MirrorHub
/
synapse
mirror of https://mau.dev/maunium/synapse.git
0
0
Fork 1
Code Issues Projects Releases Wiki Activity
synapse/tests/storage
History
Erik Johnston 55b0aa847a Fix GHSA-3h7q-rfh9-xm4v 
Weakness in auth chain indexing allows DoS from remote room members
through disk fill and high CPU usage.

A remote Matrix user with malicious intent, sharing a room with Synapse
instances before 1.104.1, can dispatch specially crafted events to
exploit a weakness in how the auth chain cover index is calculated. This
can induce high CPU consumption and accumulate excessive data in the
database of such instances, resulting in a denial of service.

Servers in private federations, or those that do not federate, are not
affected.
 		2024-04-23 15:25:49 +01:00
..
databases Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
util Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
__init__.py Reference Matrix Home Server 2014-08-12 15:10:52 +01:00
test__base.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_account_data.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_appservice.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_background_update.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_base.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_cleanup_extrems.py Bump black from 23.10.1 to 24.2.0 (#16936) 2024-03-13 16:46:44 +00:00
test_client_ips.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_database.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_devices.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_directory.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_e2e_room_keys.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_end_to_end_keys.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_event_chain.py Fix GHSA-3h7q-rfh9-xm4v 2024-04-23 15:25:49 +01:00
test_event_federation.py Port `EventInternalMetadata` class to Rust (#16782) 2024-01-08 14:06:48 +00:00
test_event_metrics.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_event_push_actions.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_events.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_id_generators.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_main.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_monthly_active_users.py Update license headers 2023-11-21 15:29:58 -05:00
test_profile.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_purge.py Update license headers 2023-11-21 15:29:58 -05:00
test_receipts.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_redaction.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_registration.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_relations.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_rollback_worker.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_room.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_room_search.py Bump black from 23.10.1 to 24.2.0 (#16936) 2024-03-13 16:46:44 +00:00
test_roommember.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_state.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_stream.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_transactions.py Update license headers 2023-11-21 15:29:58 -05:00
test_txn_limit.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_unsafe_locale.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_user_directory.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_user_filters.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00