Update the changelogdebian/1.41.1-1

author: Andrej Shadura <andrewsh@debian.org> 2021-08-31 16:24:50 +0100
committer: Andrej Shadura <andrewsh@debian.org> 2021-08-31 16:24:50 +0100
commit: def4362b1b3aca3eb1f8768d326c32089e89064e (patch)
tree: 6f302ddca051ea320d596f2b1cf7d888d94367f6
parent: 98e2ac98551c335a5e466797c75d660ca249430e (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 1e8af706..27f14e8a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+matrix-synapse (1.41.1-1) unstable; urgency=high
+
+  * New upstream release.
+  * SECURITY UPDATE:
+    - Unauthorised users could enumerate a private room's list of
+      members and their display names (CVE-2021-39164, GHSA-3x4c-pq33-4w3q).
+    - Unauthorised users could disclose a private room's name, avatar,
+      topic, and number of members (CVE-2021-39163, GHSA-jj53-8fmw-f2w2).
+
+ -- Andrej Shadura <andrewsh@debian.org>  Tue, 31 Aug 2021 16:22:39 +0100
+
 matrix-synapse (1.40.0-1) unstable; urgency=medium
 
   * New upstream release.
author	Andrej Shadura <andrewsh@debian.org>	2021-08-31 16:24:50 +0100
committer	Andrej Shadura <andrewsh@debian.org>	2021-08-31 16:24:50 +0100
commit	def4362b1b3aca3eb1f8768d326c32089e89064e (patch)
tree	6f302ddca051ea320d596f2b1cf7d888d94367f6
parent	98e2ac98551c335a5e466797c75d660ca249430e (diff)