diff options
Diffstat (limited to '')
-rw-r--r-- | CHANGES.md | 14 | ||||
-rw-r--r-- | changelog.d/17044.misc | 1 | ||||
-rw-r--r-- | debian/changelog | 6 | ||||
-rw-r--r-- | pyproject.toml | 2 |
4 files changed, 21 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md index ed9cca73bc..ec5bc22a98 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,17 @@ +# Synapse 1.105.1 (2024-04-23) + +## Security advisory + +The following issues are fixed in 1.105.1. + +- [GHSA-3h7q-rfh9-xm4v](https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v) / [CVE-2024-31208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31208) — High Severity + + Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage. + +See the advisories for more details. If you have any questions, email security@element.io. + + + # Synapse 1.105.0 (2024-04-16) No significant changes since 1.105.0rc1. diff --git a/changelog.d/17044.misc b/changelog.d/17044.misc deleted file mode 100644 index a1439752d3..0000000000 --- a/changelog.d/17044.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor auth chain fetching to reduce duplication. diff --git a/debian/changelog b/debian/changelog index 49c9b3b497..214ed59426 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.105.1) stable; urgency=medium + + * New Synapse release 1.105.1. + + -- Synapse Packaging team <packages@matrix.org> Tue, 23 Apr 2024 15:56:18 +0100 + matrix-synapse-py3 (1.105.0) stable; urgency=medium * New Synapse release 1.105.0. diff --git a/pyproject.toml b/pyproject.toml index f0f025645f..508d31d8d7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -96,7 +96,7 @@ module-name = "synapse.synapse_rust" [tool.poetry] name = "matrix-synapse" -version = "1.105.0" +version = "1.105.1" description = "Homeserver for the Matrix decentralised comms protocol" authors = ["Matrix.org Team and Contributors <packages@matrix.org>"] license = "AGPL-3.0-or-later" |