Skip to content
This repository was archived by the owner on Apr 12, 2024. It is now read-only.

Commit 5cdd491

Browse files
babolivierbabolivier
committed
Add words about the Twisted security fix
1 parent 7d56b6c commit 5cdd491

File tree

2 files changed

+20
-2
lines changed

2 files changed

+20
-2
lines changed

CHANGES.md

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,14 @@
11
Synapse 1.52.0 (2022-02-08)
22
===========================
33

4-
No significant changes.
4+
No significant changes since 1.52.0rc1.
5+
6+
During the making of this release, the developers of Twisted have released
7+
[Twisted 22.1.0](https://github.com/twisted/twisted/releases/tag/twisted-22.1.0), which
8+
fixes [a security issue](https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx)
9+
within Twisted. We do not believe Synapse to be vulnerable to any security problem caused
10+
by this issue, though we advise server administrators to update their local version of
11+
Twisted if they can.
512

613

714
Synapse 1.52.0rc1 (2022-02-01)
@@ -13,7 +20,7 @@ Features
1320
- Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\#11621](https://github.com/matrix-org/synapse/issues/11621), [\#11788](https://github.com/matrix-org/synapse/issues/11788), [\#11789](https://github.com/matrix-org/synapse/issues/11789))
1421
- Add an admin API to reset connection timeouts for remote server. ([\#11639](https://github.com/matrix-org/synapse/issues/11639))
1522
- Add an admin API to get a list of rooms that federate with a given remote homeserver. ([\#11658](https://github.com/matrix-org/synapse/issues/11658))
16-
- Add a config flag to inhibit M_USER_IN_USE during registration. ([\#11743](https://github.com/matrix-org/synapse/issues/11743))
23+
- Add a config flag to inhibit `M_USER_IN_USE` during registration. ([\#11743](https://github.com/matrix-org/synapse/issues/11743))
1724
- Add a module callback to set username at registration. ([\#11790](https://github.com/matrix-org/synapse/issues/11790))
1825
- Allow configuring a maximum file size as well as a list of allowed content types for avatars. ([\#11846](https://github.com/matrix-org/synapse/issues/11846))
1926

docs/upgrade.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,17 @@ process, for example:
8585
dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
8686
```
8787

88+
# Upgrading to v1.52.0
89+
90+
## Twisted security release
91+
92+
During the making of this release, the developers of Twisted have released
93+
[Twisted 22.1.0](https://github.com/twisted/twisted/releases/tag/twisted-22.1.0), which
94+
fixes [a security issue](https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx)
95+
within Twisted. We do not believe Synapse to be vulnerable to any security problem caused
96+
by this issue, though we advise server administrators to update their local version of
97+
Twisted if they can.
98+
8899
# Upgrading to v1.51.0
89100

90101
## Deprecation of `webclient` listeners and non-HTTP(S) `web_client_location`

0 commit comments

Comments
 (0)