Merge branch 'master' into develop

author: Erik Johnston <erik@matrix.org> 2023-09-15 14:39:20 +0100
committer: Erik Johnston <erik@matrix.org> 2023-09-15 14:39:20 +0100
commit: 98d39e590a057ae68ea03f47764042dc8f2e8d75 (patch)
tree: d63c0dc3f63ccc62bff37571091da9d7a95a7f29 /CHANGES.md
parent: Add automatic purge after all users forget a room (#15488) (diff)
parent: Fix Changelog (diff)
download: synapse-98d39e590a057ae68ea03f47764042dc8f2e8d75.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md
index 8513ca47f0..37ea886a81 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,13 @@
+# Synapse 1.92.2 (2023-09-15)
+
+This is a Docker-only update to mitigate [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863), a critical vulnerability in `libwebp`. Server admins not using Docker should ensure that their `libwebp` is up to date (if installed). We encourage admins to upgrade as soon as possible.
+
+
+### Updates to the Docker image
+
+- Update docker image to use Debian bookworm as the base. ([\#16324](https://github.com/matrix-org/synapse/issues/16324))
+
+
 # Synapse 1.92.1 (2023-09-12)
 
 This minor release was needed only because of CI-related trouble on [v1.92.0](https://github.com/matrix-org/synapse/releases/tag/v1.92.0), which was never released.
author	Erik Johnston <erik@matrix.org>	2023-09-15 14:39:20 +0100
committer	Erik Johnston <erik@matrix.org>	2023-09-15 14:39:20 +0100
commit	98d39e590a057ae68ea03f47764042dc8f2e8d75 (patch)
tree	d63c0dc3f63ccc62bff37571091da9d7a95a7f29 /CHANGES.md
parent	Add automatic purge after all users forget a room (#15488) (diff)
parent	Fix Changelog (diff)
download	synapse-98d39e590a057ae68ea03f47764042dc8f2e8d75.tar.xz