0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-15 10:03:54 +01:00

Add links to the fixes.

This commit is contained in:
Patrick Cloke 2020-07-02 10:45:22 -04:00
parent 1d61a24f42
commit 5ae0a4cf76

View file

@ -10,10 +10,10 @@ Security advisory
* A malicious homeserver could force Synapse to reset the state in a room to a * A malicious homeserver could force Synapse to reset the state in a room to a
small subset of the correct state. This affects all Synapse deployments which small subset of the correct state. This affects all Synapse deployments which
federate with untrusted servers. federate with untrusted servers. ([96e9afe6](https://github.com/matrix-org/synapse/commit/96e9afe62500310977dc3cbc99a8d16d3d2fa15c))
* HTML pages served via Synapse were vulnerable to clickjacking attacks. This * HTML pages served via Synapse were vulnerable to clickjacking attacks. This
predominantly affects homeservers with single-sign-on enabled, but all server predominantly affects homeservers with single-sign-on enabled, but all server
administrators are encouraged to upgrade. administrators are encouraged to upgrade. ([ea26e9a9](https://github.com/matrix-org/synapse/commit/ea26e9a98b0541fc886a1cb826a38352b7599dbe))
This was reported by [Quentin Gliech](https://sandhose.fr/). This was reported by [Quentin Gliech](https://sandhose.fr/).