diff options
author | Andrej Shadura <andrewsh@debian.org> | 2021-05-11 16:50:41 +0200 |
---|---|---|
committer | Andrej Shadura <andrewsh@debian.org> | 2021-05-11 16:50:41 +0200 |
commit | 6a5453118e086539d7c628bec8dc772aa5a9aed5 (patch) | |
tree | 3eb54d213c7e2e8efb07e4f29febb7b958f03460 | |
parent | b0edfa3b5ffdbe0186ef2be03a66cfd831078a7b (diff) |
Update the changelogdebian/1.33.2-1
-rw-r--r-- | debian/changelog | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 43f8d357..e9d7f6f1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,18 @@ +matrix-synapse (1.33.2-1) unstable; urgency=high + + * New upstream release. + * Explicitly depend on python3-cryptography. + * Refresh patch. + * SECURITY UPDATE (CVE-2021-29471, GHSA-x345-32rc-8h85): + - Denial of service attack via push rule patterns: + "Push rules" can specify conditions under which they will match, + including event_match, which matches event content against a + pattern including wildcards. Certain patterns can cause very poor + performance in the matching engine, leading to a denial-of-service + when processing moderate-length events. + + -- Andrej Shadura <andrewsh@debian.org> Tue, 11 May 2021 16:47:19 +0200 + matrix-synapse (1.31.0-2) unstable; urgency=medium * Stop using a deprecated dpkg-statoverride option (Closes: #927837). |