Bug 249373

Summary: net-im/py-matrix-synapse: Update to 1.19.2 (security)
Product: Ports & Packages Reporter: Denis Kasak <dkasak>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed DUPLICATE    
Severity: Affects Many People CC: dkasak, ports
Priority: --- Keywords: security
Version: LatestFlags: bugzilla: maintainer-feedback? (ports)
Hardware: Any   
OS: Any   
URL: https://github.com/matrix-org/synapse/issues/8319

Description Denis Kasak 2020-09-16 14:02:17 UTC
The Matrix team has just released synapse 1.19.2 [1], an emergency security release. Upgrading is encouraged as soon as possible.

The release fixes an issue[2] where a broken or malicious homeserver can make a room unjoinable by sending malformed events into the room.

[1]: https://github.com/matrix-org/synapse/releases/tag/v1.19.2
[2]: https://github.com/matrix-org/synapse/issues/8319
Comment 1 Sascha Biberhofer 2020-09-16 14:20:20 UTC
(In reply to Denis Kasak from comment #0)
I've already submitted an updated port at [1]. Seems like you were a bit faster in submitting this bug than I was at submitting the patch. :D

[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249375
Comment 2 Denis Kasak 2020-09-16 14:26:00 UTC
Ah, good to know, I was in the process of writing a patch too. :D Thanks!

I'll close this bug as a duplicate of yours then.

*** This bug has been marked as a duplicate of bug 249375 ***