0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-14 19:33:52 +01:00
Commit graph

757 commits

Author SHA1 Message Date
Olivier Wilkinson (reivilibre)
82e62b488a 1.47.0rc2 2021-11-10 09:44:38 +00:00
Olivier Wilkinson (reivilibre)
a754510f28 Changelog tweaks from review 2021-11-09 13:22:36 +00:00
Olivier Wilkinson (reivilibre)
b67a7c62a2 Make Deprecations and Removals more prominent 2021-11-09 12:32:05 +00:00
Olivier Wilkinson (reivilibre)
1a4f10045f Changelog tweaks 2021-11-09 12:30:15 +00:00
Olivier Wilkinson (reivilibre)
01f61da77f 1.47.0rc1 2021-11-09 12:17:35 +00:00
Erik Johnston
2d44ee6868 Update changelog 2021-11-02 13:25:42 +00:00
Erik Johnston
df84ad602b 1.46.0 2021-11-02 13:23:01 +00:00
Erik Johnston
e0ef8fe58d Update release date 2021-10-27 14:44:45 +01:00
Erik Johnston
b615fc35d6 Update changelog with new changes 2021-10-27 13:22:48 +01:00
Sean Quah
2dbef6c10a Update CHANGES.md 2021-10-26 17:54:25 +01:00
Sean Quah
60ad9460c4
Move #10975 to bugfix section in changelog 2021-10-26 14:26:36 +01:00
Sean Quah
400f391f71
Update CHANGES.md 2021-10-26 14:21:09 +01:00
Sean Quah
34b0222c2b
Update CHANGES.md 2021-10-26 14:08:52 +01:00
Sean Quah
cc75a6b1b2 1.46.0rc1 2021-10-26 14:04:51 +01:00
Sean Quah
9b016a0fb4 Remove link to #10947 from changelog 2021-10-20 12:04:20 +01:00
Sean Quah
522489fbcd 1.45.1 2021-10-20 12:00:03 +01:00
David Robertson
95813ff43c
Be less inconsistent about v1.2.3 versus 1.2.3 2021-10-19 11:30:16 +01:00
David Robertson
a21f8c4b41
Duplicate known issues under 1.45 release 2021-10-19 11:21:21 +01:00
David Robertson
8b1185347a
1.45.0 2021-10-19 11:19:55 +01:00
Dan Callahan
191396f4ba
Reword changelog regarding a suspected regression (#11117)
Signed-off-by: Dan Callahan <danc@element.io>
2021-10-19 11:16:52 +01:00
David Robertson
b1c1a34f46
it appeared in 1.44, not 45rc1 2021-10-14 11:20:02 +01:00
David Robertson
4d761d24ba
mentioned -> which appeared 2021-10-14 11:18:40 +01:00
David Robertson
87c3a6dcc0
Refer to the bugs mentioned in 1.45.0rc1 note 2021-10-14 11:03:35 +01:00
David Robertson
99a4e5222d
1.45.0rc2 2021-10-14 10:59:27 +01:00
Brendan Abolivier
a5871f53ed
Fixup changelog 2021-10-12 11:43:13 +01:00
Brendan Abolivier
8afa48f7f6
Typo 2021-10-12 11:38:33 +01:00
Brendan Abolivier
f6b62bdc4d
Add a link to the upgrade notes 2021-10-12 11:36:27 +01:00
Brendan Abolivier
b01e953291
Add warning about known issues 2021-10-12 10:58:26 +01:00
Brendan Abolivier
60af28c5dd
Fixup changelog 2021-10-12 10:55:39 +01:00
Brendan Abolivier
8c5255b664 1.45.0rc1 2021-10-12 10:47:15 +01:00
Brendan Abolivier
b2c5e79291 1.44.0 2021-10-05 13:45:24 +01:00
Brendan Abolivier
2d2c6a41fe 1.44.0rc3 2021-10-04 14:57:40 +01:00
Olivier Wilkinson (reivilibre)
3412f5c8d8 1.44.0rc2 2021-09-30 12:40:24 +01:00
Olivier Wilkinson (reivilibre)
13032b6603 Bump the date because the release ran over 2021-09-29 11:13:03 +01:00
Olivier Wilkinson (reivilibre)
1b9ce5e8a6 Indicate when bugs were introduced and tidy up 2021-09-29 11:09:00 +01:00
Olivier Wilkinson (reivilibre)
67815cc3db Tweak changelog 2021-09-29 11:00:56 +01:00
Erik Johnston
2b9d174791 Fixup changelog 2021-09-28 13:50:05 +01:00
Erik Johnston
bc69d49362 Fixup changelog 2021-09-28 13:48:42 +01:00
Erik Johnston
3c50192d3f 1.44.0rc1 2021-09-28 13:42:21 +01:00
David Robertson
9ffa787eb2
Fix typo again 2021-09-21 12:24:47 +01:00
David Robertson
9b5782d51d
Specify MSC name; fix typo
one day I'll learn how to spell hierarchy
2021-09-21 12:10:50 +01:00
David Robertson
c17e698e1b
Point to upgrade notes 2021-09-21 12:01:54 +01:00
David Robertson
6c92ba3eac
Move deprecation notice from 1.43 rc to release 2021-09-21 11:52:37 +01:00
David Robertson
c4ef61136f 1.43.0 2021-09-21 11:49:15 +01:00
David Robertson
4ed4ab0e93 Add hyperlink to #9424 in changelog 2021-09-17 10:48:07 +01:00
David Robertson
daac1e645c 1.43.0rc2 2021-09-17 10:43:51 +01:00
Andrew Morgan
474edce1c4 update changelog wording 2021-09-14 12:04:28 +01:00
Andrew Morgan
5acc2f1f6f changelog improvements 2021-09-14 11:55:02 +01:00
Andrew Morgan
814b4be08e update changelog wording 2021-09-14 11:52:19 +01:00
Andrew Morgan
8fdcf45be0 update wording 2021-09-14 11:48:34 +01:00
Andrew Morgan
d725e0956f 1.43.0rc1 2021-09-14 11:47:11 +01:00
Azrenbeth
e7b78dcc4a Add "No significant changes" to changelog 2021-09-07 16:39:36 +01:00
Azrenbeth
82a56fdff1 Move upgrade notice up in changelog 2021-09-07 16:24:44 +01:00
Azrenbeth
6631321687 1.42.0 2021-09-07 16:20:03 +01:00
Brendan Abolivier
ff039df70d
Improve changelog wording 2021-09-06 16:05:05 +01:00
Brendan Abolivier
ca3cb1e039
Expand on why users should read upgrade notes 2021-09-06 15:58:33 +01:00
Brendan Abolivier
20d773906c
Move the upgrade notes reminder up to rc2 2021-09-06 15:26:12 +01:00
Brendan Abolivier
e9958d908d 1.42.0rc2 2021-09-06 15:25:23 +01:00
Olivier Wilkinson (reivilibre)
c6e103c1a6 Make minor changes to changelog 2021-09-01 13:49:16 +01:00
Olivier Wilkinson (reivilibre)
940d4d3ac1 Improve changelog
Expand OIDC to OpenID Connect.
2021-09-01 12:07:33 +01:00
Olivier Wilkinson (reivilibre)
70bef88731 Improve changelog 2021-09-01 12:04:08 +01:00
Olivier Wilkinson (reivilibre)
6b2aca473a 1.42.0rc1 2021-09-01 11:47:24 +01:00
Richard van der Hoff
5d9e7e0c71 Merge branch 'master' into develop 2021-08-31 14:09:48 +01:00
Richard van der Hoff
a4c8a2f08b 1.41.1 2021-08-31 13:43:28 +01:00
Azrenbeth
ad17fbd20e
Remove pushers when deleting 3pid from account (#10581)
When a user deletes an email from their account it will
now also remove all pushers for that email and that user
(even if these pushers were created by a different client)
2021-08-26 13:53:57 +01:00
Erik Johnston
f03cafb50c Update changelog 2021-08-24 16:06:33 +01:00
Erik Johnston
6f77a3d433 1.41.0 2021-08-24 15:31:55 +01:00
John-Scott Atlakson
ce6819a701
Fix typo in release notes (#10646)
Ubuntu 20.10 was not an LTS release

Signed-off-by: John-Scott Atlakson 24574+jsma@users.noreply.github.com
2021-08-19 11:16:00 +01:00
Erik Johnston
e328d8ffd9 Update changelog 2021-08-18 15:56:32 +01:00
Erik Johnston
49cb7eae97 1.41.0rc1 2021-08-18 15:52:11 +01:00
Brendan Abolivier
9f7c038272 1.40.0 2021-08-10 13:50:58 +01:00
Brendan Abolivier
ad35b7739e 1.40.0rc3 2021-08-09 13:41:29 +01:00
Brendan Abolivier
05111f8f26
Fixup changelog 2021-08-04 17:16:08 +01:00
Brendan Abolivier
cc1cb0ab54
Fixup changelog 2021-08-04 17:14:55 +01:00
Brendan Abolivier
167335bd3d
Fixup changelog 2021-08-04 17:11:23 +01:00
Brendan Abolivier
02c2f631ae 1.40.0rc2 2021-08-04 17:09:27 +01:00
Erik Johnston
42225aa421 Fixup changelog 2021-08-03 12:12:50 +01:00
Erik Johnston
da6cd82106 Fixup changelog 2021-08-03 12:11:26 +01:00
Erik Johnston
c80ec5d153 Fixup changelog 2021-08-03 11:48:48 +01:00
Erik Johnston
c8566191fc 1.40.0rc1 2021-08-03 11:32:10 +01:00
Erik Johnston
6449955920 Fixup changelog 2021-07-29 10:06:00 +01:00
Erik Johnston
5522a103a9 1.39.0 2021-07-29 09:59:07 +01:00
Erik Johnston
2254e6790f Fixup changelog 2021-07-28 13:34:44 +01:00
Erik Johnston
5146e19880 1.39.0rc3 2021-07-28 13:31:18 +01:00
Erik Johnston
6e2275649c Synapse 1.38.1 (2021-07-22)
===========================
 
 Bugfixes
 --------
 
 - Always include `device_one_time_keys_count` key in `/sync` response to work around a bug in Element Android that broke encryption for new devices. ([\#10457](https://github.com/matrix-org/synapse/issues/10457))
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmD5g1QQHGVyaWtAbWF0
 cml4Lm9yZwAKCRClQuTtGw+sCZ9CB/9ha7LLrLRyU8hfxOi9uXDvnogFTTpkdxs9
 iqIlB9bzy7u7B2Cl/y9eEK1uRBEDYuwH43515wVoPrfixECt3JROkv8D0T7nzcia
 m3oiiA4XW1wWV1YmK89nbSQpb8X8DdnaXWJlkqZZYKEKlLlNCZDu+rWLXSLhIHNJ
 ERsc8SmlxCDzF1fuzbPrwTc8MD8WVJU6spuYVHJ2p7NsW9Zqjybs0ZORXq06Ih5I
 eeZ67Tc6BiDubV+DvRK451t84DazHG6AXyz2As4kSvzkca6GmN8KwcMrFXderhDj
 F5mHGAMDUjB/mUCHveB2WdL5OjyvUlTY5FrFwfMu1wrNmp2/93Tg
 =MTCR
 -----END PGP SIGNATURE-----

Merge tag 'v1.38.1' into release-v1.39

Synapse 1.38.1 (2021-07-22)
===========================

Bugfixes
--------

- Always include `device_one_time_keys_count` key in `/sync` response to work around a bug in Element Android that broke encryption for new devices. ([\#10457](https://github.com/matrix-org/synapse/issues/10457))
2021-07-23 09:07:42 +01:00
Erik Johnston
f76f8c1567 1.39.0rc2 2021-07-22 15:43:26 +01:00
Erik Johnston
283bb5c94e 1.38.1 2021-07-22 15:37:10 +01:00
Andrew Morgan
f2501f1972 Incorporate changelog of #10433 2021-07-20 14:27:46 +01:00
Andrew Morgan
96e63ec7bf Combine some changelog lines in the documentation section 2021-07-20 13:36:05 +01:00
Andrew Morgan
541e58e7d6 Update account validity feature line in changelog 2021-07-20 13:29:59 +01:00
Andrew Morgan
c5205e449f fix typo in changelog 2021-07-20 12:35:15 +01:00
Andrew Morgan
d30a657439 changelog word fixes 2021-07-20 12:32:36 +01:00
Andrew Morgan
12623cf38c 1.39.0rc1 2021-07-20 12:31:51 +01:00
Richard van der Hoff
519ec8271f Move upgrade blurb 2021-07-13 13:25:46 +01:00
Richard van der Hoff
f7309622e0
Update CHANGES.md 2021-07-13 13:23:07 +01:00
Richard van der Hoff
c647c2a9ac 1.38.0 2021-07-13 13:19:06 +01:00
Richard van der Hoff
f7bfa694ae 1.38.0rc3 2021-07-13 11:57:55 +01:00
Erik Johnston
42389555c4 Fixup changelog 2021-07-09 11:07:13 +01:00
Erik Johnston
5aba3ff033 Fixup changelog 2021-07-09 11:00:20 +01:00
Erik Johnston
717a07b73f 1.38.0rc2 2021-07-09 10:59:28 +01:00
Dirk Klimpel
974261cd81
Fix broken links in INSTALL.md (#10331)
Signed-off-by: Dirk Klimpel dirk@klimpel.org
2021-07-08 15:46:13 +01:00
Brendan Abolivier
7cb5168087
Fix broken link 2021-07-07 11:32:20 +01:00
Brendan Abolivier
24796f80ba
Merge latest fix into the changelog 2021-07-07 11:21:58 +01:00
Brendan Abolivier
994722410a
Small changelog tweaks 2021-07-06 14:08:12 +01:00
Brendan Abolivier
37da9db082 1.38.0rc1 2021-07-06 13:54:23 +01:00
Richard van der Hoff
d7a94a7dcc
Add upgrade notes about disk space for events migration (#10314) 2021-07-06 11:00:05 +01:00
Erik Johnston
e6f5b9359f Merge branch 'master' into develop 2021-06-30 14:57:33 +01:00
Erik Johnston
c45246153f Fixup changelog 2021-06-30 14:47:06 +01:00
Erik Johnston
ad36cb3588 Add note to changelog 2021-06-30 14:45:09 +01:00
Erik Johnston
f193034d59 1.37.1 2021-06-30 12:24:13 +01:00
Richard van der Hoff
bc5589a1bb Merge branch 'release-v1.37' into develop 2021-06-29 21:48:24 +01:00
Richard van der Hoff
d561367c18 1.37.1rc1 2021-06-29 21:39:30 +01:00
Brendan Abolivier
3d370efc6d Merge branch 'master' into develop 2021-06-29 10:20:38 +01:00
Brendan Abolivier
88f9e8d62e
Move deprecation notices to the top of the changelog 2021-06-29 10:16:43 +01:00
Brendan Abolivier
cdf569e468 1.37.0 2021-06-29 10:15:34 +01:00
Brendan Abolivier
763dba77ef Synapse 1.37.0rc1 (2021-06-24)
==============================
 
 This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new generic module interface.
 
 This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings.
 
 Features
 --------
 
 - Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739), [\#9359](https://github.com/matrix-org/synapse/issues/9359), [\#10167](https://github.com/matrix-org/synapse/issues/10167), [\#10212](https://github.com/matrix-org/synapse/issues/10212), [\#10227](https://github.com/matrix-org/synapse/issues/10227))
 - Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716)). ([\#9247](https://github.com/matrix-org/synapse/issues/9247))
 - Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10206](https://github.com/matrix-org/synapse/issues/10206))
 - Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108))
 - Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191))
 
 Bugfixes
 --------
 
 - Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115))
 - Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154))
 - Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157), [\#10158](https://github.com/matrix-org/synapse/issues/10158))
 - Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175))
 - Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184))
 - Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195))
 - Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208))
 - Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221))
 
 Improved Documentation
 ----------------------
 
 - Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436))
 - Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122))
 - Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180))
 - Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198))
 
 Deprecations and Removals
 -------------------------
 
 - The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10210](https://github.com/matrix-org/synapse/issues/10210), [\#10238](https://github.com/matrix-org/synapse/issues/10238))
 - Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161))
 - Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194))
 
 Internal Changes
 ----------------
 
 - Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933))
 - Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080))
 - Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134), [\#10193](https://github.com/matrix-org/synapse/issues/10193))
 - Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143))
 - Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144))
 - Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145))
 - Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148))
 - Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155))
 - Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156))
 - Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160))
 - Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164))
 - Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168))
 - Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183))
 - Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188))
 - Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189))
 - Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190))
 - Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197))
 - Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199))
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdVkXOgzrGzds0jtrHgFcFF8ZFs0FAmDUW7UACgkQHgFcFF8Z
 Fs1ZfQ//bSyzg9mB7F43JdVBH9cpGups3Ur6nmsqE608/i/OEtomx9kTZsoN/9AO
 j6WoM1bhJ3j9hoE63w4DIPVhBrojtwmYWeFrRvpRVlwTzZPhfij1nIH9pPrNVwd6
 /LE0uA1kW5sDZCTiOhrz84BBBz6knjBH4otl+MDDdrszYixoP3i3SrrZVJAEYyGz
 Dpw2OudpoOtMdGyzFMr2ewf2mQm5UFEPs9MT0AqhQJMjyM1lJYzrq3Obv1oTdCJq
 BdLx6kMhK8+MbZPrcqIMXgSMHLYeQYeJOrdTzuCozFo0DSblThpW//aa21+sZtPx
 dnIE0PpjAsm2Qg1II3EUX+YycYpI5KPhMq0ydEmUD7vTuGgJCKqAV3FBRwMlF2VE
 9SOr8Mjd1ip03dHz2vlg38OlrFJ52P0e1RDZwlDtWfeJjZGZ4W6VjMhT7H/Z5USg
 2J1FRPTD8E9w8wBOkjVcl76Lj6AY1KU36/ZLoYUbtrt58XYfkD4OzZmAxdJrqbMg
 na5T9bd9iM8vWditU+vncxU+c7Bkn55GFyDVMQYl8QtXzBvnbv8gQilGwJLkncZJ
 MreQ3OIBPbLNcHml56nmmY+ab+AtrIxuFl0UcZu+LGW8+lN+UZ9G9q0NFO3HbAWN
 /LuhCVpO42SLAuLlIhnO3mcHM5jzZodKIa6oXpcMS2jv0nylQWo=
 =MtOo
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdVkXOgzrGzds0jtrHgFcFF8ZFs0FAmDUXG8ACgkQHgFcFF8Z
 Fs2buxAAg7X4mYKHwlWLn2n2W6bUKY24HAnjtzMrNW76xIHXBJJiJMnhQD3MSKVd
 uiUdolc+Tt3drJYOJyurP8R3YI0OuEVbSL0Krs8f3l6jNOU0Gy7YQzc6XUHnA42J
 rb6mU8gMdCusk9RHHr1r+sBefwzmxTk4naCkw2n5i+r4ZfNparJK7H9yXCPoedUN
 VBZi9f09jaUIm1SiHgK24sW9XfE6ifjdVg+E/r599v2eHJxtCTHUasH9TCAFD8KL
 g17NtAP95+SQWPGwUXJFZYcVee+pGbylXuwP0RXXmMvyOWVKloI0LE6phGyLQ5cH
 rMRagIkvVLMdYagaX8Tf47hNLVCXRJpuryxMgY3+5fx0O7lCMXlC3mDfs9zze+Fj
 KXmJtVy/vpd+zpjQw+HHPnL1dDzsKnDqLFXFCj9Sjv6A/ruckxwWofuh0z83dYtv
 1Abp8k7gVTVGZqLGPo8gRoqI2jQhWDvmJd+crb05qp86SzCz1sCma2ujWQtv3c1t
 6aQpfmGMhFPp+hS2lS8AcyxK4vq+GudtXUOgzdqCNvIs+eJAV5cq6uufLIy6c2XR
 FAR7UowoAoDvqTdD7+i5nHEjbudjjN5KgPXlO3a9+gG5jOR3IsOLZ8FVN0ML6qIJ
 wzl0wM9YIlxyleMlWb0l4CFNDKrGJVhWgOupruHS+D5jfZQsZ3g=
 =AjRf
 -----END PGP SIGNATURE-----

Merge tag 'v1.37.0rc1' into develop

Synapse 1.37.0rc1 (2021-06-24)
==============================

This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new generic module interface.

This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings.

Features
--------

- Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739), [\#9359](https://github.com/matrix-org/synapse/issues/9359), [\#10167](https://github.com/matrix-org/synapse/issues/10167), [\#10212](https://github.com/matrix-org/synapse/issues/10212), [\#10227](https://github.com/matrix-org/synapse/issues/10227))
- Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716)). ([\#9247](https://github.com/matrix-org/synapse/issues/9247))
- Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10206](https://github.com/matrix-org/synapse/issues/10206))
- Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108))
- Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191))

Bugfixes
--------

- Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115))
- Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154))
- Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157), [\#10158](https://github.com/matrix-org/synapse/issues/10158))
- Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175))
- Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184))
- Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195))
- Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208))
- Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221))

Improved Documentation
----------------------

- Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436))
- Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122))
- Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180))
- Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198))

Deprecations and Removals
-------------------------

- The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10210](https://github.com/matrix-org/synapse/issues/10210), [\#10238](https://github.com/matrix-org/synapse/issues/10238))
- Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161))
- Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194))

Internal Changes
----------------

- Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933))
- Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080))
- Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134), [\#10193](https://github.com/matrix-org/synapse/issues/10193))
- Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143))
- Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144))
- Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145))
- Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148))
- Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155))
- Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156))
- Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160))
- Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164))
- Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168))
- Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183))
- Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188))
- Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189))
- Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190))
- Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197))
- Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199))
2021-06-24 11:20:28 +01:00
Brendan Abolivier
bb472f3a94
Incorportate review comments 2021-06-24 11:14:46 +01:00
Brendan Abolivier
7e0cd502c7
Fix date in changelog 2021-06-24 10:59:45 +01:00
Brendan Abolivier
acac4535c5 Tweak changelog 2021-06-24 10:58:08 +01:00
Andrew Morgan
7f25d73859
Convert UPGRADE.rst to markdown (#10166)
This PR:

* Converts UPGRADE.rst to markdown and moves the contents into the `docs/` directory.
* Updates the contents of UPGRADE.rst to point to the website instead.
* Updates links around the codebase that point to UPGRADE.rst.

`pandoc` + some manual editing was used to convert from RST to md.
2021-06-23 16:57:57 +01:00
Brendan Abolivier
9ec45aca1f 1.37.0rc1 2021-06-23 09:38:27 +01:00
Erik Johnston
1c8045f674 1.36.0 2021-06-15 15:42:02 +01:00
Erik Johnston
cbf350db63 Fixup changelog 2021-06-11 15:30:42 +01:00
Erik Johnston
fb10a73e85 1.36.0rc2 2021-06-11 15:21:34 +01:00
Andrew Morgan
e0ddd82f2c Make changelog lines consistent 2021-06-08 14:21:22 +01:00
Andrew Morgan
684df9b21d fix typo in changelog 2021-06-08 14:11:16 +01:00
Andrew Morgan
8df9941cc2 1.36.0rc1 2021-06-08 14:09:00 +01:00
Patrick Cloke
5666773341 Clarify changelog. 2021-06-03 08:24:19 -04:00
Patrick Cloke
57c01dca29 1.35.1 2021-06-03 08:18:22 -04:00
Andrew Morgan
3fdaf4df55 Merge v1.35.0rc3 into v1.35.0 due to incorrect tagging 2021-06-01 13:40:46 +01:00
Andrew Morgan
08e54345b1 Indicate that there were no functional changes since v1.35.0rc3 2021-06-01 13:25:18 +01:00
Andrew Morgan
a8372ad591 1.35.0 2021-06-01 13:23:55 +01:00
Erik Johnston
4f41b711d8 CHANGELOG 2021-05-28 17:13:57 +01:00
Erik Johnston
258a9a9e8b 1.35.0rc3 2021-05-28 17:06:05 +01:00
Erik Johnston
b1bc26a909 1.35.0rc2 2021-05-27 14:46:24 +01:00
Erik Johnston
557635f69a 1.35.0rc1 2021-05-25 11:00:13 +01:00
Erik Johnston
13b0673b5a Changelog 2021-05-17 12:00:28 +01:00
Erik Johnston
afb6dcf806 1.34.0 2021-05-17 11:34:39 +01:00
Brendan Abolivier
451f25172a
Incorporate changes from review 2021-05-12 17:10:42 +01:00
Brendan Abolivier
91143bb24e
Refer and link to the upgrade notes rather than to the file name 2021-05-12 17:04:00 +01:00
Brendan Abolivier
47806b0869 1.34.0rc1 2021-05-12 16:59:46 +01:00
Brendan Abolivier
d1473f7362
Use link to advisory rather than to the CVE repo 2021-05-11 14:09:46 +01:00
Brendan Abolivier
86fb71431c
1.33.2 2021-05-11 14:01:32 +01:00
Erik Johnston
ac88aca7f7 1.33.1 2021-05-06 14:06:38 +01:00
Brendan Abolivier
0644ac0989 1.33.0 2021-05-05 14:15:54 +01:00
Andrew Morgan
d11f2dfee5 typo in changelog 2021-04-29 14:31:14 +01:00
Andrew Morgan
e9444cc74d 1.33.0rc2 2021-04-29 11:45:37 +01:00
Andrew Morgan
8ba086980d Reword account validity template change to sound less like a bugfix 2021-04-28 12:07:49 +01:00
Andrew Morgan
787de3190f 1.33.0rc1 2021-04-28 11:43:33 +01:00
Andrew Morgan
dac4445934 A regression can't be introduced twice 2021-04-22 11:09:31 +01:00
Andrew Morgan
79e6d9e4b1 Note regression was in 1.32.0 and 1.32.1 2021-04-22 11:04:51 +01:00
Andrew Morgan
ca380881b1 Update dates in changelogs 2021-04-21 18:47:31 +01:00
Andrew Morgan
55159c48e3 1.32.2 2021-04-21 18:45:39 +01:00
Andrew Morgan
0c23aa393c
Note LoggingContext signature change incompatibility in 1.32.0 (#9859)
1.32.0 also introduced an incompatibility with Synapse modules that make use of `synapse.logging.context.LoggingContext`, such as [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider).

This PR adds a note to the 1.32.0 changelog and upgrade notes about it.
2021-04-21 18:16:58 +01:00
Andrew Morgan
bdb4c20dc1 Clarify 1.32.0/1 changelog and upgrade notes 2021-04-21 14:44:04 +01:00
Andrew Morgan
acb8c81041 Add regression notes to CHANGES.md; fix link in 1.32.0 changelog 2021-04-21 14:24:16 +01:00
Andrew Morgan
98a1b84631 Add link to fixing prometheus to 1.32.0 upgrade notes; 1.32.1 has a fix 2021-04-21 14:19:11 +01:00
Andrew Morgan
a745531c10 1.32.1 2021-04-21 14:01:12 +01:00
Andrew Morgan
30c94862b4 Mention Prometheus metrics regression in v1.32.0 2021-04-21 14:00:31 +01:00
Andrew Morgan
05fa06834d Further tweaking on gpg signing key notice 2021-04-20 15:52:06 +01:00
Andrew Morgan
913f790bb2 Add note about expired Debian gpg signing keys to CHANGES.md 2021-04-20 15:33:56 +01:00
Andrew Morgan
438a8594cb Update v1.32.0 changelog. It's m.login.application_service, not plural 2021-04-20 14:47:17 +01:00
Andrew Morgan
e031c7e0cc 1.32.0 2021-04-20 14:31:27 +01:00
Andrew Morgan
d9bd181a3f Update changelog for v1.32.0 2021-04-13 14:39:06 +01:00
Andrew Morgan
3efd98aa1c 1.32.0rc1 2021-04-13 14:23:43 +01:00
Erik Johnston
1d8863c67d 1.31.0 2021-04-06 13:09:56 +01:00
Erik Johnston
3a446c21f8 Update changelog 2021-03-30 11:29:21 +01:00
Erik Johnston
78e48f61bf 1.31.0rc1 2021-03-30 11:19:21 +01:00
Erik Johnston
262ed05f5b Update cahngelog 2021-03-26 12:21:04 +00:00
Erik Johnston
548c4a6587 Update cahngelog 2021-03-26 12:17:37 +00:00
Erik Johnston
c6f8e8086c 1.30.1 2021-03-26 12:03:29 +00:00
Erik Johnston
e2904f720d 1.30.0 2021-03-22 13:15:55 +00:00
Andrew Morgan
45ef73fd4f Fix jemalloc changelog entry wording 2021-03-16 14:46:40 +00:00
Andrew Morgan
e3bc0e6f7c Changelog typo 2021-03-16 14:33:23 +00:00
Andrew Morgan
ad5d2e7ec0 Pull up appservice login deprecation notice 2021-03-16 13:51:24 +00:00
Andrew Morgan
d315e96443 1.30.0rc1 2021-03-16 13:45:46 +00:00
Will Hunt
b2c4d3d721
Warn that /register will soon require a type when called with an access token (#9559)
This notice is giving a heads up to the planned spec compliance fix https://github.com/matrix-org/synapse/pull/9548.
2021-03-08 16:35:04 +00:00
Erik Johnston
4de1c35728 Fixup changelog 2021-03-08 13:59:17 +00:00
Erik Johnston
15c788e22d 1.29.0 2021-03-08 13:52:13 +00:00
Erik Johnston
ea0a3aaf0a Fix changelog 2021-03-04 10:29:43 +00:00
Erik Johnston
3f49d80dcf 1.29.0rc1 2021-03-04 10:12:53 +00:00
Richard van der Hoff
e53f11bd62
Call out the need for an X-Forwarded-Proto in the upgrade notes (#9501) 2021-02-26 13:24:54 +00:00
Erik Johnston
2756517f7a Fixup changelog 2021-02-25 10:47:19 +00:00
Erik Johnston
0f9f30b32b Fixup changelog 2021-02-25 10:27:22 +00:00
Erik Johnston
b5c4fe1971 1.28.0 2021-02-25 10:22:07 +00:00
Patrick Cloke
d0365bc8b0 Update release date. 2021-02-19 08:01:17 -05:00
Patrick Cloke
1c5e715e5e Update the CHANGES document. 2021-02-18 12:37:27 -05:00
Patrick Cloke
1381cd05b0 1.28.0rc1 2021-02-18 12:32:49 -05:00
Patrick Cloke
84a7191410 Merge branch 'master' into develop 2021-02-18 11:27:15 -05:00
Patrick Cloke
d804285139 Clarify the release notes around SAML2 for v1.27.0. 2021-02-18 11:25:27 -05:00
Patrick Cloke
9ee3b9775f
Remove deprecated SAML2 callback URL since it does not work. (#9434)
Updates documentation from #9289 and removes a deprecated
endpoint which didn't work as expected.
2021-02-18 11:20:33 -05:00
Erik Johnston
9d64e4dbd6
Drop ARMv7 from docker (#9433)
It's proving incredibly hard to build in CircleCI infra.
2021-02-18 14:46:22 +00:00
Dirk Klimpel
e8e7012265
Deprecate old admin API GET /_synapse/admin/v1/users/<user_id> (#9429)
This API was undocumented and nonsensical.
2021-02-18 09:05:41 -05:00
Erik Johnston
6600f0bd57 Fixup CHANGES 2021-02-16 13:16:17 +00:00
Erik Johnston
a27c1fd74b 1.27.0 2021-02-16 13:12:02 +00:00
Patrick Cloke
dcb9c2e8ae Clarify when new ratelimiting was added. 2021-02-11 11:29:23 -05:00
Patrick Cloke
3f2f7efb87 Update changelog. 2021-02-11 11:24:12 -05:00
Patrick Cloke
40de534238 1.27.0rc2 2021-02-11 11:22:29 -05:00
Erik Johnston
eec9ab3225 Update changelog 2021-02-02 13:51:20 +00:00
Erik Johnston
2610930721 1.27.0rc1 2021-02-02 13:32:05 +00:00
Richard van der Hoff
846b9d3df0
Put OIDC callback URI under /_synapse/client. (#9288) 2021-02-01 22:56:01 +00:00
Patrick Cloke
17b713850f Merge branch 'master' into develop 2021-01-27 11:13:21 -05:00
Patrick Cloke
b685c5e7f1 Move note above changes. 2021-01-27 11:02:04 -05:00
Patrick Cloke
71c46652a2 Copy the upgrade note to 1.26.0. 2021-01-27 10:52:45 -05:00
Patrick Cloke
73ed289bd2 1.26.0 2021-01-27 10:50:37 -05:00
Erik Johnston
93b61589b0
Add a note to changelog about redis usage (#9227) 2021-01-27 14:06:27 +00:00
Patrick Cloke
69961c7e9f Tweak changes. 2021-01-25 08:26:42 -05:00
Patrick Cloke
a01605c136 1.26.0rc2 2021-01-25 08:25:40 -05:00
Patrick Cloke
937b849a2e Fix a typo in the release notes. 2021-01-20 11:34:34 -05:00
Patrick Cloke
adabf328ac Point people to the upgrade notes. 2021-01-20 11:01:04 -05:00
Patrick Cloke
7e072d38b1 Re-run towncrier. 2021-01-20 08:56:25 -05:00
Patrick Cloke
5b8ee181b7 Reword confusing sentence in CHANGES. 2021-01-20 07:30:34 -05:00
Patrick Cloke
74ced7d070 Fix tenses in CHANGES. 2021-01-20 07:24:37 -05:00
Patrick Cloke
3005a2816c Re-arrange CHANGES.md. 2021-01-20 07:19:42 -05:00
Patrick Cloke
72822e60be 1.26.0rc1 2021-01-20 07:14:25 -05:00
Erik Johnston
ebd534b58d Move removal warning up changelog 2021-01-13 10:31:27 +00:00
Erik Johnston
891c925b88 Link to GH profile and fix tense 2021-01-13 10:28:03 +00:00
Erik Johnston
f7478d5cc6 Fix link in changelog 2021-01-13 10:26:25 +00:00
Erik Johnston
429c339de8 Fixup changelog 2021-01-13 10:23:16 +00:00
Erik Johnston
3dd6ba135e 1.25.0 2021-01-13 10:19:12 +00:00
Dan Callahan
6d91e6ca5f
Announce Python / PostgreSQL deprecation policies (#9085)
Fixes #8782
2021-01-12 20:11:15 +00:00
Patrick Cloke
8f08021e86 More updates to changes for consistency. 2021-01-06 07:36:52 -05:00
Patrick Cloke
62b5f13768 A few more tweaks to changes. 2021-01-06 07:34:11 -05:00
Patrick Cloke
bde6705ad1 Some manual tweaks to the changes file. 2021-01-06 07:20:12 -05:00
Patrick Cloke
2fe0fb21f6 1.25.0rc1 2021-01-06 07:08:13 -05:00
Dirk Klimpel
a5f7aff5e5
Deprecate Shutdown Room and Purge Room Admin API (#8829)
Deprecate both APIs in favour of the Delete Room API.

Related: #8663 and #8810
2020-12-10 11:42:48 +00:00
Erik Johnston
320e8c8064 Synapse 1.23.1 (2020-12-09)
===========================
 
 Due to the two security issues highlighted below, server administrators are
 encouraged to update Synapse. We are not aware of these vulnerabilities being
 exploited in the wild.
 
 Security advisory
 -----------------
 
 The following issues are fixed in v1.23.1 and v1.24.0.
 
 - There is a denial of service attack
   ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
   against the federation APIs in which future events will not be correctly sent
   to other servers over federation. This affects all servers that participate in
   open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).
 
 - Synapse may be affected by OpenSSL
   [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
   Synapse administrators should ensure that they have the latest versions of
   the cryptography Python package installed.
 
 To upgrade Synapse along with the cryptography package:
 
 * Administrators using the [`matrix.org` Docker
   image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
   packages from
   `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
   should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
   the updated packages.
 * Administrators who have [installed Synapse from
   source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
   should upgrade the cryptography package within their virtualenv by running:
   ```sh
   <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
   ```
 * Administrators who have installed Synapse from distribution packages should
   consult the information from their distributions.
 
 Bugfixes
 --------
 
 - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776))
 
 Internal Changes
 ----------------
 
 - Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAl/QsOYQHGVyaWtAbWF0
 cml4Lm9yZwAKCRClQuTtGw+sCZTkCACEDbyMY/UCqJaUILxtYeBE7K4GvOqPPHyo
 2VLjyitI7XWVzB/paUOPxAtOtiwXS0GOrL+UsW6Lky2HIjafjLe1Z3LHzATQwF2I
 J2bZWTY1Y4v3y8B7noPmp7+QFIBIey++09BY+MwzT3EQYnXt6lvoHmEvPH/htzjg
 LfdZpSj4WrJr4S2/W0rVlkGSuIShN0Tnv6pTgbGRZMt1N4JH2mo65mCGt3xrMS7E
 us+xqStGh5Q+9g3F913iIJ8noUMeCvTT7hbr1eonhZ3MIKWG30z+zcXwmGb0t3B8
 zvTFXqdbZPSw+ZZdxaZwZuJzNCnYOu6t0JuzXqDoE0xsHb8RVUe9
 =Z9US
 -----END PGP SIGNATURE-----

Merge tag 'v1.23.1'

Synapse 1.23.1 (2020-12-09)
===========================

Due to the two security issues highlighted below, server administrators are
encouraged to update Synapse. We are not aware of these vulnerabilities being
exploited in the wild.

Security advisory
-----------------

The following issues are fixed in v1.23.1 and v1.24.0.

- There is a denial of service attack
  ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
  against the federation APIs in which future events will not be correctly sent
  to other servers over federation. This affects all servers that participate in
  open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).

- Synapse may be affected by OpenSSL
  [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
  Synapse administrators should ensure that they have the latest versions of
  the cryptography Python package installed.

To upgrade Synapse along with the cryptography package:

* Administrators using the [`matrix.org` Docker
  image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
  packages from
  `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
  should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
  the updated packages.
* Administrators who have [installed Synapse from
  source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
  should upgrade the cryptography package within their virtualenv by running:
  ```sh
  <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
  ```
* Administrators who have installed Synapse from distribution packages should
  consult the information from their distributions.

Bugfixes
--------

- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776))

Internal Changes
----------------

- Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
2020-12-09 11:29:56 +00:00
Erik Johnston
1cec3d1457 1.23.1 2020-12-09 11:07:41 +00:00
Erik Johnston
9b26a4ac87 1.24.0 2020-12-09 11:07:24 +00:00
Patrick Cloke
2602514f34 Minor update to CHANGES. 2020-12-04 09:00:32 -05:00
Patrick Cloke
693dab487c 1.24.0rc2 2020-12-04 08:48:04 -05:00
Patrick Cloke
e41720d85f Minor changes to the CHANGES doc. 2020-12-02 09:17:42 -05:00
Patrick Cloke
c67af840aa Minor fixes to changelog. 2020-12-02 09:03:12 -05:00
Patrick Cloke
53b12688dd 1.24.0rc1 2020-12-02 08:57:51 -05:00
Matthew Hodgson
476b8c0ae6 fix MD 2020-11-22 00:30:13 +00:00
Matthew Hodgson
1091bcea3e fix ancient changelog to be MD 2020-11-22 00:29:05 +00:00
Erik Johnston
244bff4edd Update changelog 2020-11-18 12:04:08 +00:00
Erik Johnston
59c8f4f0db Update changelog 2020-11-18 11:57:19 +00:00
Erik Johnston
ef366720d5 1.23.0 2020-11-18 11:41:41 +00:00
Erik Johnston
34226ec761 Fix changelog 2020-11-13 14:14:09 +00:00
Erik Johnston
0a5185495b Fix changelog 2020-11-13 14:06:52 +00:00
Erik Johnston
4a54b821bb 1.23.0rc1 2020-11-13 13:59:58 +00:00
Erik Johnston
b176f1036a Fix changelog 2020-10-30 15:33:33 +00:00
Erik Johnston
aef8514193 use correct version 2020-10-30 15:27:58 +00:00
Erik Johnston
b4289795ea 1.22.1 2020-10-30 15:25:44 +00:00
Erik Johnston
fedfdfd750 1.22.0 2020-10-27 12:07:19 +00:00
Erik Johnston
191f2e5d5d Fixup changelog 2020-10-26 15:17:31 +00:00
Erik Johnston
f40a4ba08e Expand changelog entry 2020-10-26 15:15:49 +00:00
Erik Johnston
7a3adbd7af 1.22.0rc2 2020-10-26 15:11:03 +00:00
Erik Johnston
5065048110 Fixup changelog even more 2020-10-22 13:25:22 +01:00