[Pkg-matrix-maintainers] matrix-synapse_1.51.0-1~bpo10+2_source.changes ACCEPTED into buster-backports->backports-policy

Debian FTP Masters ftpmaster at ftp-master.debian.org
Wed Feb 9 12:38:58 GMT 2022



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 09 Feb 2022 13:19:14 +0100
Source: matrix-synapse
Architecture: source
Version: 1.51.0-1~bpo10+2
Distribution: buster-backports
Urgency: high
Maintainer: Matrix Packaging Team <pkg-matrix-maintainers at lists.alioth.debian.org>
Changed-By: Andrej Shadura <andrewsh at debian.org>
Closes: 919347 927837 927838
Changes:
 matrix-synapse (1.51.0-1~bpo10+2) buster-backports; urgency=medium
 .
   * Add an explicit python3-matrix-common dependency.
   * Add a NEWS item on deprecation of Synapse in buster-backports-sloppy.
 .
 matrix-synapse (1.51.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.51.0-1) unstable; urgency=high
 .
   * New upstream release.
   * Sort entries in debian/copyright.
 .
 matrix-synapse (1.50.2-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.50.1-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.50.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Depend on python3-matrix-common.
 .
 matrix-synapse (1.49.2-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.49.0-1~bpo10+4) buster-backports-sloppy; urgency=medium
 .
   * Fix an endless loop with "Invalid prev_events for <event_id>".
 .
 matrix-synapse (1.49.0-1~bpo10+2) buster-backports-sloppy; urgency=medium
 .
   * Fix a regression by cherry-picking an upstream fix from 1.49.2.
 .
 matrix-synapse (1.49.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.49.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump ijson dependency.
 .
 matrix-synapse (1.48.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.48.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Update copyrights.
 .
 matrix-synapse (1.47.1-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.47.1-1) unstable; urgency=high
 .
   * New upstream security release.
   * CVE-2021-41281: Path traversal when downloading remote media:
     Synapse instances with the media repository enabled can be tricked
     into downloading a file from a remote server into an arbitrary
     directory, potentially outside the media store directory.
     Homeservers with the media repository disabled or configured with a
     federation whitelist are unaffected.
     (GHSA-3hfw-x7gx-437c)
 .
 matrix-synapse (1.47.0-2~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
   * Fix security vulnerability in the media repository
     (CVE-2021-41281).
 .
 matrix-synapse (1.47.0-2) unstable; urgency=medium
 .
   * Require a Python 3.10-compatible version of frozendict.
 .
 matrix-synapse (1.47.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.46.0-1~bpo10+2) buster-backports-sloppy; urgency=high
 .
   * Fix security vulnerability in the media repository
     (CVE-2021-41281).
 .
 matrix-synapse (1.46.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.46.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.45.1-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.45.1-1) unstable; urgency=high
 .
   * New upstream release.
 .
 matrix-synapse (1.45.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.44.0-2) unstable; urgency=medium
 .
   * Drop unused dependency on blist.
 .
 matrix-synapse (1.44.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
   * Drop unused dependency on blist.
 .
 matrix-synapse (1.44.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.43.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.43.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.42.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.42.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Update jsonschema dependency to 3.0.0.
 .
 matrix-synapse (1.41.1-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.41.1-1) unstable; urgency=high
 .
   * New upstream release.
   * SECURITY UPDATE:
     - Unauthorised users could enumerate a private room's list of
       members and their display names (CVE-2021-39164, GHSA-3x4c-pq33-4w3q).
     - Unauthorised users could disclose a private room's name, avatar,
       topic, and number of members (CVE-2021-39163, GHSA-jj53-8fmw-f2w2).
 .
 matrix-synapse (1.40.0-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
 .
 matrix-synapse (1.40.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.39.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.38.1-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.38.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Install renamed documents under the old names.
 .
 matrix-synapse (1.37.1-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.37.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Update the dependencies.
 .
 matrix-synapse (1.36.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.35.1-1) unstable; urgency=medium
 .
   * New upstream release.
   * d/watch: Skip pre-releases.
 .
 matrix-synapse (1.35.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Depend on python3-ijson (>= 3.0).
 .
 matrix-synapse (1.34.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Recommend pympler required for caches.track_memory_usage setting.
 .
 matrix-synapse (1.33.2-1) unstable; urgency=high
 .
   * New upstream release.
   * Explicitly depend on python3-cryptography.
   * Refresh patch.
   * SECURITY UPDATE (CVE-2021-29471, GHSA-x345-32rc-8h85):
     - Denial of service attack via push rule patterns:
       "Push rules" can specify conditions under which they will match,
       including event_match, which matches event content against a
       pattern including wildcards. Certain patterns can cause very poor
       performance in the matching engine, leading to a denial-of-service
       when processing moderate-length events.
 .
 matrix-synapse (1.31.0-2) unstable; urgency=medium
 .
   * Stop using a deprecated dpkg-statoverride option (Closes: #927837).
   * Remove dpkg-statoverride on purge (Closes: #927838).
   * Properly escape variables in scripts.
   * Only log warnings and above to the journal (Closes: #919347).
 .
 matrix-synapse (1.31.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Revert upstream bump of python3-cryptography.
 .
 matrix-synapse (1.30.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Update the watch URL.
 .
 matrix-synapse (1.29.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 matrix-synapse (1.28.0-1) unstable; urgency=medium
 .
   * New upstream release.
Checksums-Sha1:
 756ff1411dd6b70a19d8add3e88eee434ff1a63c 2503 matrix-synapse_1.51.0-1~bpo10+2.dsc
 f96e102d129d2d273630bfe7f88bc84cd4a13e11 109432 matrix-synapse_1.51.0-1~bpo10+2.debian.tar.xz
Checksums-Sha256:
 8cf8e5f11bd193113c33d81d15bba7bfadd1c2ad3a8df2a49203e287d7d5e92b 2503 matrix-synapse_1.51.0-1~bpo10+2.dsc
 5252dc6b89b44cba90e7e576c61987be7fc0a99a776b7a0f74dbaaaed395cfee 109432 matrix-synapse_1.51.0-1~bpo10+2.debian.tar.xz
Files:
 5d244c5a3f6c26bf68acb954887cb169 2503 net optional matrix-synapse_1.51.0-1~bpo10+2.dsc
 4f310735f0a677ba94eb69d580508789 109432 net optional matrix-synapse_1.51.0-1~bpo10+2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCYgOxZQAKCRDoRGtKyMdy
YUhqAQCrTgbghhwnOK6HQjj//sXDINifE3LnXoxNQ9c0//chPQEAmtnGNlAtGY+R
HPUink9MOuwNbK2B5GGAA5Q6vU9AeA4=
=KyeX
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-matrix-maintainers mailing list