1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
|
matrix-synapse (1.91.2-2) unstable; urgency=medium
* Revert upstream Cargo.lock changes.
-- Andrej Shadura <andrewsh@debian.org> Sun, 10 Sep 2023 13:34:33 +0200
matrix-synapse (1.91.2-1) unstable; urgency=medium
* New upstream release.
[ Antonio Russo ]
* Replace frozendict dependency by immutabledict.
-- Andrej Shadura <andrewsh@debian.org> Sun, 10 Sep 2023 12:56:47 +0200
matrix-synapse (1.90.0-1) unstable; urgency=medium
[ Andrej Shadura ]
* New upstream release (Closes: #1037207, CVE-2023-32682, CVE-2023-32683).
* Update licenses.
* Build Rust extension reproducibly.
[ Antonio Russo ]
* Refresh patches.
* Refresh canonicaljson dependency.
-- Andrej Shadura <andrewsh@debian.org> Thu, 31 Aug 2023 14:46:27 +0200
matrix-synapse (1.78.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 01 Mar 2023 22:49:36 +0100
matrix-synapse (1.77.0-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Add optional dependency on python3-icu.
* Drop obsolete dependencies.
-- Andrej Shadura <andrewsh@debian.org> Sun, 19 Feb 2023 09:32:02 +0100
matrix-synapse (1.74.0-1) unstable; urgency=medium
* New upstream release (Closes: #1025662).
* Refresh Cargo.lock patch.
-- Andrej Shadura <andrewsh@debian.org> Sat, 24 Dec 2022 15:32:05 +0100
matrix-synapse (1.73.0-1) unstable; urgency=medium
* New upstream release.
* Refresh the Cargo.lock patch.
-- Andrej Shadura <andrewsh@debian.org> Fri, 16 Dec 2022 17:55:33 +0100
matrix-synapse (1.72.0-1) unstable; urgency=medium
* New upstream release.
* Refresh Cargo.lock patch.
-- Andrej Shadura <andrewsh@debian.org> Wed, 23 Nov 2022 15:08:37 +0100
matrix-synapse (1.71.0-2) unstable; urgency=medium
* Unbreak the build by reverting Cargo.toml changes.
-- Andrej Shadura <andrewsh@debian.org> Wed, 09 Nov 2022 10:52:11 +0100
matrix-synapse (1.71.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 09 Nov 2022 09:05:11 +0100
matrix-synapse (1.70.1-1) unstable; urgency=medium
* New upstream release.
* Revert Cargo.lock changes.
-- Andrej Shadura <andrewsh@debian.org> Sun, 30 Oct 2022 12:29:46 +0100
matrix-synapse (1.69.0-1) unstable; urgency=medium
* New upstream release.
- Refresh vendored crates
- Update license and copyright information.
- Add rescan-licenses script.
-- Andrej Shadura <andrewsh@debian.org> Tue, 18 Oct 2022 15:45:33 +0100
matrix-synapse (1.68.0-1) unstable; urgency=medium
* New upstream release.
* Add new build dependencies.
* Vendor Rust crates used by the new Rust module.
* Document copyrights of the vendored crates.
* Mark the package as Architecture: any.
* Refresh patches.
-- Andrej Shadura <andrewsh@debian.org> Thu, 13 Oct 2022 00:31:58 +0100
matrix-synapse (1.66.0-2) unstable; urgency=medium
* Update the pip dependency patch to work with Python 3.9.
-- Andrej Shadura <andrewsh@debian.org> Tue, 06 Sep 2022 21:36:42 +0200
matrix-synapse (1.66.0-1) unstable; urgency=medium
* New upstream release.
* Warn users about packages installed from pip.
* Reinstate and refresh a patch to replace pip instructions with apt.
* Add new dependency on pydantic.
-- Andrej Shadura <andrewsh@debian.org> Thu, 01 Sep 2022 14:26:33 +0200
matrix-synapse (1.65.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 31 Aug 2022 13:21:30 +0200
matrix-synapse (1.64.0-3) unstable; urgency=medium
* Fix canonicaljson dependency (Closes: #1017008).
-- Andrej Shadura <andrewsh@debian.org> Thu, 11 Aug 2022 12:35:29 +0200
matrix-synapse (1.64.0-2) unstable; urgency=medium
[ Dagfinn Ilmari Mannsåker ]
* Set Type=notify in systemd service file.
-- Andrej Shadura <andrewsh@debian.org> Tue, 09 Aug 2022 15:43:07 +0200
matrix-synapse (1.64.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 09 Aug 2022 15:12:35 +0200
matrix-synapse (1.63.0-1) unstable; urgency=medium
* New upstream release.
* Bump the matrix-common dependency.
* Refresh patches.
-- Andrej Shadura <andrewsh@debian.org> Wed, 20 Jul 2022 14:24:20 +0200
matrix-synapse (1.61.1-1) unstable; urgency=medium
* New upstream release.
* SECURITY ISSUE: GHSA-22p3-qrh9-cx32 / CVE-2022-31052.
Synapse instances with the url_preview_enabled homeserver config option
set to true are affected. URL previews of some web pages can lead to
unbounded recursion, causing the request to either fail, or in some
cases crash the running Synapse process.
-- Andrej Shadura <andrewsh@debian.org> Tue, 28 Jun 2022 19:13:32 +0200
matrix-synapse (1.61.0-3) unstable; urgency=medium
* Use execute_after_*.
* Patch the matrix-common dependency to >= (Closes: #1013745).
-- Andrej Shadura <andrewsh@debian.org> Sat, 25 Jun 2022 12:19:57 +0200
matrix-synapse (1.61.0-2) unstable; urgency=medium
* Bump matrix-common dependency.
-- Andrej Shadura <andrewsh@debian.org> Fri, 24 Jun 2022 09:39:24 +0200
matrix-synapse (1.61.0-1) unstable; urgency=medium
* New upstream release.
* Set field Upstream-Name in debian/copyright.
* Update standards version to 4.6.0, no changes needed.
* Set Rules-Requires-Root: no.
-- Andrej Shadura <andrewsh@debian.org> Sun, 19 Jun 2022 15:22:34 +0200
matrix-synapse (1.59.1-2) unstable; urgency=medium
* Depend on Poetry core.
-- Andrej Shadura <andrewsh@debian.org> Wed, 18 May 2022 14:16:55 +0200
matrix-synapse (1.59.1-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Bump the unpaddedbase64 dependency.
-- Andrej Shadura <andrewsh@debian.org> Wed, 18 May 2022 13:49:56 +0200
matrix-synapse (1.57.1-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Use pyproject.toml during the build.
* Explicitly opt-in to dh-sequence-single-binary.
-- Andrej Shadura <andrewsh@debian.org> Fri, 22 Apr 2022 20:44:20 +0200
matrix-synapse (1.56.0-1) unstable; urgency=medium
* New upstream release.
* Drop Jinja upper version limit.
-- Andrej Shadura <andrewsh@debian.org> Wed, 06 Apr 2022 12:23:28 +0200
matrix-synapse (1.55.0-2) unstable; urgency=medium
* Limit the Jinja version to 3.0 (3.1 breaks compatibility, 2.x is
old and the upstream plans to force 3.x anyway).
-- Andrej Shadura <andrewsh@debian.org> Tue, 29 Mar 2022 10:47:21 +0200
matrix-synapse (1.55.0-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Update build dependencies.
* Use dh compat 13 and dh-sequence-python3.
* Rename binaries installed in /usr/bin to have less generic names.
Move scripts with original names to /usr/libexec/matrix-synapse
(Closes: #925543)
-- Andrej Shadura <andrewsh@debian.org> Tue, 22 Mar 2022 18:50:28 +0100
matrix-synapse (1.53.0-1) unstable; urgency=medium
* New upstream release.
* Bump python3-matrix-common dependency.
-- Andrej Shadura <andrewsh@debian.org> Thu, 24 Feb 2022 11:50:20 +0100
matrix-synapse (1.52.0-1) unstable; urgency=medium
* New upstream release.
* Update dependency constraints.
* Refresh patches.
-- Andrej Shadura <andrewsh@debian.org> Tue, 08 Feb 2022 23:20:40 +0100
matrix-synapse (1.51.0-1) unstable; urgency=high
* New upstream release.
* Sort entries in debian/copyright.
-- Andrej Shadura <andrewsh@debian.org> Tue, 25 Jan 2022 17:20:03 +0100
matrix-synapse (1.50.2-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 24 Jan 2022 18:16:50 +0100
matrix-synapse (1.50.1-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 18 Jan 2022 19:46:48 +0100
matrix-synapse (1.50.0-1) unstable; urgency=medium
* New upstream release.
* Depend on python3-matrix-common.
-- Andrej Shadura <andrewsh@debian.org> Tue, 18 Jan 2022 15:29:33 +0100
matrix-synapse (1.49.2-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 21 Dec 2021 20:46:08 +0100
matrix-synapse (1.49.0-1) unstable; urgency=medium
* New upstream release.
* Bump ijson dependency.
-- Andrej Shadura <andrewsh@debian.org> Tue, 14 Dec 2021 17:39:09 +0100
matrix-synapse (1.48.0-1) unstable; urgency=medium
* New upstream release.
* Update copyrights.
-- Andrej Shadura <andrewsh@debian.org> Tue, 30 Nov 2021 15:36:01 +0100
matrix-synapse (1.47.1-1) unstable; urgency=high
* New upstream security release.
* CVE-2021-41281: Path traversal when downloading remote media:
Synapse instances with the media repository enabled can be tricked
into downloading a file from a remote server into an arbitrary
directory, potentially outside the media store directory.
Homeservers with the media repository disabled or configured with a
federation whitelist are unaffected.
(GHSA-3hfw-x7gx-437c)
-- Andrej Shadura <andrewsh@debian.org> Tue, 23 Nov 2021 13:17:43 +0100
matrix-synapse (1.47.0-2) unstable; urgency=medium
* Require a Python 3.10-compatible version of frozendict.
-- Andrej Shadura <andrewsh@debian.org> Thu, 18 Nov 2021 01:13:53 +0100
matrix-synapse (1.47.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 17 Nov 2021 21:12:33 +0100
matrix-synapse (1.46.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 08 Nov 2021 14:54:14 +0100
matrix-synapse (1.45.1-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 20 Oct 2021 20:25:01 +0200
matrix-synapse (1.45.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 19 Oct 2021 19:02:47 +0200
matrix-synapse (1.44.0-2) unstable; urgency=medium
* Drop unused dependency on blist.
-- Andrej Shadura <andrewsh@debian.org> Tue, 12 Oct 2021 10:06:50 +0200
matrix-synapse (1.44.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 05 Oct 2021 19:23:38 +0200
matrix-synapse (1.43.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 22 Sep 2021 09:26:18 +0100
matrix-synapse (1.42.0-1) unstable; urgency=medium
* New upstream release.
* Update jsonschema dependency to 3.0.0.
-- Andrej Shadura <andrewsh@debian.org> Tue, 14 Sep 2021 21:39:56 +0100
matrix-synapse (1.41.1-1) unstable; urgency=high
* New upstream release.
* SECURITY UPDATE:
- Unauthorised users could enumerate a private room's list of
members and their display names (CVE-2021-39164, GHSA-3x4c-pq33-4w3q).
- Unauthorised users could disclose a private room's name, avatar,
topic, and number of members (CVE-2021-39163, GHSA-jj53-8fmw-f2w2).
-- Andrej Shadura <andrewsh@debian.org> Tue, 31 Aug 2021 16:22:39 +0100
matrix-synapse (1.40.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Sun, 15 Aug 2021 10:52:45 +0100
matrix-synapse (1.39.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 30 Jul 2021 10:06:05 +0200
matrix-synapse (1.38.1-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 22 Jul 2021 18:42:29 +0200
matrix-synapse (1.38.0-1) unstable; urgency=medium
* New upstream release.
* Install renamed documents under the old names.
-- Andrej Shadura <andrewsh@debian.org> Wed, 14 Jul 2021 09:00:51 +0200
matrix-synapse (1.37.1-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 30 Jun 2021 22:18:16 +0200
matrix-synapse (1.37.0-1) unstable; urgency=medium
* New upstream release.
* Update the dependencies.
-- Andrej Shadura <andrewsh@debian.org> Tue, 29 Jun 2021 15:22:07 +0200
matrix-synapse (1.36.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 16 Jun 2021 10:28:46 +0200
matrix-synapse (1.35.1-1) unstable; urgency=medium
* New upstream release.
* d/watch: Skip pre-releases.
-- Andrej Shadura <andrewsh@debian.org> Mon, 14 Jun 2021 18:46:03 +0200
matrix-synapse (1.35.0-1) unstable; urgency=medium
* New upstream release.
* Depend on python3-ijson (>= 3.0).
-- Andrej Shadura <andrewsh@debian.org> Wed, 02 Jun 2021 08:19:14 +0200
matrix-synapse (1.34.0-1) unstable; urgency=medium
* New upstream release.
* Recommend pympler required for caches.track_memory_usage setting.
-- Andrej Shadura <andrewsh@debian.org> Mon, 17 May 2021 16:19:40 +0200
matrix-synapse (1.33.2-1) unstable; urgency=high
* New upstream release.
* Explicitly depend on python3-cryptography.
* Refresh patch.
* SECURITY UPDATE (CVE-2021-29471, GHSA-x345-32rc-8h85):
- Denial of service attack via push rule patterns:
"Push rules" can specify conditions under which they will match,
including event_match, which matches event content against a
pattern including wildcards. Certain patterns can cause very poor
performance in the matching engine, leading to a denial-of-service
when processing moderate-length events.
-- Andrej Shadura <andrewsh@debian.org> Tue, 11 May 2021 16:47:19 +0200
matrix-synapse (1.31.0-2) unstable; urgency=medium
* Stop using a deprecated dpkg-statoverride option (Closes: #927837).
* Remove dpkg-statoverride on purge (Closes: #927838).
* Properly escape variables in scripts.
* Only log warnings and above to the journal (Closes: #919347).
-- Andrej Shadura <andrewsh@debian.org> Tue, 13 Apr 2021 20:12:22 +0200
matrix-synapse (1.31.0-1) unstable; urgency=medium
* New upstream release.
* Revert upstream bump of python3-cryptography.
-- Andrej Shadura <andrewsh@debian.org> Wed, 07 Apr 2021 13:51:56 +0200
matrix-synapse (1.30.0-1) unstable; urgency=medium
* New upstream release.
* Update the watch URL.
-- Andrej Shadura <andrewsh@debian.org> Mon, 22 Mar 2021 18:36:56 +0100
matrix-synapse (1.29.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 12 Mar 2021 08:46:16 +0100
matrix-synapse (1.28.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 01 Mar 2021 15:22:17 +0100
matrix-synapse (1.27.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 17 Feb 2021 17:36:17 +0100
matrix-synapse (1.26.0-3) unstable; urgency=medium
* Downgrade the level of sandboxing to prevent confusion.
Strict sandboxing enabled by default caused issues for users running
appservices: https://github.com/matrix-org/synapse/issues/9327
It’s best to leave it enabled but relax a bit and let users opt in
for stricter protection if they wish.
-- Andrej Shadura <andrewsh@debian.org> Tue, 09 Feb 2021 23:25:50 +0100
matrix-synapse (1.26.0-2) unstable; urgency=medium
* Make psycopg2 a dependency.
-- Andrej Shadura <andrewsh@debian.org> Thu, 04 Feb 2021 11:21:55 +0100
matrix-synapse (1.26.0-1) unstable; urgency=medium
* New upstream release.
* Recommend matrix-synapse-ldap3.
* Put txacme into Recommends, add jwt and authlib into Suggests.
-- Andrej Shadura <andrewsh@debian.org> Thu, 28 Jan 2021 13:05:02 +0100
matrix-synapse (1.25.0-2) unstable; urgency=medium
* Don’t compress README.
* Increase max_upload_size to 100M (Closes: #955974)
* Stop the debconf interface when done debconfing (Correctly closes:
#935654).
* Fixes for the systemd unit files:
- Add SELinux support to the systemd unit file (Closes: #977430).
- Fix up service files for workers to point to the right Python
location
- Add sandboxing options (Closes: #955254).
- Add Documentation option.
* Replace the generic perl hashbang in a script with the real one.
-- Andrej Shadura <andrewsh@debian.org> Wed, 27 Jan 2021 10:11:11 +0100
matrix-synapse (1.25.0-1) unstable; urgency=medium
* New upstream release.
* initscript: Add a service description.
-- Andrej Shadura <andrewsh@debian.org> Wed, 13 Jan 2021 14:01:17 +0100
matrix-synapse (1.24.0-2) unstable; urgency=medium
[ Lars Kruse ]
* Fix the initscript:
- Make sure the uploads directory exists.
- Force start-stop-daemon to create a pidfile (Closes: #935654)
- Remove the check for certifacte/key files (Closes: #960276).
-- Andrej Shadura <andrewsh@debian.org> Sun, 10 Jan 2021 21:50:32 +0100
matrix-synapse (1.24.0-1) unstable; urgency=high
* New upstream release.
* SECURITY UPDATE: GHSA-hxmp-pqch-c8mm / CVE-2020-26257:
- A malicious homeserver could send malformed events into
a room which would then break federation of that room.
* BREAKING CHANGE:
- Removal historical Synapse Admin API.
See /usr/share/doc/matrix-synapse/UPGRADE.rst.gz for more details.
-- Andrej Shadura <andrewsh@debian.org> Thu, 10 Dec 2020 11:20:19 +0100
matrix-synapse (1.23.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 19 Nov 2020 09:38:22 +0100
matrix-synapse (1.22.1-2) unstable; urgency=medium
* Provide a get-config-key script to finally unbreak the init script
(Closes: #939069, #945759).
* Add Pre-Depends and extend Depends with more substvars.
-- Andrej Shadura <andrewsh@debian.org> Sat, 31 Oct 2020 10:47:26 +0100
matrix-synapse (1.22.1-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Sat, 31 Oct 2020 10:04:42 +0100
matrix-synapse (1.21.2-1) unstable; urgency=high
* New upstream bugfix release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 15 Oct 2020 20:02:37 +0200
matrix-synapse (1.21.1-1) unstable; urgency=medium
* New upstream release.
* Bump canonicaljson dependency.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse.
* Use debhelper-compat 12 instead of debian/compat.
* Bump Standards-Version to 4.5.0.
* Update Vcs-Git.
-- Andrej Shadura <andrewsh@debian.org> Wed, 14 Oct 2020 14:59:25 +0200
matrix-synapse (1.20.1-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 25 Sep 2020 18:06:35 +0200
matrix-synapse (1.20.0-1) unstable; urgency=medium
* New upstream release.
* Bump python3-canonicaljson version.
-- Andrej Shadura <andrewsh@debian.org> Wed, 23 Sep 2020 10:03:06 +0200
matrix-synapse (1.19.3-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Sat, 19 Sep 2020 14:22:15 +0300
matrix-synapse (1.19.2-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 16 Sep 2020 17:44:26 +0300
matrix-synapse (1.19.1-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 27 Aug 2020 17:35:49 +0200
matrix-synapse (1.19.0-1) unstable; urgency=medium
[ Andrej Shadura ]
* New upstream release.
* Bump python3-canonicaljson dependency.
[ Aaron Raimist ]
* Fix outdated documentation for SYNAPSE_CACHE_FACTOR.
-- Andrej Shadura <andrewsh@debian.org> Wed, 19 Aug 2020 21:34:43 +0200
matrix-synapse (1.18.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 12 Aug 2020 09:05:45 +0200
matrix-synapse (1.17.0-1) unstable; urgency=medium
* New upstream release.
* Update the jQuery missing source and the copyrights.
-- Andrej Shadura <andrewsh@debian.org> Tue, 14 Jul 2020 17:41:36 +0200
matrix-synapse (1.16.0-1) unstable; urgency=medium
* New upstream release.
* Update dependencies.
-- Andrej Shadura <andrewsh@debian.org> Thu, 09 Jul 2020 08:40:47 +0200
matrix-synapse (1.15.2-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 02 Jul 2020 21:52:42 +0200
matrix-synapse (1.15.1-1) unstable; urgency=medium
* New upstream bugfix release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 16 Jun 2020 11:56:35 +0200
matrix-synapse (1.15.0-1) unstable; urgency=medium
* New upstream release.
* Refresh the default configuration.
-- Andrej Shadura <andrewsh@debian.org> Sun, 14 Jun 2020 20:32:44 +0200
matrix-synapse (1.13.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 25 May 2020 11:54:15 +0200
matrix-synapse (1.12.4-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 04 May 2020 10:31:40 +0200
matrix-synapse (1.12.3-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 07 Apr 2020 10:09:42 +0200
matrix-synapse (1.12.0-1) unstable; urgency=medium
* New upstream release.
* Pin Twisted to the version where the security issues have been fixed.
-- Andrej Shadura <andrewsh@debian.org> Tue, 24 Mar 2020 09:51:23 +0100
matrix-synapse (1.11.1-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 03 Mar 2020 18:22:46 +0100
matrix-synapse (1.11.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Sat, 22 Feb 2020 11:04:00 +0300
matrix-synapse (1.10.0-2) unstable; urgency=medium
* Depend on python3-signedjson (>= 1.1.0) (Closes: #951378).
-- Andrej Shadura <andrewsh@debian.org> Sat, 15 Feb 2020 18:20:49 +0100
matrix-synapse (1.10.0-1) unstable; urgency=medium
* New upstream release.
* Drop synapse.federation.transport.server log level downgrade
since the upstream has fixed log levels in the source code.
-- Andrej Shadura <andrewsh@debian.org> Fri, 14 Feb 2020 15:03:45 +0100
matrix-synapse (1.9.1-1) unstable; urgency=high
* New upstream bugfix release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 29 Jan 2020 14:47:02 +0100
matrix-synapse (1.9.0-1) unstable; urgency=medium
* New upstream release.
* The default logging config now comes with the logging level for Synapse
itself set to INFO, but some other modules and Twisted set to WARN.
This verbosity should be fine for normal uses, but when troubleshooting,
users may want to revert all WARNs to INFO or maybe even DEBUG.
The future releases will try to align the defaults to the upstream’s
one.
-- Andrej Shadura <andrewsh@debian.org> Thu, 23 Jan 2020 18:59:21 +0100
matrix-synapse (1.8.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 09 Jan 2020 17:19:59 +0100
matrix-synapse (1.7.3-1) unstable; urgency=high
* New upstream bugfix release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 01 Jan 2020 13:21:02 +0100
matrix-synapse (1.7.2-1) unstable; urgency=high
* New upstream release.
* This release fixes a regression introduced in 1.7.1.
-- Andrej Shadura <andrewsh@debian.org> Fri, 20 Dec 2019 13:23:26 +0100
matrix-synapse (1.7.1-1) unstable; urgency=high
* New upstream release.
* SECURITY UPDATE:
- Fix a bug which could cause room events to be incorrectly authorised
using events from a different room.
- Fix a bug causing responses to the /context client endpoint to not
use the pruned version of the event.
- Fix a cause of state resets in room versions 2 onwards.
* Add new options to the default homeserver.yaml.
-- Andrej Shadura <andrewsh@debian.org> Wed, 18 Dec 2019 16:56:31 +0100
matrix-synapse (1.7.0-2) unstable; urgency=medium
* Install CONTRIBUTING.md instead of .rst.
-- Andrej Shadura <andrewsh@debian.org> Fri, 13 Dec 2019 20:29:38 +0100
matrix-synapse (1.7.0-1) unstable; urgency=medium
* New upstream release.
* Update parts of the homeserver.yaml config file.
-- Andrej Shadura <andrewsh@debian.org> Fri, 13 Dec 2019 17:12:26 +0100
matrix-synapse (1.6.1-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 29 Nov 2019 14:43:09 +0100
matrix-synapse (1.6.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Tue, 26 Nov 2019 22:19:26 +0100
matrix-synapse (1.5.1-1) unstable; urgency=high
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Mon, 11 Nov 2019 15:27:34 +0100
matrix-synapse (1.5.0-1) unstable; urgency=medium
* New upstream release (Closes: #944355).
* SECURITY UPDATE (CVE-2019-18835):
- Matrix Synapse before 1.5.0 mishandles signature checking on some
federation APIs. Events sent over /send_join, /send_leave, and /invite
may not be correctly signed, or may not come from the expected
servers.
* Require python3-typing-extensions (>= 3.7.4).
* Use secure copyright file specification URI.
-- Andrej Shadura <andrewsh@debian.org> Fri, 08 Nov 2019 14:38:14 +0100
matrix-synapse (1.4.0-1) unstable; urgency=medium
* New upstream release.
* Bump Twisted requirement.
-- Andrej Shadura <andrewsh@debian.org> Fri, 04 Oct 2019 10:07:43 +0200
matrix-synapse (1.3.0-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 15 Aug 2019 17:31:05 +0200
matrix-synapse (1.2.1-2) unstable; urgency=medium
[ Axel Beckert ]
* Fix the installation process hanging (Closes: #920339).
-- Andrej Shadura <andrewsh@debian.org> Fri, 09 Aug 2019 14:14:57 +0200
matrix-synapse (1.2.1-1) unstable; urgency=high
* New upstream release.
* Drop an old patch.
* SECURITY UPDATE:
- Prevent an attack where a federated server could send redactions
for arbitrary events in v1 and v2 rooms.
- Prevent a denial-of-service attack where cycles of redaction events
would make Synapse spin infinitely.
- Prevent an attack where users could be joined or parted from public
rooms without their consent.
- Fix a vulnerability where a federated server could spoof read
receipts from users on other servers.
-- Andrej Shadura <andrewsh@debian.org> Fri, 26 Jul 2019 13:02:23 -0300
matrix-synapse (1.1.0-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Make most runtime dependencies mandatory.
-- Andrej Shadura <andrewsh@debian.org> Thu, 18 Jul 2019 20:33:52 -0300
matrix-synapse (1.0.0-2) unstable; urgency=medium
* Upload to unstable.
-- Andrej Shadura <andrewsh@debian.org> Wed, 26 Jun 2019 13:09:57 -0500
matrix-synapse (1.0.0-1) experimental; urgency=medium
* New upstream release.
* Bump dependencies.
* Use dh 11 and compat level 11.
* Refresh patches.
-- Andrej Shadura <andrewsh@debian.org> Fri, 21 Jun 2019 09:28:10 -0500
matrix-synapse (0.99.5.2-1) experimental; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Thu, 06 Jun 2019 15:30:26 +0200
matrix-synapse (0.99.5.1-1) experimental; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Wed, 22 May 2019 22:44:28 +0100
matrix-synapse (0.99.3.2-1) experimental; urgency=medium
* Upload to experimental.
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 03 May 2019 22:44:59 +0200
matrix-synapse (0.99.2-6) unstable; urgency=medium
* Add a NEWS entry on the room format upgrade in 0.99.5.1.
-- Andrej Shadura <andrewsh@debian.org> Thu, 06 Jun 2019 15:28:41 +0200
matrix-synapse (0.99.2-5) unstable; urgency=high
* Security updates backported from 0.99.3:
- Use SystemRandom for token generation
- Blacklist 0.0.0.0 and :: by default for URL previews
-- Andrej Shadura <andrewsh@debian.org> Fri, 03 May 2019 22:26:41 +0200
matrix-synapse (0.99.2-4) unstable; urgency=medium
[ Antoine Beaupré ]
* Fix log rotation to be less verbose (Closes: #927057).
-- Andrej Shadura <andrewsh@debian.org> Sat, 27 Apr 2019 20:03:23 +0200
matrix-synapse (0.99.2-3) unstable; urgency=medium
* Make the code querying the location of the key file actually work.
Closes: #923573.
* Verify the presence of TLS cert/key files.
* Make sure warnings are not shown when querying configuration settings.
-- Andrej Shadura <andrewsh@debian.org> Sun, 24 Mar 2019 14:02:48 +0100
matrix-synapse (0.99.2-2) unstable; urgency=medium
* Make sure the key file is owned by the user running synapse
(Closes: #923573).
* No longer enable webclient by default (Closes: #923574).
* Print a warning when the server name has not been set (Closes: #923586).
* Update NEWS with a note on .well-known vs SRV.
-- Andrej Shadura <andrewsh@debian.org> Sat, 16 Mar 2019 16:48:56 +0100
matrix-synapse (0.99.2-1) unstable; urgency=medium
* New upstream release.
* Depend on python3-all instead of python3-distutils.
* Correct the dependency on python3-distutils (Closes: #922838).
-- Andrej Shadura <andrewsh@debian.org> Fri, 01 Mar 2019 14:23:57 +0100
matrix-synapse (0.99.1.1-1) unstable; urgency=medium
* New upstream release.
* Ship docs, refresh NEWS.
-- Andrej Shadura <andrewsh@debian.org> Wed, 20 Feb 2019 11:24:24 +0100
matrix-synapse (0.99.0-1) unstable; urgency=medium
* New upstream release.
* Recommend python3-bleach and python3-jinja2.
* Suggest python3-txacme.
* Update the dependencies.
* Bump Standards-Version.
* Update NEWS.
-- Andrej Shadura <andrewsh@debian.org> Sat, 09 Feb 2019 15:34:08 +0100
matrix-synapse (0.34.1.1-4) unstable; urgency=high
* Depend on python3-distutils (Closes: #920274).
-- Andrej Shadura <andrewsh@debian.org> Wed, 23 Jan 2019 16:07:50 +0100
matrix-synapse (0.34.1.1-3) unstable; urgency=high
* Python 3 needs py3dist-overrides.
* Use Python 3 in the init script (Closes: #919709).
* Update the dependencies (Closes: #919707).
-- Andrej Shadura <andrewsh@debian.org> Sun, 20 Jan 2019 15:05:38 +0100
matrix-synapse (0.34.1.1-2) unstable; urgency=high
* Fix Python dependencies (Closes: #919450).
-- Andrej Shadura <andrewsh@debian.org> Wed, 16 Jan 2019 09:26:37 +0100
matrix-synapse (0.34.1.1-1) unstable; urgency=medium
* New upstream release:
- SECURITY UPDATE (CVE-2019-5885).
-- Andrej Shadura <andrewsh@debian.org> Thu, 10 Jan 2019 16:24:02 +0100
matrix-synapse (0.34.0-3) unstable; urgency=medium
* Add Breaks: matrix-synapse-ldap3 (<< 0.1.3-2~).
Closes: #917558.
-- Andrej Shadura <andrewsh@debian.org> Sat, 29 Dec 2018 11:59:09 +0100
matrix-synapse (0.34.0-2) unstable; urgency=medium
* Bump dependencies to please Synapse.
-- Andrej Shadura <andrewsh@debian.org> Sat, 22 Dec 2018 00:01:55 +0100
matrix-synapse (0.34.0-1) unstable; urgency=medium
* New upstream release.
* Remove unnecessary patch and the web_client setting.
-- Andrej Shadura <andrewsh@debian.org> Fri, 21 Dec 2018 13:35:42 +0100
matrix-synapse (0.34.0~rc2-1) unstable; urgency=medium
* New upstream version 0.34.0~rc2.
* Use Python 3 (Closes: #897222).
* debian/watch: Require a dot in the version.
* Refresh patches.
* Don’t use dh-systemd package, depend on a newer debhelper instead.
-- Andrej Shadura <andrewsh@debian.org> Tue, 18 Dec 2018 17:09:27 +0100
matrix-synapse (0.33.9-2) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 23 Nov 2018 18:39:57 +0100
matrix-synapse (0.33.8-1) unstable; urgency=medium
* New upstream release.
* Refresh patches, update dependencies.
* Normalise whitespace.
* Wrap and sort debian/control.
-- Andrej Shadura <andrewsh@debian.org> Fri, 02 Nov 2018 12:32:34 +0100
matrix-synapse (0.33.4-1) unstable; urgency=medium
[ Richard van der Hoff ]
* Don’t tell users to install packages with pip instead of apt.
[ Andrej Shadura ]
* New upstream version.
* Update the configuration template with new keys.
-- Andrej Shadura <andrewsh@debian.org> Wed, 12 Sep 2018 15:12:22 +0200
matrix-synapse (0.33.3.1-1) unstable; urgency=high
* New upstream version.
- SECURITY UPDATE (CVE-2018-16515):
Check that signatures on events are valid
Fix origin handling for pushed transactions
- Closes: #908044.
-- Andrej Shadura <andrewsh@debian.org> Thu, 06 Sep 2018 12:00:03 +0200
matrix-synapse (0.33.3-2) unstable; urgency=medium
[ Richard van der Hoff ]
* We now require python-twisted 17.1.0 or later.
* Add recommendations for python-psycopg2 and python-lxml.
-- Andrej Shadura <andrewsh@debian.org> Wed, 05 Sep 2018 17:57:16 +0200
matrix-synapse (0.33.3-1) unstable; urgency=medium
* New upstream version.
-- Andrej Shadura <andrewsh@debian.org> Wed, 22 Aug 2018 16:27:24 +0200
matrix-synapse (0.33.2+dfsg-3) unstable; urgency=medium
* Remove Recommends for HTTP/2 packages, they break some functionality.
-- Andrej Shadura <andrewsh@debian.org> Tue, 14 Aug 2018 07:48:14 +0200
matrix-synapse (0.33.2+dfsg-2) unstable; urgency=medium
* Recommend python-priority and python-h2 for HTTP/2 support.
-- Andrej Shadura <andrewsh@debian.org> Mon, 13 Aug 2018 15:19:45 +0200
matrix-synapse (0.33.2+dfsg-1) unstable; urgency=medium
* New upstream version.
* Depend on python-netaddr.
-- Andrej Shadura <andrewsh@debian.org> Thu, 09 Aug 2018 16:42:11 +0200
matrix-synapse (0.33.1+dfsg-1) unstable; urgency=high
* New upstream version.
* Security fixes:
- Fix a potential issue where servers could request events for rooms
they have not joined. See https://github.com/matrix-org/synapse/issues/3641
- Fix a potential issue where users could see events in private rooms
before they joined. See https://github.com/matrix-org/synapse/issues/3642
-- Andrej Shadura <andrewsh@debian.org> Thu, 02 Aug 2018 17:10:50 +0200
matrix-synapse (0.33.0+dfsg-1) unstable; urgency=medium
* New upstream version.
* Update debian/watch.
* Refresh patches.
-- Andrej Shadura <andrewsh@debian.org> Fri, 20 Jul 2018 20:01:00 +0200
matrix-synapse (0.32.2+dfsg-1) unstable; urgency=high
* New upstream release.
* Add dependency on python-sortedcontainers.
-- Andrej Shadura <andrewsh@debian.org> Sun, 08 Jul 2018 19:44:33 +0200
matrix-synapse (0.31.2+dfsg-1) unstable; urgency=high
* New upstream release:
- SECURITY UPDATE:
Prevent unauthorised users from setting state events in a room
when there is no m.room.power_levels event in force in the room.
(Closes: #901549)
-- Andrej Shadura <andrewsh@debian.org> Thu, 14 Jun 2018 18:53:36 +0200
matrix-synapse (0.31.1+dfsg-2) unstable; urgency=high
* Bump dependencies of the binary packages to allow smooth upgrades.
-- Andrej Shadura <andrewsh@debian.org> Mon, 11 Jun 2018 08:46:06 +0200
matrix-synapse (0.31.1+dfsg-1) unstable; urgency=high
* New upstream release:
- SECURITY UPDATE:
This release fixes a security bug in the get_missing_events federation
API where event visibility rules were not applied correctly.
We are not aware of it being actively exploited but please upgrade ASAP.
-- Andrej Shadura <andrewsh@debian.org> Sun, 10 Jun 2018 22:45:05 +0200
matrix-synapse (0.31.0+dfsg-2) unstable; urgency=medium
* Remove no longer relevant patches.
* Add French debconf translation (Closes: #861924)
by Jean-Pierre Giraud.
* Add Dutch translation of debconf messages (Closes: #862208)
by Frans Spiesschaert.
* Add Brazilian Portuguese debconf templates translation (Closes: #891166)
by Adriano Rafael Gomes.
* Add Russian translation of debconf template (Closes: #883207)
by Lev Lamberov.
* Update the copyrights.
* Refresh copyrights in the PO template and POs.
-- Andrej Shadura <andrewsh@debian.org> Thu, 07 Jun 2018 09:10:23 +0200
matrix-synapse (0.31.0+dfsg-1) unstable; urgency=medium
[ Richard van der Hoff ]
* Refresh 0004-webclient-instructions.patch
* Drop dependency on ujson, add dependencies on attr and
prometheus-client.
[ Andrej Shadura ]
* New upstream release.
* Add the missing six dependency.
-- Andrej Shadura <andrewsh@debian.org> Wed, 06 Jun 2018 20:42:37 +0200
matrix-synapse (0.30.0+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Andrej Shadura <andrewsh@debian.org> Fri, 25 May 2018 09:46:38 +0200
matrix-synapse (0.29.1+dfsg-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
* Update Vcs-*.
-- Andrej Shadura <andrewsh@debian.org> Fri, 18 May 2018 17:31:24 +0200
matrix-synapse (0.28.1+dfsg-1) unstable; urgency=high
* New upstream release:
- SECURITY UPDATE:
Clamp the allowed values of event depth received over federation to
be [0, 2**63 - 1]. This mitigates an attack where malicious events
injected with depth = 2**63 - 1 render rooms unusable.
* Prevent installing with python-pymacaroons-nacl or python-nacl (<< 1.1.0).
-- Andrej Shadura <andrewsh@debian.org> Wed, 02 May 2018 12:02:15 +0200
matrix-synapse (0.28.0+dfsg-2) unstable; urgency=medium
* Prefer python-nacl (>= 1.1.0) and python-pymacaroons.
-- Andrej Shadura <andrewsh@debian.org> Tue, 01 May 2018 14:15:54 +0200
matrix-synapse (0.28.0+dfsg-1) unstable; urgency=medium
* New upstream version.
* Refresh patches.
* Enable systemd journal logging by default.
-- Andrej Shadura <andrewsh@debian.org> Mon, 30 Apr 2018 14:12:04 +0200
matrix-synapse (0.27.2+dfsg-1) unstable; urgency=medium
[ Andrej Shadura ]
* New upstream version.
* Add python-phonenumbers dependency.
* Drop a patch to not depend on python-phonenumbers.
* Refresh patches.
* Make the package team-maintained.
[ Richard van der Hoff ]
* Remove level for file log handler from the default log.yaml.
-- Andrej Shadura <andrewsh@debian.org> Tue, 27 Mar 2018 17:39:49 +0200
matrix-synapse (0.24.0+dfsg-1) unstable; urgency=medium
* New upstream version.
* Remove an extra oversionmangle from debian/watch.
* Drop a patch applied upstream.
* Update debian/copyright.
* Add a patch to temporarily avoid phonenumbers dependency.
-- Andrew Shadura <andrewsh@debian.org> Tue, 24 Oct 2017 15:25:33 +0100
matrix-synapse (0.19.2+dfsg-6) unstable; urgency=medium
[ Simó Albert i Beltran ]
* Use set -e instead of passes -e to hte shell on the #! at debian/postinst
[ Rui Branco ]
* Add Portuguese translation for debconf messages.
[ Andrew Shadura ]
* Temporarily add an optional dependency on python-pymacaroons-pynacl
for python-nacl << 1.1.0.
-- Andrew Shadura <andrewsh@debian.org> Mon, 27 Mar 2017 11:52:05 +0200
matrix-synapse (0.19.2+dfsg-5) unstable; urgency=medium
[ Simó Albert i Beltran ]
* When purging remove configuration files created by debian/postinst
(Closes: #857428)
[ Helge Kreutzmann ]
* Add initial German debconf translation. (Closes: #857526)
[ Rahul De ]
* Fail silently if server name is not configured (Closes: #857619)
-- Andrew Shadura <andrewsh@debian.org> Sat, 18 Mar 2017 11:14:06 +0100
matrix-synapse (0.19.2+dfsg-4) unstable; urgency=medium
* Add bcrypt and pymacaroons to pydist-overrides so that the runtime
dependencies are picked up automatically.
-- Andrew Shadura <andrewsh@debian.org> Fri, 10 Mar 2017 12:04:52 +0100
matrix-synapse (0.19.2+dfsg-3) unstable; urgency=medium
* Add missing copyrights for jwt.py and saml2.py
(Thanks to Andreas Henriksson).
-- Andrew Shadura <andrewsh@debian.org> Mon, 06 Mar 2017 20:53:50 +0100
matrix-synapse (0.19.2+dfsg-2) unstable; urgency=medium
* Move to Section: net.
* Add Vcs-*.
* Add Homepage.
* Use oversionmangle and dversionmangle in debian/watch.
* Move Apache-2.0 license text into a separate paragraph.
-- Andrew Shadura <andrewsh@debian.org> Tue, 21 Feb 2017 18:32:09 +0100
matrix-synapse (0.19.2+dfsg-1) unstable; urgency=medium
* Don't install upstream's minified jquery, depend on libjs-jquery.
* Include the source code for jquery-2.1.3.min.js
* Don't load reCAPTCHA.
* Update debian/copyright.
* Set repacksuffix, remove debian uupdate.
* Actually add lsb-base as a dependency.
-- Andrew Shadura <andrewsh@debian.org> Tue, 21 Feb 2017 18:01:45 +0100
matrix-synapse (0.19.2-1) unstable; urgency=medium
[ Sunil Mohan Adapa ]
* Bump standards version to 3.9.8.
* Don't ignore errors in debian/config.
* Internationalise strings in the template file.
* Add lsb-base as a dependency.
* Update debconf questions.
* Add manpages for all binaries.
[ Andrew Shadura ]
* New upstream version.
* Update debian/copyright file.
-- Andrew Shadura <andrewsh@debian.org> Tue, 21 Feb 2017 16:14:52 +0100
matrix-synapse (0.19.1-1) unstable; urgency=medium
[ Erik Johnston ]
* Initial packaging for the upstream version 0.19.1.
[ Andrew Shadura ]
* First upload to Debian (Closes: #830601).
-- Andrew Shadura <andrewsh@debian.org> Tue, 21 Feb 2017 15:39:04 +0100
|
