summary refs log tree commit diff
path: root/debian (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'v1.23.1'Erik Johnston2020-12-091-0/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.23.1 (2020-12-09) =========================== Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory ----------------- The following issues are fixed in v1.23.1 and v1.24.0. - There is a denial of service attack ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257)) against the federation APIs in which future events will not be correctly sent to other servers over federation. This affects all servers that participate in open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)). - Synapse may be affected by OpenSSL [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971). Synapse administrators should ensure that they have the latest versions of the cryptography Python package installed. To upgrade Synapse along with the cryptography package: * Administrators using the [`matrix.org` Docker image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu packages from `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages) should ensure that they have version 1.24.0 or 1.23.1 installed: these images include the updated packages. * Administrators who have [installed Synapse from source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source) should upgrade the cryptography package within their virtualenv by running: ```sh <path_to_virtualenv>/bin/pip install 'cryptography>=3.3' ``` * Administrators who have installed Synapse from distribution packages should consult the information from their distributions. Bugfixes -------- - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776)) Internal Changes ---------------- - Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
| * 1.23.1 v1.23.1 github/release-v1.23.1 release-v1.23.1Erik Johnston2020-12-091-0/+6
| |
* | 1.24.0 v1.24.0Erik Johnston2020-12-091-0/+6
|/
* 1.23.0Erik Johnston2020-11-181-0/+6
|
* 1.22.1Erik Johnston2020-10-301-0/+6
|
* 1.22.0 v1.22.0 github/release-v1.22.0 release-v1.22.0Erik Johnston2020-10-271-0/+6
|
* 1.21.2Patrick Cloke2020-10-151-0/+7
|
* 1.21.1 v1.21.1 github/release-v1.21.1 release-v1.21.1Andrew Morgan2020-10-131-2/+6
|
* Explicitly install test dependencies when building deb packages (#8523)Andrew Morgan2020-10-122-1/+7
| | | | | After https://github.com/matrix-org/synapse/pull/8377, the deb packages no longer indirectly installed the `"test"` dependencies, causing debian packages to fail to build while carrying out the unit tests. This PR installs `test` dependencies explicitly when building debian packages.
* 1.21.0Andrew Morgan2020-10-121-0/+6
|
* 1.20.1Andrew Morgan2020-09-241-0/+6
|
* 1.20.0Andrew Morgan2020-09-221-2/+6
|
* Merge tag 'v1.19.3' into release-v1.20.0Patrick Cloke2020-09-181-0/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | 1.19.3 Synapse 1.19.3 (2020-09-18) =========================== Bugfixes -------- - Partially mitigate bug where newly joined servers couldn't get past events in a room when there is a malformed event. ([\#8350](https://github.com/matrix-org/synapse/issues/8350))
| * 1.19.3 v1.19.3 github/release-v1.19.3 release-v1.19.3Andrew Morgan2020-09-181-0/+6
| |
* | Merge remote-tracking branch 'origin/master' into release-v1.20.0Patrick Cloke2020-09-161-1/+7
|\|
| * 1.19.2 v1.19.2 github/release-v1.19.2 release-v1.19.2Erik Johnston2020-09-161-0/+6
| |
* | Merge branch 'master' into developBrendan Abolivier2020-08-271-0/+6
|\|
| * 1.19.1 v1.19.1 github/release-v1.19.1 release-v1.19.1Brendan Abolivier2020-08-271-0/+6
| |
* | Update debian systemd service to use Type=notify (#8169)Dexter Chua2020-08-272-1/+7
|/ | | | | | | | This ensures systemctl start matrix-synapse returns only after synapse is actually started, which is very useful for automated deployments. Fixes #5761 Signed-off-by: Dexter Chua <dec41@srcf.net>
* 1.19.0Olivier Wilkinson (reivilibre)2020-08-171-3/+3
|
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2020-07-301-0/+6
|\
| * 1.18.0Olivier Wilkinson (reivilibre)2020-07-301-0/+6
| |
* | Various improvements to the docs (#7899)Aaron Raimist2020-07-293-14/+25
|/
* 1.17.0 v1.17.0 github/release-v1.17.0 release-v1.17.0Richard van der Hoff2020-07-131-0/+6
|
* Merge branch 'master' into release-v1.17.0Richard van der Hoff2020-07-101-0/+6
|\
| * 1.16.1Richard van der Hoff2020-07-101-0/+6
| |
* | 1.17.0rc1 v1.17.0rc1Richard van der Hoff2020-07-091-0/+6
|/
* 1.16.0Richard van der Hoff2020-07-081-0/+6
|
* 1.15.2Patrick Cloke2020-07-021-0/+6
|
* 1.15.1Brendan Abolivier2020-06-161-0/+6
|
* 1.15.0 v1.15.0 github/release-v1.15.0 release-v1.15.0Brendan Abolivier2020-06-111-0/+6
|
* Update debian changelog v1.14.0Brendan Abolivier2020-05-281-0/+6
|
* Remove the changes to the debian changelog v1.14.0rc1Brendan Abolivier2020-05-261-6/+0
| | | | Since this is not a full release yet
* 1.14.0Brendan Abolivier2020-05-261-0/+6
|
* 1.13.0Patrick Cloke2020-05-191-2/+6
|
* update dh-virtualenv (#7526)Richard van der Hoff2020-05-192-4/+1
|
* Merge branch 'master' into developPatrick Cloke2020-04-231-0/+8
|\
| * 1.12.4 v1.12.4 github/release-v1.12.4 release-v1.12.4Patrick Cloke2020-04-231-0/+6
| |
* | Add information about .well-known to Debian installation. (#7227)Patrick Cloke2020-04-063-7/+18
|/
* 1.12.3Richard van der Hoff2020-04-031-2/+6
|
* Fix the debian build in a better way. (#7212)Richard van der Hoff2020-04-032-6/+34
|
* 1.12.2Andrew Morgan2020-04-021-0/+6
|
* 1.12.1Andrew Morgan2020-04-021-0/+6
|
* 1.12.0Richard van der Hoff2020-03-231-0/+6
|
* Update debian changelog v1.11.1 github/release-v1.11.1 release-v1.11.1Brendan Abolivier2020-03-031-0/+6
|
* 1.11.0 v1.11.0 github/release-v1.11.0 release-v1.11.0Richard van der Hoff2020-02-211-0/+6
|
* 1.10.1 v1.10.1 github/release-v1.10.1 release-v1.10.1Richard van der Hoff2020-02-171-0/+6
|
* 1.10.0Brendan Abolivier2020-02-121-0/+6
|
* 1.9.1 v1.9.1 github/release-v1.9.1 release-v1.9.1Erik Johnston2020-01-281-0/+6
|
* 1.9.0Brendan Abolivier2020-01-231-0/+6
|
* 1.8.0Erik Johnston2020-01-091-2/+6
|
* Automate generation of the sample and debian log configs (#6627)Richard van der Hoff2020-01-034-37/+9
|
* 1.7.3 v1.7.3 github/release-v1.7.3 release-v1.7.3Richard van der Hoff2019-12-311-0/+6
|
* 1.7.2 v1.7.2 github/release-v1.7.2 release-v1.7.2Richard van der Hoff2019-12-201-0/+6
|
* 1.7.1Richard van der Hoff2019-12-181-0/+6
|
* 1.7.0Erik Johnston2019-12-131-0/+6
|
* 1.6.1 v1.6.1 github/release-v1.6.1 release-v1.6.1Andrew Morgan2019-11-281-0/+6
|
* 1.6.0 v1.6.0 github/release-v1.6.0 release-v1.6.0Andrew Morgan2019-11-261-0/+6
|
* 1.5.1 v1.5.1Richard van der Hoff2019-11-061-0/+6
|
* 1.5.0 v1.5.0 github/release-v1.5.0 release-v1.5.0Richard van der Hoff2019-10-291-0/+6
|
* 1.4.1Brendan Abolivier2019-10-181-0/+6
|
* 1.4.0 v1.4.0 github/release-v1.4.0 release-v1.4.0Andrew Morgan2019-10-031-0/+6
|
* 1.3.1 v1.3.1 github/release-v1.3.1 release-v1.3.1Richard van der Hoff2019-08-171-2/+12
|
* 1.3.0 v1.3.0 github/release-v1.3.0 release-v1.3.0Brendan Abolivier2019-08-151-2/+3
|
* Remove libsqlite3-dev from required build dependencies. (#5766)Andrew Morgan2019-08-152-5/+3
|
* 1.2.1Richard van der Hoff2019-07-261-0/+6
|
* 1.2.0 v1.2.0 github/release-v1.2.0 release-v1.2.0Andrew Morgan2019-07-251-2/+5
|
* Improve `Depends` specs in debian package. (#5675)Richard van der Hoff2019-07-173-0/+24
| | | | | | | | | | | | | | | | | | | This is basically a contrived way of adding a `Recommends` on `libpq5`, to fix #5653. The way this is supposed to happen in debhelper is to run `dh_shlibdeps`, which in turn runs `dpkg-shlibdeps`, which spits things out into `debian/<package>.substvars` whence they can later be included by `control`. Previously, we had disabled `dh_shlibdeps`, mostly because `dpkg-shlibdeps` gets confused about PIL's interdependent objects, but that's not really the right thing to do and there is another way to work around that. Since we don't always use postgres, we don't necessarily want a hard Depends on libpq5, so I've actually ended up adding an explicit invocation of `dpkg-shlibdeps` for `psycopg2`. I've also updated the build-depends list for the package, which was missing a couple of entries.
* Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2019-07-041-4/+11
|\
| * 1.1.0Erik Johnston2019-07-041-2/+5
| |
* | Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-042-1/+4
|/
* Include systemd-python in Debian package to allow logging to journal (#5261)Silke Hofstra2019-06-272-1/+8
| | | Signed-off-by: Silke Hofstra <silke@slxh.eu>
* 1.0.0 v1.0.0Erik Johnston2019-06-111-0/+6
|
* 0.99.5.2 v0.99.5.2 github/release-v0.99.5 release-v0.99.5Erik Johnston2019-05-301-0/+6
|
* 0.99.5.1 v0.99.5.1Neil Johnson2019-05-221-2/+4
|
* Revert "0.99.5"Neil Johnson2019-05-221-4/+2
| | | | This reverts commit c31e375ade1b59a7fe38628337e9e1aa3de91feb.
* 0.99.5Neil Johnson2019-05-221-2/+4
|
* 0.99.5 v0.99.5Neil Johnson2019-05-221-0/+4
|
* Some vagrant hackery for testing the debsRichard van der Hoff2019-05-174-0/+48
|
* 0.99.4Richard van der Hoff2019-05-151-2/+5
|
* Set syslog identifiers in systemd units (#5023)Christoph Müller2019-05-102-0/+8
|
* 0.99.3.2 v0.99.3.2 github/release-v0.99.3.2 release-v0.99.3.2Richard van der Hoff2019-05-031-0/+6
|
* 0.99.3.1Richard van der Hoff2019-05-031-0/+6
|
* 0.99.3 v0.99.3 github/release-v0.99.3 release-v0.99.3Neil Johnson2019-04-011-2/+6
|
* Debian package: fix warning during preconfiguration.Richard van der Hoff2019-03-072-1/+11
|
* 0.99.2Richard van der Hoff2019-03-011-3/+3
|
* 0.99.2rc1 v0.99.2rc1Richard van der Hoff2019-02-271-2/+3
|
* Debian: fix overwriting of config settings on upgrade (#4696)Richard van der Hoff2019-02-225-8/+165
| | | | | | Make sure that users' changes to the config files are preserved. Fixes #4440.
* 0.99.1.1 v0.99.1.1Richard van der Hoff2019-02-141-0/+6
|
* 0.99.1 v0.99.1Richard van der Hoff2019-02-141-2/+6
|
* implement `reload` by sending the HUP signal (#4622)Дамјан Георгиевски2019-02-142-0/+7
| | | | | | | | | | | | | * implement `reload` by sending the HUP signal According to the 0.99 release info* synapse now uses the HUP signal to reload certificates: > Synapse will now reload TLS certificates from disk upon SIGHUP. (#4495, #4524) So the matrix-synapse.service unit file should include a reload directive. Signed-off-by: Дамјан Георгиевски <gdamjan@gmail.com>
* v0.99.0 v0.99.0Richard van der Hoff2019-02-051-0/+6
|
* Generate the debian config during build (#4444)Richard van der Hoff2019-01-243-617/+32
| | | | | | Rather than hardcoding a config which we always forget to update, generate it from the default config.
* debian package: symlink to python-3.X (#4433)Richard van der Hoff2019-01-232-2/+15
| | | | | | | | | | In the debian package, make the virtualenv symlink python to /usr/bin/python3.X rather than /usr/bin/python3. Also make sure we depend on the right python3.x package. This might help a bit with subtle failures when people install a package from the wrong distro (https://github.com/matrix-org/synapse/issues/4431).
* Require ECDH key exchange & remove dh_params (#4429)Amber Brown2019-01-221-3/+0
| | | * remove dh_params and set better cipher string
* moar plusses!Richard van der Hoff2019-01-121-2/+2
| | | | | | | | | | | | | | | turns out that 0.34.1.1+1 comes before 0.34.1.1+bionic (etc). The version may only contain "~ 0-9 A-Z a-z + - ." (sorting in that order). Option 1: replace "+" with something that sorts after +. Options are "-" (but dpkg-source complains about that) or "." (but that would mean we couldn't distinguish packaging-only changes from real changes). Option 2: stick with + and just find something that sorts after 'xenial'. The only options there are "-", "." (same problems as before), "z", and "+". Hence, ++1. Sorry.
* s/Breaks/Conflicts/ in debian/controlRichard van der Hoff2019-01-112-3/+9
| | | | Otherwise people can't upgrade from matrix-synapse without removing it first
* changelog, for debianAmber Brown2019-01-111-0/+6
|
* debian: Remove Breaks: matrix-synapse-ldap3 v0.34.1+1Richard van der Hoff2019-01-092-1/+8
|
* 0.34.1 v0.34.1Richard van der Hoff2019-01-091-2/+3
|
* Update debian Conflicts specifications (#4349)Richard van der Hoff2019-01-042-2/+13
| | | ... to allow installation alongside our matrix-synapse transitional package.
* Avoid packaging _trial_temp directory (#4326)Richard van der Hoff2019-01-021-2/+1
| | | | | | Make sure we don't put the _trial_temp directory in the package target directory. Fixes https://github.com/matrix-org/synapse/issues/4322
* Install the optional dependencies into the debian package (#4325)Richard van der Hoff2019-01-022-2/+3
| | | | | | | | since #4298, the optional dependencies are no longer installed with a simple `pip install .`, which meant that they were not being included in the debian package. The easy fix to that is dh_virtualenv --extras, but that needs dh_virtualenv 1.1...
* Mention updating extensions github/release-v0.34.0 release-v0.34.0Richard van der Hoff2018-12-201-2/+7
|
* clarify that installing -py3 removes the old pkgRichard van der Hoff2018-12-201-3/+4
|
* Clarify that py2 packages will continue to exist v0.34.0Richard van der Hoff2018-12-201-0/+4
|
* Update log config for debian packagesRichard van der Hoff2018-12-201-0/+1
| | | | Better follow our own release notes.
* Debian packaging via dh_virtualenv (#4285)Richard van der Hoff2018-12-2026-506/+181
|
* import from package-debian-synapseAmber Brown2018-12-2038-0/+2678