summary refs log tree commit diff
path: root/v1.52/print.html
diff options
context:
space:
mode:
Diffstat (limited to 'v1.52/print.html')
-rw-r--r--v1.52/print.html13
1 files changed, 7 insertions, 6 deletions
diff --git a/v1.52/print.html b/v1.52/print.html

index f974354c7b..aa2c529add 100644
--- a/v1.52/print.html
+++ b/v1.52/print.html
@@ -1640,12 +1640,13 @@ dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
 </ul>
 <h1 id="upgrading-to-v1520"><a class="header" href="#upgrading-to-v1520">Upgrading to v1.52.0</a></h1>
 <h2 id="twisted-security-release"><a class="header" href="#twisted-security-release">Twisted security release</a></h2>
-<p>During the making of this release, the developers of Twisted have released
-<a href="https://github.com/twisted/twisted/releases/tag/twisted-22.1.0">Twisted 22.1.0</a>, which
-fixes <a href="https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx">a security issue</a>
-within Twisted. We do not believe Synapse to be vulnerable to any security problem caused
-by this issue, though we advise server administrators to update their local version of
-Twisted if they can.</p>
+<p>Note that <a href="https://github.com/twisted/twisted/releases/tag/twisted-22.1.0">Twisted 22.1.0</a>
+has recently been released, which fixes a <a href="https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx">security issue</a>
+within the Twisted library. We do not believe Synapse is affected by this vulnerability,
+though we advise server administrators who installed Synapse via pip to upgrade Twisted
+with <code>pip install --upgrade Twisted</code> as a matter of good practice. The Docker image
+<code>matrixdotorg/synapse</code> and the Debian packages from <code>packages.matrix.org</code> are using the
+updated library.</p>
 <h1 id="upgrading-to-v1510"><a class="header" href="#upgrading-to-v1510">Upgrading to v1.51.0</a></h1>
 <h2 id="deprecation-of-webclient-listeners-and-non-https-web_client_location"><a class="header" href="#deprecation-of-webclient-listeners-and-non-https-web_client_location">Deprecation of <code>webclient</code> listeners and non-HTTP(S) <code>web_client_location</code></a></h2>
 <p>Listeners of type  <code>webclient</code> are deprecated and scheduled to be removed in
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-08 23:40:39 +0000