Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
428dbc9b76 | ||
|
98c12107d0 | ||
|
|
598555f81c | ||
|
|
d20e138c80 |
@@ -1475,3 +1475,9 @@
|
|||||||
* Fix [CVE-2025-61672](https://www.cve.org/CVERecord?id=CVE-2025-61672) / [GHSA-fh66-fcv5-jjfr](https://github.com/element-hq/synapse/security/advisories/GHSA-fh66-fcv5-jjfr). Lack of validation for device keys in Synapse before 1.139.1 allows an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. ([#17097](https://github.com/element-hq/synapse/issues/17097))
|
* Fix [CVE-2025-61672](https://www.cve.org/CVERecord?id=CVE-2025-61672) / [GHSA-fh66-fcv5-jjfr](https://github.com/element-hq/synapse/security/advisories/GHSA-fh66-fcv5-jjfr). Lack of validation for device keys in Synapse before 1.139.1 allows an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. ([#17097](https://github.com/element-hq/synapse/issues/17097))
|
||||||
* Drop support for unstable field names from the long-accepted [MSC2732](https://github.com/matrix-org/matrix-spec-proposals/pull/2732) (Olm fallback keys) proposal. This change allows unit tests to pass following the security patch above. ([#18996](https://github.com/element-hq/synapse/issues/18996))
|
* Drop support for unstable field names from the long-accepted [MSC2732](https://github.com/matrix-org/matrix-spec-proposals/pull/2732) (Olm fallback keys) proposal. This change allows unit tests to pass following the security patch above. ([#18996](https://github.com/element-hq/synapse/issues/18996))
|
||||||
|
|
||||||
|
[1.120.2]
|
||||||
|
* Update synapse to 1.139.2
|
||||||
|
|
||||||
|
[1.120.3]
|
||||||
|
* Update synapse-s3-storage-provider to 1.6.0
|
||||||
|
|
||||||
|
|||||||
@@ -5,8 +5,8 @@
|
|||||||
"description": "file://DESCRIPTION.md",
|
"description": "file://DESCRIPTION.md",
|
||||||
"changelog": "file://CHANGELOG.md",
|
"changelog": "file://CHANGELOG.md",
|
||||||
"tagline": "Secure & decentralized communication",
|
"tagline": "Secure & decentralized communication",
|
||||||
"version": "1.120.1",
|
"version": "1.120.3",
|
||||||
"upstreamVersion": "1.139.1",
|
"upstreamVersion": "1.6.0",
|
||||||
"healthCheckPath": "/",
|
"healthCheckPath": "/",
|
||||||
"httpPort": 8008,
|
"httpPort": 8008,
|
||||||
"memoryLimit": 536870912,
|
"memoryLimit": 536870912,
|
||||||
|
|||||||
@@ -8,10 +8,10 @@ WORKDIR /app/code
|
|||||||
RUN python3 -m venv /app/code/env
|
RUN python3 -m venv /app/code/env
|
||||||
|
|
||||||
# renovate: datasource=github-releases depName=element-hq/synapse versioning=semver extractVersion=^v(?<version>.+)$
|
# renovate: datasource=github-releases depName=element-hq/synapse versioning=semver extractVersion=^v(?<version>.+)$
|
||||||
ARG SYNAPSE_VERSION=1.139.1
|
ARG SYNAPSE_VERSION=1.139.2
|
||||||
|
|
||||||
# renovate: datasource=github-releases depName=matrix-org/synapse-s3-storage-provider versioning=semver extractVersion=^v(?<version>.+)$
|
# renovate: datasource=github-releases depName=matrix-org/synapse-s3-storage-provider versioning=semver extractVersion=^v(?<version>.+)$
|
||||||
ARG S3PROVIDER_VERSION=1.5.0
|
ARG S3PROVIDER_VERSION=1.6.0
|
||||||
|
|
||||||
# Synapse (https://github.com/matrix-org/synapse/blob/master/INSTALL.md)
|
# Synapse (https://github.com/matrix-org/synapse/blob/master/INSTALL.md)
|
||||||
# lxml - required for previews
|
# lxml - required for previews
|
||||||
|
|||||||
8
test/package-lock.json
generated
8
test/package-lock.json
generated
@@ -9,7 +9,7 @@
|
|||||||
"version": "1.0.0",
|
"version": "1.0.0",
|
||||||
"license": "ISC",
|
"license": "ISC",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"chromedriver": "^141.0.0",
|
"chromedriver": "^141.0.2",
|
||||||
"expect.js": "^0.3.1",
|
"expect.js": "^0.3.1",
|
||||||
"mocha": "^11.7.4",
|
"mocha": "^11.7.4",
|
||||||
"selenium-webdriver": "^4.36.0"
|
"selenium-webdriver": "^4.36.0"
|
||||||
@@ -259,9 +259,9 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/chromedriver": {
|
"node_modules/chromedriver": {
|
||||||
"version": "141.0.0",
|
"version": "141.0.2",
|
||||||
"resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-141.0.0.tgz",
|
"resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-141.0.2.tgz",
|
||||||
"integrity": "sha512-w0U5jyWlLaRHV+dhaSikDz4x0qOwZcbles2HBu4oRdd+Eq7M43Uns4eoP/6dKu9Uc5ppcK9gA/E9GHROGXhgPg==",
|
"integrity": "sha512-MNtgzm5SjTtbHDXlpuXkQ7brxkOYTK+qDbnmr7UrurfuhqJfIkL+nnKo7hev/hR6sFL8mV8r5+1Kn51Mo9zsDg==",
|
||||||
"hasInstallScript": true,
|
"hasInstallScript": true,
|
||||||
"license": "Apache-2.0",
|
"license": "Apache-2.0",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
|||||||
@@ -9,7 +9,7 @@
|
|||||||
"author": "",
|
"author": "",
|
||||||
"license": "ISC",
|
"license": "ISC",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"chromedriver": "^141.0.0",
|
"chromedriver": "^141.0.2",
|
||||||
"expect.js": "^0.3.1",
|
"expect.js": "^0.3.1",
|
||||||
"mocha": "^11.7.4",
|
"mocha": "^11.7.4",
|
||||||
"selenium-webdriver": "^4.36.0"
|
"selenium-webdriver": "^4.36.0"
|
||||||
|
|||||||
Reference in New Issue
Block a user