diff options
author | Matthew Hodgson <matthew@matrix.org> | 2018-05-01 19:04:11 +0100 |
---|---|---|
committer | Matthew Hodgson <matthew@matrix.org> | 2018-05-01 19:04:11 +0100 |
commit | 562532dd2de9970045c63cf2f33ee94aa4b47b2c (patch) | |
tree | 11d77d30e5249d5759434a42314f7b33d68a8ad4 /CHANGES.rst | |
parent | fix conflict in changelog from previous release (diff) | |
parent | fix markdown (diff) | |
download | synapse-562532dd2de9970045c63cf2f33ee94aa4b47b2c.tar.xz |
Merge branch 'release-v0.28.1'
Diffstat (limited to '')
-rw-r--r-- | CHANGES.rst | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/CHANGES.rst b/CHANGES.rst index 49dac25ca0..0dd2efd9d2 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -4,8 +4,8 @@ Changes in synapse v0.28.1 (2018-05-01) SECURITY UPDATE * Clamp the allowed values of event depth received over federation to be - [0, 2**63 - 1]. This mitigates an attack where malicious events - injected with depth = 2**63 - 1 render rooms unusable. Depth is used to + [0, 2^63 - 1]. This mitigates an attack where malicious events + injected with depth = 2^63 - 1 render rooms unusable. Depth is used to determine the cosmetic ordering of events within a room, and so the ordering of events in such a room will default to using stream_ordering rather than depth (topological_ordering). @@ -14,7 +14,7 @@ SECURITY UPDATE is being implemented to improve how the depth parameter is used. Full details at - https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI/edit# + https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI * Pin Twisted to <18.4 until we stop using the private _OpenSSLECCurve API. |