| tag name | v1.92.2 (423628e532b38f64c94888ea7b41741001cb7c07) |
| tag date | 2023-09-15 13:35:05 +0100 |
| tagged by | Erik Johnston <erik@matrix.org> |
| tagged object | commit e7274f764b... |
| download | synapse-1.92.2.tar.xz |
|---|
This is a Docker-only update to mitigate [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863), a critical vulnerability in `libwebp`. Server admins not using Docker should ensure that their `libwebp` is up to date (if installed). We encourage admins to upgrade as soon as possible.
- Update docker image to use Debian bookworm as the base. ([\#16324](https://github.com/matrix-org/synapse/issues/16324)) -----BEGIN PGP SIGNATURE----- iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmUET3kQHGVyaWtAbWF0 cml4Lm9yZwAKCRClQuTtGw+sCY2VCAC9JA5xp9485DiJlCEmcihUr5vixUKrW0RB bfMFDTKceqyKJleFS1IMVtBF/+QnD8yYL1I2SViS8ZPxEHlzsHNhUMqUtllI6ssY 86WyiKz0by37KzlvB62j1o3fKAUOG0F/ZBhEK6L/G+8cSxz4BsR4ry4oSkI94Chf BkMzXmHLICB4cg7kP58lqplWOzGj5JTOn+YdiPZ8bDX78grKdCnPdhxlnHLIkki8 kINipdaYkUYA0plskpva1NDjD6UBQfFq73yasa5YHjPorI44dxCusgRhA3IkbSUU 7rsBiOxY/bJEqIuNJrQox5A+3SVR/giFu16T81oppEM0wKbPnNKW =YpbL -----END PGP SIGNATURE-----