Bug 249373 - net-im/py-matrix-synapse: Update to 1.19.2 (security)
Summary: net-im/py-matrix-synapse: Update to 1.19.2 (security)
Status: Closed DUPLICATE of bug 249375
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-ports-bugs (Nobody)
URL: https://github.com/matrix-org/synapse...
Keywords: security
Depends on:
Blocks:
 
Reported: 2020-09-16 14:02 UTC by Denis Kasak
Modified: 2020-09-16 14:26 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (ports)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Denis Kasak 2020-09-16 14:02:17 UTC
The Matrix team has just released synapse 1.19.2 [1], an emergency security release. Upgrading is encouraged as soon as possible.

The release fixes an issue[2] where a broken or malicious homeserver can make a room unjoinable by sending malformed events into the room.

[1]: https://github.com/matrix-org/synapse/releases/tag/v1.19.2
[2]: https://github.com/matrix-org/synapse/issues/8319
Comment 1 Sascha Biberhofer 2020-09-16 14:20:20 UTC
(In reply to Denis Kasak from comment #0)
I've already submitted an updated port at [1]. Seems like you were a bit faster in submitting this bug than I was at submitting the patch. :D

[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249375
Comment 2 Denis Kasak 2020-09-16 14:26:00 UTC
Ah, good to know, I was in the process of writing a patch too. :D Thanks!

I'll close this bug as a duplicate of yours then.

*** This bug has been marked as a duplicate of bug 249375 ***