f
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@@ -1469,3 +1469,9 @@
* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.139.0)
* /register requests from old application service implementations may break when using MAS
[1.120.1]
* Update synapse to 1.139.1
* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.139.1)
* Fix [CVE-2025-61672](https://www.cve.org/CVERecord?id=CVE-2025-61672) / [GHSA-fh66-fcv5-jjfr](https://github.com/element-hq/synapse/security/advisories/GHSA-fh66-fcv5-jjfr). Lack of validation for device keys in Synapse before 1.139.1 allows an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. ([#17097](https://github.com/element-hq/synapse/issues/17097))
* Drop support for unstable field names from the long-accepted [MSC2732](https://github.com/matrix-org/matrix-spec-proposals/pull/2732) (Olm fallback keys) proposal. This change allows unit tests to pass following the security patch above. ([#18996](https://github.com/element-hq/synapse/issues/18996))

2
CloudronManifest.json
View File

@@ -5,7 +5,7 @@
"description": "file://DESCRIPTION.md",
"changelog": "file://CHANGELOG.md",
"tagline": "Secure & decentralized communication",
"version": "1.120.0",
"version": "1.120.1",
"upstreamVersion": "1.139.1",
"healthCheckPath": "/",
"httpPort": 8008,