summary refs log tree commit diff
path: root/CHANGES.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* 1.40.0rc3 v1.40.0rc3Brendan Abolivier2021-08-091-0/+21
|
* Fixup changelog v1.40.0rc2Brendan Abolivier2021-08-041-1/+1
|
* Fixup changelogBrendan Abolivier2021-08-041-1/+1
|
* Fixup changelogBrendan Abolivier2021-08-041-1/+1
|
* 1.40.0rc2Brendan Abolivier2021-08-041-0/+16
|
* Fixup changelog v1.40.0rc1Erik Johnston2021-08-031-1/+1
|
* Fixup changelogErik Johnston2021-08-031-3/+1
|
* Fixup changelogErik Johnston2021-08-031-6/+6
|
* 1.40.0rc1Erik Johnston2021-08-031-0/+60
|
* Fixup changelog v1.39.0Erik Johnston2021-07-291-4/+1
|
* 1.39.0Erik Johnston2021-07-291-0/+6
|
* Fixup changelog v1.39.0rc3Erik Johnston2021-07-281-2/+2
|
* 1.39.0rc3Erik Johnston2021-07-281-0/+18
|
* Merge tag 'v1.38.1' into release-v1.39Erik Johnston2021-07-231-0/+9
|\ | | | | | | | | | | | | | | | | | | Synapse 1.38.1 (2021-07-22) =========================== Bugfixes -------- - Always include `device_one_time_keys_count` key in `/sync` response to work around a bug in Element Android that broke encryption for new devices. ([\#10457](https://github.com/matrix-org/synapse/issues/10457))
| * 1.38.1 v1.38.1Erik Johnston2021-07-221-0/+9
| |
* | 1.39.0rc2 v1.39.0rc2Erik Johnston2021-07-221-0/+15
| |
* | Incorporate changelog of #10433Andrew Morgan2021-07-201-0/+1
| |
* | Combine some changelog lines in the documentation sectionAndrew Morgan2021-07-201-6/+3
| |
* | Update account validity feature line in changelogAndrew Morgan2021-07-201-1/+1
| |
* | fix typo in changelogAndrew Morgan2021-07-201-1/+1
| |
* | changelog word fixesAndrew Morgan2021-07-201-1/+1
| |
* | 1.39.0rc1Andrew Morgan2021-07-201-0/+71
|/
* Move upgrade blurb v1.38.0Richard van der Hoff2021-07-131-2/+2
|
* Update CHANGES.mdRichard van der Hoff2021-07-131-1/+1
|
* 1.38.0Richard van der Hoff2021-07-131-0/+6
|
* 1.38.0rc3 v1.38.0rc3Richard van der Hoff2021-07-131-0/+9
|
* Fixup changelog v1.38.0rc2Erik Johnston2021-07-091-1/+1
|
* Fixup changelogErik Johnston2021-07-091-1/+1
|
* 1.38.0rc2Erik Johnston2021-07-091-0/+16
|
* Fix broken links in INSTALL.md (#10331)Dirk Klimpel2021-07-081-7/+10
| | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Fix broken link v1.38.0rc1Brendan Abolivier2021-07-071-1/+1
|
* Merge latest fix into the changelogBrendan Abolivier2021-07-071-1/+1
|
* Small changelog tweaksBrendan Abolivier2021-07-061-6/+4
|
* 1.38.0rc1Brendan Abolivier2021-07-061-0/+49
|
* Add upgrade notes about disk space for events migration (#10314)Richard van der Hoff2021-07-061-0/+4
|
* Merge branch 'master' into developErik Johnston2021-06-301-0/+8
|\
| * Fixup changelog v1.37.1Erik Johnston2021-06-301-1/+1
| |
| * Add note to changelogErik Johnston2021-06-301-1/+3
| |
| * 1.37.1Erik Johnston2021-06-301-0/+6
| |
* | Merge branch 'release-v1.37' into developRichard van der Hoff2021-06-291-0/+9
|\|
| * 1.37.1rc1 v1.37.1rc1Richard van der Hoff2021-06-291-0/+9
| |
* | Merge branch 'master' into developBrendan Abolivier2021-06-291-2/+4
|\|
| * Move deprecation notices to the top of the changelog v1.37.0Brendan Abolivier2021-06-291-6/+2
| |
| * 1.37.0Brendan Abolivier2021-06-291-0/+6
| |
* | Merge tag 'v1.37.0rc1' into developBrendan Abolivier2021-06-241-0/+71
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.37.0rc1 (2021-06-24) ============================== This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new generic module interface. This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. Features -------- - Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739), [\#9359](https://github.com/matrix-org/synapse/issues/9359), [\#10167](https://github.com/matrix-org/synapse/issues/10167), [\#10212](https://github.com/matrix-org/synapse/issues/10212), [\#10227](https://github.com/matrix-org/synapse/issues/10227)) - Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716)). ([\#9247](https://github.com/matrix-org/synapse/issues/9247)) - Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10206](https://github.com/matrix-org/synapse/issues/10206)) - Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108)) - Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191)) Bugfixes -------- - Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115)) - Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154)) - Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157), [\#10158](https://github.com/matrix-org/synapse/issues/10158)) - Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175)) - Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184)) - Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195)) - Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208)) - Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221)) Improved Documentation ---------------------- - Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436)) - Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122)) - Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180)) - Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198)) Deprecations and Removals ------------------------- - The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10210](https://github.com/matrix-org/synapse/issues/10210), [\#10238](https://github.com/matrix-org/synapse/issues/10238)) - Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161)) - Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194)) Internal Changes ---------------- - Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933)) - Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080)) - Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134), [\#10193](https://github.com/matrix-org/synapse/issues/10193)) - Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143)) - Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144)) - Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145)) - Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148)) - Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155)) - Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156)) - Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160)) - Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164)) - Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168)) - Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183)) - Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188)) - Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189)) - Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190)) - Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197)) - Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199))
| * Incorportate review comments v1.37.0rc1Brendan Abolivier2021-06-241-3/+3
| |
| * Fix date in changelogBrendan Abolivier2021-06-241-1/+1
| |
| * Tweak changelogBrendan Abolivier2021-06-241-14/+19
| |
| * 1.37.0rc1Brendan Abolivier2021-06-231-0/+66
| |
* | Convert UPGRADE.rst to markdown (#10166)Andrew Morgan2021-06-231-17/+20
|/ | | | | | | | | This PR: * Converts UPGRADE.rst to markdown and moves the contents into the `docs/` directory. * Updates the contents of UPGRADE.rst to point to the website instead. * Updates links around the codebase that point to UPGRADE.rst. `pandoc` + some manual editing was used to convert from RST to md.
* 1.36.0 v1.36.0 github/release-v1.36 release-v1.36Erik Johnston2021-06-151-0/+6
|
* Fixup changelog v1.36.0rc2Erik Johnston2021-06-111-1/+1
|
* 1.36.0rc2Erik Johnston2021-06-111-0/+11
|
* Make changelog lines consistent v1.36.0rc1Andrew Morgan2021-06-081-1/+1
|
* fix typo in changelogAndrew Morgan2021-06-081-1/+1
|
* 1.36.0rc1Andrew Morgan2021-06-081-0/+68
|
* Clarify changelog. v1.35.1 github/release-v1.35 release-v1.35Patrick Cloke2021-06-031-1/+1
|
* 1.35.1Patrick Cloke2021-06-031-0/+9
|
* Merge v1.35.0rc3 into v1.35.0 due to incorrect tagging v1.35.0Andrew Morgan2021-06-011-5/+1
|
* Indicate that there were no functional changes since v1.35.0rc3Andrew Morgan2021-06-011-0/+2
|
* 1.35.0Andrew Morgan2021-06-011-0/+9
|
* CHANGELOGErik Johnston2021-05-281-2/+2
|
* 1.35.0rc3Erik Johnston2021-05-281-0/+16
|
* 1.35.0rc2 v1.35.0rc2 github/release-v1.35.0 release-v1.35.0Erik Johnston2021-05-271-0/+9
|
* 1.35.0rc1 v1.35.0rc1Erik Johnston2021-05-251-0/+64
|
* Changelog v1.34.0 github/release-v1.34.0 release-v1.34.0Erik Johnston2021-05-171-6/+6
|
* 1.34.0Erik Johnston2021-05-171-2/+9
|
* Incorporate changes from review v1.34.0rc1Brendan Abolivier2021-05-121-2/+6
|
* Refer and link to the upgrade notes rather than to the file nameBrendan Abolivier2021-05-121-1/+1
|
* 1.34.0rc1Brendan Abolivier2021-05-121-0/+61
|
* Use link to advisory rather than to the CVE repo v1.33.2 github/release-v1.33.2 release-v1.33.2Brendan Abolivier2021-05-111-1/+1
|
* 1.33.2Brendan Abolivier2021-05-111-0/+16
|
* 1.33.1 v1.33.1 github/release-v1.33.1 release-v1.33.1Erik Johnston2021-05-061-0/+9
|
* 1.33.0 v1.33.0 github/release-v1.33.0 release-v1.33.0Brendan Abolivier2021-05-051-0/+9
|
* typo in changelog v1.33.0rc2Andrew Morgan2021-04-291-1/+1
|
* 1.33.0rc2Andrew Morgan2021-04-291-0/+9
|
* Reword account validity template change to sound less like a bugfix v1.33.0rc1Andrew Morgan2021-04-281-1/+1
|
* 1.33.0rc1Andrew Morgan2021-04-281-0/+53
|
* A regression can't be introduced twice v1.32.2 github/release-v1.32.2 release-v1.32.2Andrew Morgan2021-04-221-2/+2
|
* Note regression was in 1.32.0 and 1.32.1Andrew Morgan2021-04-221-2/+2
|
* Update dates in changelogsAndrew Morgan2021-04-211-1/+1
|
* 1.32.2Andrew Morgan2021-04-211-0/+11
|
* Note LoggingContext signature change incompatibility in 1.32.0 (#9859) github/release-v1.32.1 release-v1.32.1Andrew Morgan2021-04-211-5/+12
| | | | | 1.32.0 also introduced an incompatibility with Synapse modules that make use of `synapse.logging.context.LoggingContext`, such as [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider). This PR adds a note to the 1.32.0 changelog and upgrade notes about it.
* Clarify 1.32.0/1 changelog and upgrade notes v1.32.1Andrew Morgan2021-04-211-3/+1
|
* Add regression notes to CHANGES.md; fix link in 1.32.0 changelogAndrew Morgan2021-04-211-2/+6
|
* Add link to fixing prometheus to 1.32.0 upgrade notes; 1.32.1 has a fixAndrew Morgan2021-04-211-0/+2
|
* 1.32.1Andrew Morgan2021-04-211-0/+9
|
* Mention Prometheus metrics regression in v1.32.0Andrew Morgan2021-04-211-0/+6
|
* Further tweaking on gpg signing key noticeAndrew Morgan2021-04-201-2/+5
|
* Add note about expired Debian gpg signing keys to CHANGES.mdAndrew Morgan2021-04-201-0/+6
|
* Update v1.32.0 changelog. It's m.login.application_service, not plural v1.32.0Andrew Morgan2021-04-201-1/+1
|
* 1.32.0Andrew Morgan2021-04-201-2/+11
|
* Update changelog for v1.32.0 v1.32.0rc1Andrew Morgan2021-04-131-1/+1
|
* 1.32.0rc1Andrew Morgan2021-04-131-0/+72
|
* 1.31.0 v1.31.0 github/release-v1.31.0 release-v1.31.0Erik Johnston2021-04-061-3/+20
|
* Update changelog v1.31.0rc1Erik Johnston2021-03-301-3/+7
|
* 1.31.0rc1Erik Johnston2021-03-301-0/+64
|
* Update cahngelog v1.30.1 github/release-v1.30.1 release-v1.30.1Erik Johnston2021-03-261-3/+2
|
* Update cahngelogErik Johnston2021-03-261-2/+14
|
* 1.30.1Erik Johnston2021-03-261-0/+19
|
* 1.30.0 v1.30.0 github/release-v1.30.0 release-v1.30.0Erik Johnston2021-03-221-2/+9
|
* Fix jemalloc changelog entry wordingAndrew Morgan2021-03-161-1/+1
|
* Changelog typo v1.30.0rc1Andrew Morgan2021-03-161-1/+1
|
* Pull up appservice login deprecation noticeAndrew Morgan2021-03-161-6/+7
|
* 1.30.0rc1Andrew Morgan2021-03-161-0/+70
|
* Warn that /register will soon require a type when called with an access ↵Will Hunt2021-03-081-0/+6
| | | | | token (#9559) This notice is giving a heads up to the planned spec compliance fix https://github.com/matrix-org/synapse/pull/9548.
* Fixup changelog v1.29.0 github/release-v1.29.0 release-v1.29.0Erik Johnston2021-03-081-0/+3
|
* 1.29.0Erik Johnston2021-03-081-2/+5
|
* Fix changelogErik Johnston2021-03-041-6/+3
|
* 1.29.0rc1Erik Johnston2021-03-041-0/+54
|
* Call out the need for an X-Forwarded-Proto in the upgrade notes (#9501)Richard van der Hoff2021-02-261-0/+6
|
* Fixup changelog v1.28.0 github/release-v1.28.0 release-v1.28.0Erik Johnston2021-02-251-1/+1
|
* Fixup changelogErik Johnston2021-02-251-4/+5
|
* 1.28.0Erik Johnston2021-02-251-0/+9
|
* Update release date. v1.28.0rc1Patrick Cloke2021-02-191-1/+1
|
* Update the CHANGES document.Patrick Cloke2021-02-181-7/+7
|
* 1.28.0rc1Patrick Cloke2021-02-181-2/+72
|
* Merge branch 'master' into developPatrick Cloke2021-02-181-1/+1
|\
| * Clarify the release notes around SAML2 for v1.27.0. github/release-v1.27.0 release-v1.27.0Patrick Cloke2021-02-181-1/+1
| |
* | Remove deprecated SAML2 callback URL since it does not work. (#9434)Patrick Cloke2021-02-181-0/+2
| | | | | | | | Updates documentation from #9289 and removes a deprecated endpoint which didn't work as expected.
* | Drop ARMv7 from docker (#9433)Erik Johnston2021-02-181-0/+2
| | | | | | It's proving incredibly hard to build in CircleCI infra.
* | Deprecate old admin API `GET /_synapse/admin/v1/users/<user_id>` (#9429)Dirk Klimpel2021-02-181-0/+15
|/ | | This API was undocumented and nonsensical.
* Fixup CHANGES v1.27.0Erik Johnston2021-02-161-3/+3
|
* 1.27.0Erik Johnston2021-02-161-7/+16
|
* Clarify when new ratelimiting was added. v1.27.0rc2Patrick Cloke2021-02-111-1/+1
|
* Update changelog.Patrick Cloke2021-02-111-2/+2
|
* 1.27.0rc2Patrick Cloke2021-02-111-0/+22
|
* Update changelog v1.27.0rc1Erik Johnston2021-02-021-0/+2
|
* 1.27.0rc1Erik Johnston2021-02-021-6/+70
|
* Put OIDC callback URI under /_synapse/client. (#9288)Richard van der Hoff2021-02-011-0/+4
|
* Merge branch 'master' into developPatrick Cloke2021-01-271-2/+12
|\
| * Move note above changes. v1.26.0Patrick Cloke2021-01-271-2/+2
| |
| * Copy the upgrade note to 1.26.0.Patrick Cloke2021-01-271-3/+7
| |
| * 1.26.0Patrick Cloke2021-01-271-0/+6
| |
* | Add a note to changelog about redis usage (#9227)Erik Johnston2021-01-271-0/+6
|/
* Tweak changes. v1.26.0rc2Patrick Cloke2021-01-251-2/+2
|
* 1.26.0rc2Patrick Cloke2021-01-251-0/+17
|
* Fix a typo in the release notes.Patrick Cloke2021-01-201-1/+1
|
* Point people to the upgrade notes. v1.26.0rc1Patrick Cloke2021-01-201-0/+4
|
* Re-run towncrier.Patrick Cloke2021-01-201-1/+2
|
* Reword confusing sentence in CHANGES.Patrick Cloke2021-01-201-1/+1
|
* Fix tenses in CHANGES.Patrick Cloke2021-01-201-5/+5
|
* Re-arrange CHANGES.md.Patrick Cloke2021-01-201-10/+10
|
* 1.26.0rc1Patrick Cloke2021-01-201-0/+82
|
* Move removal warning up changelog v1.25.0 github/release-v1.25.0 release-v1.25.0Erik Johnston2021-01-131-9/+9
|
* Link to GH profile and fix tenseErik Johnston2021-01-131-1/+1
|
* Fix link in changelogErik Johnston2021-01-131-1/+1
|
* Fixup changelogErik Johnston2021-01-131-9/+6
|
* 1.25.0Erik Johnston2021-01-131-0/+9
|
* Announce Python / PostgreSQL deprecation policies (#9085)Dan Callahan2021-01-121-0/+28
| | | Fixes #8782
* More updates to changes for consistency. v1.25.0rc1Patrick Cloke2021-01-061-1/+1
|
* A few more tweaks to changes.Patrick Cloke2021-01-061-2/+2
|
* Some manual tweaks to the changes file.Patrick Cloke2021-01-061-23/+18
|
* 1.25.0rc1Patrick Cloke2021-01-061-0/+91
|
* Deprecate Shutdown Room and Purge Room Admin API (#8829)Dirk Klimpel2020-12-101-2/+15
| | | | | Deprecate both APIs in favour of the Delete Room API. Related: #8663 and #8810
* Merge tag 'v1.23.1'Erik Johnston2020-12-091-0/+54
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.23.1 (2020-12-09) =========================== Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory ----------------- The following issues are fixed in v1.23.1 and v1.24.0. - There is a denial of service attack ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257)) against the federation APIs in which future events will not be correctly sent to other servers over federation. This affects all servers that participate in open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)). - Synapse may be affected by OpenSSL [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971). Synapse administrators should ensure that they have the latest versions of the cryptography Python package installed. To upgrade Synapse along with the cryptography package: * Administrators using the [`matrix.org` Docker image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu packages from `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages) should ensure that they have version 1.24.0 or 1.23.1 installed: these images include the updated packages. * Administrators who have [installed Synapse from source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source) should upgrade the cryptography package within their virtualenv by running: ```sh <path_to_virtualenv>/bin/pip install 'cryptography>=3.3' ``` * Administrators who have installed Synapse from distribution packages should consult the information from their distributions. Bugfixes -------- - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776)) Internal Changes ---------------- - Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
| * 1.23.1 v1.23.1 github/release-v1.23.1 release-v1.23.1Erik Johnston2020-12-091-0/+52
| |
* | 1.24.0 v1.24.0Erik Johnston2020-12-091-0/+46
| |
* | Minor update to CHANGES. v1.24.0rc2Patrick Cloke2020-12-041-1/+1
| |
* | 1.24.0rc2Patrick Cloke2020-12-041-0/+15
| |
* | Minor changes to the CHANGES doc. v1.24.0rc1Patrick Cloke2020-12-021-1/+1
| |
* | Minor fixes to changelog.Patrick Cloke2020-12-021-5/+5
| |
* | 1.24.0rc1Patrick Cloke2020-12-021-0/+72
| |
* | fix MDMatthew Hodgson2020-11-221-2/+2
| |
* | fix ancient changelog to be MDMatthew Hodgson2020-11-221-150/+146
|/
* Update changelog v1.23.0 github/release-v1.23.0 release-v1.23.0Erik Johnston2020-11-181-1/+1
|
* Update changelogErik Johnston2020-11-181-0/+4
|
* 1.23.0Erik Johnston2020-11-181-0/+9
|
* Fix changelog v1.23.0rc1Erik Johnston2020-11-131-4/+4
|
* Fix changelogErik Johnston2020-11-131-2/+2
|
* 1.23.0rc1Erik Johnston2020-11-131-0/+86
|
* Fix changelog v1.22.1 github/release-v1.22.1 release-v1.22.1Erik Johnston2020-10-301-2/+2
|
* use correct versionErik Johnston2020-10-301-1/+1
|
* 1.22.1Erik Johnston2020-10-301-0/+10
|
* 1.22.0 v1.22.0 github/release-v1.22.0 release-v1.22.0Erik Johnston2020-10-271-0/+6
|
* Fixup changelog v1.22.0rc2Erik Johnston2020-10-261-3/+1
|
* Expand changelog entryErik Johnston2020-10-261-1/+1
|
* 1.22.0rc2Erik Johnston2020-10-261-0/+11
|
* Fixup changelog even more v1.22.0rc1Erik Johnston2020-10-221-2/+1
|
* Fixup changelog some moreErik Johnston2020-10-221-7/+3
|
* Fixup changelogErik Johnston2020-10-221-4/+4
|
* 1.22.0rc1Erik Johnston2020-10-221-0/+105
|
* Additional tweaks. v1.21.2 github/release-v1.21.2 release-v1.21.2Patrick Cloke2020-10-151-3/+3
|
* Clarify authlib changes.Patrick Cloke2020-10-151-1/+3
|
* Fix typo.Patrick Cloke2020-10-151-1/+1
|
* Add additional release notes.Patrick Cloke2020-10-151-0/+13
|
* 1.21.2Patrick Cloke2020-10-151-0/+9
|
* 1.21.1 v1.21.1 github/release-v1.21.1 release-v1.21.1Andrew Morgan2020-10-131-0/+6
|
* Reverse proxies are not the only thing to change;be explicit w/ new endpoint v1.21.0 github/release-v1.21.0 release-v1.21.0Andrew Morgan2020-10-121-6/+7
|
* Add deprecation warning for admin api under client api prefixesAndrew Morgan2020-10-121-0/+8
|
* 1.21.0Andrew Morgan2020-10-121-0/+6
|
* Update change log v1.21.0rc3Erik Johnston2020-10-081-1/+1
|
* 1.21.0rc3Erik Johnston2020-10-081-0/+15
|
* move #8444 to 'feature' v1.21.0rc2Richard van der Hoff2020-10-021-1/+5
|
* linkify changelogRichard van der Hoff2020-10-021-1/+1
|
* 1.21.0rc2Richard van der Hoff2020-10-021-1/+1
|
* 1.21.0rc2Richard van der Hoff2020-10-021-0/+13
|
* update changelog v1.21.0rc1Richard van der Hoff2020-10-011-1/+1
|
* changelog fixesRichard van der Hoff2020-10-011-2/+1
|
* fix version numberRichard van der Hoff2020-10-011-2/+2
| | | | we're not doing a final release yet!
* 1.21.0Richard van der Hoff2020-10-011-0/+102
|
* s/URLs/variables in changelog v1.20.1 github/release-v1.20.1 release-v1.20.1Andrew Morgan2020-09-241-1/+1
|
* s/accidentally/incorrectly in changelogAndrew Morgan2020-09-241-1/+1
|
* Update changelog wordingAndrew Morgan2020-09-241-1/+1
|
* 1.20.1Andrew Morgan2020-09-241-0/+10
|
* Fix wording of deprecation notice in changelog v1.20.0 github/release-v1.20.0 release-v1.20.0Andrew Morgan2020-09-221-5/+4
|
* Deprecation warning for synapse admin api being accessible under /_matrixAndrew Morgan2020-09-221-1/+13
|
* 1.20.0Andrew Morgan2020-09-221-0/+6
|
* Add a note about including the changes from 1.19.3. v1.20.0rc5Patrick Cloke2020-09-181-0/+2
|
* Tweak wording in the changelog.Patrick Cloke2020-09-181-2/+2
|
* 1.20.0rc5Patrick Cloke2020-09-181-0/+22
|
* Merge tag 'v1.19.3' into release-v1.20.0Patrick Cloke2020-09-181-0/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | 1.19.3 Synapse 1.19.3 (2020-09-18) =========================== Bugfixes -------- - Partially mitigate bug where newly joined servers couldn't get past events in a room when there is a malformed event. ([\#8350](https://github.com/matrix-org/synapse/issues/8350))
| * 1.19.3 v1.19.3 github/release-v1.19.3 release-v1.19.3Andrew Morgan2020-09-181-0/+9
| |
* | 1.20.0rc4 v1.20.0rc4Patrick Cloke2020-09-161-0/+7
| |
* | Merge remote-tracking branch 'origin/master' into release-v1.20.0Patrick Cloke2020-09-161-0/+10
|\|
| * 1.19.2 v1.19.2 github/release-v1.19.2 release-v1.19.2Erik Johnston2020-09-161-0/+11
| |
* | Clarify changelog. v1.20.0rc3Patrick Cloke2020-09-111-1/+1
| |
* | 1.20.0rc3Patrick Cloke2020-09-111-0/+9
| |
* | 1.20.0rc2 v1.20.0rc2Richard van der Hoff2020-09-091-0/+9
| |
* | fix typo v1.20.0rc1Richard van der Hoff2020-09-081-1/+1
| |
* | s/fixes/fix/Richard van der Hoff2020-09-081-2/+2
| |
* | 1.20.0rc1Richard van der Hoff2020-09-081-8/+79
| |
* | Merge branch 'master' into developBrendan Abolivier2020-08-271-0/+6
|\|
| * 1.19.1 v1.19.1 github/release-v1.19.1 release-v1.19.1Brendan Abolivier2020-08-271-0/+6
| |
* | Merge tag 'v1.19.1rc1' into developBrendan Abolivier2020-08-251-0/+10
|\| | | | | | | | | | | | | | | | | | | | | Synapse 1.19.1rc1 (2020-08-25) ============================== Bugfixes -------- - Fix a bug introduced in v1.19.0 where appservices with ratelimiting disabled would still be ratelimited when joining rooms. ([\#8139](https://github.com/matrix-org/synapse/issues/8139)) - Fix a bug introduced in v1.19.0 that would cause e.g. profile updates to fail due to incorrect application of rate limits on join requests. ([\#8153](https://github.com/matrix-org/synapse/issues/8153))
| * Changelog fixes v1.19.1rc1Brendan Abolivier2020-08-251-1/+1
| |
| * 1.19.1rc1Brendan Abolivier2020-08-251-0/+10
| |
* | Remove : from allowed client_secret chars (#8101)Andrew Morgan2020-08-181-0/+14
|/ | | | | | | Closes: https://github.com/matrix-org/synapse/issues/6766 Equivalent Sydent PR: https://github.com/matrix-org/sydent/pull/309 I believe it's now time to remove the extra allowed `:` from `client_secret` parameters.
* Changelog changes v1.19.0 github/release-v1.19.0 release-v1.19.0Olivier Wilkinson (reivilibre)2020-08-171-5/+4
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* 1.19.0Olivier Wilkinson (reivilibre)2020-08-171-0/+6
|
* More changelog tweaks v1.19.0rc1Olivier Wilkinson (reivilibre)2020-08-131-4/+4
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* More changelog tweaksOlivier Wilkinson (reivilibre)2020-08-131-4/+8
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* Remove unwanted changelog lineOlivier Wilkinson (reivilibre)2020-08-131-1/+0
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* 1.19.0rc1Olivier Wilkinson (reivilibre)2020-08-131-0/+66
|
* Fix formatting of changelog and upgrade notes v1.18.0 github/release-v1.18.0 release-v1.18.0Olivier Wilkinson (reivilibre)2020-07-301-2/+0
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* Add deprecation warningsOlivier Wilkinson (reivilibre)2020-07-301-0/+19
| | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* 1.18.0Olivier Wilkinson (reivilibre)2020-07-301-0/+9
|
* 1.18.0rc2 v1.18.0rc2Richard van der Hoff2020-07-281-0/+16
|
* update changelog v1.18.0rc1Richard van der Hoff2020-07-271-16/+4
|
* 1.18.0rc1Richard van der Hoff2020-07-271-0/+105
|
* 1.17.0 v1.17.0 github/release-v1.17.0 release-v1.17.0Richard van der Hoff2020-07-131-3/+7
|
* Merge branch 'master' into release-v1.17.0Richard van der Hoff2020-07-101-0/+13
|\
| * update changelog v1.16.1 github/release-v1.16.1 release-v1.16.1Richard van der Hoff2020-07-101-1/+1
| |
| * fix changelogRichard van der Hoff2020-07-101-6/+0
| |
| * 1.16.1Richard van der Hoff2020-07-101-0/+19
| |
* | 1.17.0rc1 v1.17.0rc1Richard van der Hoff2020-07-091-0/+47
|/
* shuffle changelog slightly v1.16.0 github/release-v1.16.0 release-v1.16.0Richard van der Hoff2020-07-081-6/+5
|
* 1.16.0Richard van der Hoff2020-07-081-0/+6
|
* Fix a typo. v1.16.0rc2Patrick Cloke2020-07-021-1/+1
|
* Move 1.15.2 after 1.16.0rc2.Patrick Cloke2020-07-021-20/+20
|