diff options
author | Andrej Shadura <andrewsh@debian.org> | 2018-05-02 12:02:35 +0200 |
---|---|---|
committer | Andrej Shadura <andrewsh@debian.org> | 2018-05-02 12:02:35 +0200 |
commit | d7f3c3c6d3abf98d887701257bbd5e9c83a2c724 (patch) | |
tree | 4dfb86c159ca2c4513f59ff4d01c917ae830d48b | |
parent | a8cd2788efeda022911cc5f294b59bc4c60aa96a (diff) |
Update the changelogdebian/0.28.1+dfsg-1
-rw-r--r-- | debian/changelog | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/debian/changelog b/debian/changelog index df8fbe66..83e2dded 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,13 @@ -matrix-synapse (0.28.0+dfsg-3) UNRELEASED; urgency=medium +matrix-synapse (0.28.1+dfsg-1) unstable; urgency=high - * In fact, prevent installing with python-pymacaroons-nacl or - python-nacl (<< 1.1.0). + * New upstream release: + - SECURITY UPDATE: + Clamp the allowed values of event depth received over federation to + be [0, 2**63 - 1]. This mitigates an attack where malicious events + injected with depth = 2**63 - 1 render rooms unusable. + * Prevent installing with python-pymacaroons-nacl or python-nacl (<< 1.1.0). - -- Andrej Shadura <andrewsh@debian.org> Tue, 01 May 2018 14:40:02 +0200 + -- Andrej Shadura <andrewsh@debian.org> Wed, 02 May 2018 12:02:15 +0200 matrix-synapse (0.28.0+dfsg-2) unstable; urgency=medium |