diff options
author | Brendan Abolivier <babolivier@matrix.org> | 2022-02-08 13:25:54 +0000 |
---|---|---|
committer | Brendan Abolivier <babolivier@matrix.org> | 2022-02-08 13:25:54 +0000 |
commit | 0b561a0ea1384db214c274f45b160c538d2ab65d (patch) | |
tree | aad71a937464551ac28cae53e36820f669431980 /docs/upgrade.md | |
parent | Use changelog from develop (diff) | |
parent | Fix wording (diff) | |
download | synapse-0b561a0ea1384db214c274f45b160c538d2ab65d.tar.xz |
Merge branch 'release-v1.52'
Diffstat (limited to 'docs/upgrade.md')
-rw-r--r-- | docs/upgrade.md | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/upgrade.md b/docs/upgrade.md index f455d257ba..0105f87f90 100644 --- a/docs/upgrade.md +++ b/docs/upgrade.md @@ -85,6 +85,18 @@ process, for example: dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb ``` +# Upgrading to v1.52.0 + +## Twisted security release + +Note that [Twisted 22.1.0](https://github.com/twisted/twisted/releases/tag/twisted-22.1.0) +has recently been released, which fixes a [security issue](https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx) +within the Twisted library. We do not believe Synapse is affected by this vulnerability, +though we advise server administrators who installed Synapse via pip to upgrade Twisted +with `pip install --upgrade Twisted` as a matter of good practice. The Docker image +`matrixdotorg/synapse` and the Debian packages from `packages.matrix.org` are using the +updated library. + # Upgrading to v1.51.0 ## Deprecation of `webclient` listeners and non-HTTP(S) `web_client_location` |