diff options
| author | Richard van der Hoff <richard@matrix.org> | 2019-05-03 19:24:42 +0100 |
|---|---|---|
| committer | Richard van der Hoff <richard@matrix.org> | 2019-05-03 19:24:42 +0100 |
| commit | 9b86d3dee69702cd9fa02e7f454fd0e92a7761bb (patch) | |
| tree | 73bc79d1abde252d6433a6ccfd5ca7956589588e /CHANGES.md | |
| parent | add gpg key fingerprint (diff) | |
| parent | 0.99.3.2 (diff) | |
| download | synapse-9b86d3dee69702cd9fa02e7f454fd0e92a7761bb.tar.xz | |
Merge tag 'v0.99.3.2'
Synapse 0.99.3.2 (2019-05-03) ============================= Internal Changes ---------------- - Ensure that we have `urllib3` <1.25, to resolve incompatibility with `requests`. ([\#5135](https://github.com/matrix-org/synapse/issues/5135))
Diffstat (limited to 'CHANGES.md')
| -rw-r--r-- | CHANGES.md | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md index 490c2021e0..d8cfbbebef 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,23 @@ +Synapse 0.99.3.2 (2019-05-03) +============================= + +Internal Changes +---------------- + +- Ensure that we have `urllib3` <1.25, to resolve incompatibility with `requests`. ([\#5135](https://github.com/matrix-org/synapse/issues/5135)) + + +Synapse 0.99.3.1 (2019-05-03) +============================= + +Security update +--------------- + +This release includes two security fixes: + +- Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue! ([\#5133](https://github.com/matrix-org/synapse/issues/5133)) +- Blacklist 0.0.0.0 and :: by default for URL previews. Thanks to @opnsec for identifying and responsibly disclosing this issue too! ([\#5134](https://github.com/matrix-org/synapse/issues/5134)) + Synapse 0.99.3 (2019-04-01) =========================== |