Back to matrix-synapse PTS page

Accepted matrix-synapse 1.2.1-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted matrix-synapse 1.2.1-1 (source) into unstable
From: Andrej Shadura <andrewsh@debian.org>
Date: Fri, 26 Jul 2019 16:19:42 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1hr2wY-0006Aq-Oi@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 26 Jul 2019 13:02:23 -0300
Source: matrix-synapse
Architecture: source
Version: 1.2.1-1
Distribution: unstable
Urgency: high
Maintainer: Matrix Packaging Team <pkg-matrix-maintainers@lists.alioth.debian.org>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Changes:
 matrix-synapse (1.2.1-1) unstable; urgency=high
 .
   * New upstream release.
   * Drop an old patch.
   * SECURITY UPDATE:
     - Prevent an attack where a federated server could send redactions
       for arbitrary events in v1 and v2 rooms.
     - Prevent a denial-of-service attack where cycles of redaction events
       would make Synapse spin infinitely.
     - Prevent an attack where users could be joined or parted from public
       rooms without their consent.
     - Fix a vulnerability where a federated server could spoof read
       receipts from users on other servers.
Checksums-Sha1:
 e7b052d4d57e63db8ef747855d112f8a74aca300 2603 matrix-synapse_1.2.1-1.dsc
 8f027cb9ce7a9a3197abb39ae248f3071438a0cc 1371041 matrix-synapse_1.2.1.orig.tar.gz
 4c6ae81edaebb89ec0672f7822b71c47079fbea3 89704 matrix-synapse_1.2.1-1.debian.tar.xz
Checksums-Sha256:
 43fc02e18d3d0ceabd1b2dfd1e9f4b82827635cf5c8886ffdc0f0968efe068e7 2603 matrix-synapse_1.2.1-1.dsc
 172f1b9930af5ebf4b56a85bbb24f5a19fdabaa863c846133ebb1b8496458302 1371041 matrix-synapse_1.2.1.orig.tar.gz
 89af387b75fbd06525fef060de3ab9e7ad896af09d61423b67335271f7683048 89704 matrix-synapse_1.2.1-1.debian.tar.xz
Files:
 ee843a4b292a8bcf2f324e737895843b 2603 net optional matrix-synapse_1.2.1-1.dsc
 e6e005ec360ccd1fa27ff33e15eb78ab 1371041 net optional matrix-synapse_1.2.1.orig.tar.gz
 095f9459b161f97331d63269e80b8010 89704 net optional matrix-synapse_1.2.1-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAl07JG0ACgkQXkCM2RzY
OdKUmwf/fJG/T4IXK0XLPVTvFN9iLbF8YHcg4F7qvVzpVu+Ntqk9KFwTphS7qNjB
xdABFgbLbWLiV3H3ZUnlOuEoWQjL9Y5wbRTd0UMwV7xM1gj3uHn3eVmPJN3vthbs
NE3TbXiVNK4yW5KDMGJnRxJSuDrdSWZkNd6JvIgqIvc204pN85etEdXVoF6TkACB
CY+TrfnCmHeUoPHr7BgMzVgfakNoA2uPOf2uu1flIo1sqIEP75CQ6vcfeaIMSDoe
4/ZCiZquJFef9GCeKSXq829eVp1ebeYt4E6h8HJHaFX0AoWXNhS/Wg1f0JkZmvsY
IlDpg4kkeQiHDyOOC0D7j1ijUNSlSg==
=5Zpv
-----END PGP SIGNATURE-----