Update the changelogdebian/1.33.2-1

author: Andrej Shadura <andrewsh@debian.org> 2021-05-11 16:50:41 +0200
committer: Andrej Shadura <andrewsh@debian.org> 2021-05-11 16:50:41 +0200
commit: 6a5453118e086539d7c628bec8dc772aa5a9aed5 (patch)
tree: 3eb54d213c7e2e8efb07e4f29febb7b958f03460
parent: b0edfa3b5ffdbe0186ef2be03a66cfd831078a7b (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 43f8d357..e9d7f6f1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+matrix-synapse (1.33.2-1) unstable; urgency=high
+
+  * New upstream release.
+  * Explicitly depend on python3-cryptography.
+  * Refresh patch.
+  * SECURITY UPDATE (CVE-2021-29471, GHSA-x345-32rc-8h85):
+    - Denial of service attack via push rule patterns:
+      "Push rules" can specify conditions under which they will match,
+      including event_match, which matches event content against a
+      pattern including wildcards. Certain patterns can cause very poor
+      performance in the matching engine, leading to a denial-of-service
+      when processing moderate-length events.
+
+ -- Andrej Shadura <andrewsh@debian.org>  Tue, 11 May 2021 16:47:19 +0200
+
 matrix-synapse (1.31.0-2) unstable; urgency=medium
 
   * Stop using a deprecated dpkg-statoverride option (Closes: #927837).
author	Andrej Shadura <andrewsh@debian.org>	2021-05-11 16:50:41 +0200
committer	Andrej Shadura <andrewsh@debian.org>	2021-05-11 16:50:41 +0200
commit	6a5453118e086539d7c628bec8dc772aa5a9aed5 (patch)
tree	3eb54d213c7e2e8efb07e4f29febb7b958f03460
parent	b0edfa3b5ffdbe0186ef2be03a66cfd831078a7b (diff)