Update the changelogdebian/0.28.1+dfsg-1

author: Andrej Shadura <andrewsh@debian.org> 2018-05-02 12:02:35 +0200
committer: Andrej Shadura <andrewsh@debian.org> 2018-05-02 12:02:35 +0200
commit: d7f3c3c6d3abf98d887701257bbd5e9c83a2c724 (patch)
tree: 4dfb86c159ca2c4513f59ff4d01c917ae830d48b
parent: a8cd2788efeda022911cc5f294b59bc4c60aa96a (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/debian/changelog b/debian/changelog
index df8fbe66..83e2dded 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,13 @@
-matrix-synapse (0.28.0+dfsg-3) UNRELEASED; urgency=medium
+matrix-synapse (0.28.1+dfsg-1) unstable; urgency=high
 
-  * In fact, prevent installing with python-pymacaroons-nacl or
-    python-nacl (<< 1.1.0).
+  * New upstream release:
+    - SECURITY UPDATE:
+      Clamp the allowed values of event depth received over federation to
+      be [0, 2**63 - 1]. This mitigates an attack where malicious events
+      injected with depth = 2**63 - 1 render rooms unusable.
+  * Prevent installing with python-pymacaroons-nacl or python-nacl (<< 1.1.0).
 
- -- Andrej Shadura <andrewsh@debian.org>  Tue, 01 May 2018 14:40:02 +0200
+ -- Andrej Shadura <andrewsh@debian.org>  Wed, 02 May 2018 12:02:15 +0200
 
 matrix-synapse (0.28.0+dfsg-2) unstable; urgency=medium
author	Andrej Shadura <andrewsh@debian.org>	2018-05-02 12:02:35 +0200
committer	Andrej Shadura <andrewsh@debian.org>	2018-05-02 12:02:35 +0200
commit	d7f3c3c6d3abf98d887701257bbd5e9c83a2c724 (patch)
tree	4dfb86c159ca2c4513f59ff4d01c917ae830d48b
parent	a8cd2788efeda022911cc5f294b59bc4c60aa96a (diff)