diff options
| author | Mathieu Velten <mathieuv@matrix.org> | 2023-09-18 15:35:57 +0200 |
|---|---|---|
| committer | Mathieu Velten <mathieuv@matrix.org> | 2023-09-18 15:35:57 +0200 |
| commit | e36990c00e201b35b62a91991be15c35edb20d8d (patch) | |
| tree | c0b0df0e5720a30943e89e556fea5f60588486e7 | |
| parent | 1.92.3 (diff) | |
| download | synapse-e36990c00e201b35b62a91991be15c35edb20d8d.tar.xz | |
Update changelog v1.92.3
| -rw-r--r-- | CHANGES.md | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md index 09c1ec10d0..79967f7e76 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,10 +1,12 @@ # Synapse 1.92.3 (2023-09-18) -This is again an update targeted at mitigating [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863). +This is again a security update targeted at mitigating [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863). It turns out that libwebp is bundled statically in Pillow wheels so we need to update this dependency instead of libwebp package at the OS level. -Unlike what was advertised in 1.92.2 changelog this release also impacts PyPI wheels and Debian packages. +Unlike what was advertised in 1.92.2 changelog this release also impacts PyPI wheels and Debian packages from matrix.org. + +We encourage admins to upgrade as soon as possible. ### Internal Changes |