From d656e91fc28b0f502f581fedd1dc3293b14e2bbf Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 18 Dec 2019 09:38:08 +0000 Subject: [PATCH 1/2] 1.7.1 --- CHANGES.md | 19 ++++++++++++++++++- changelog.d/6501.misc | 1 - changelog.d/6503.misc | 1 - changelog.d/6521.misc | 1 - changelog.d/6524.misc | 2 -- changelog.d/6526.bugfix | 1 - changelog.d/6527.bugfix | 1 - changelog.d/6530.misc | 2 -- changelog.d/6531.misc | 1 - changelog.d/6553.bugfix | 1 - changelog.d/6556.bugfix | 1 - changelog.d/6560.bugfix | 1 - debian/changelog | 6 ++++++ synapse/__init__.py | 2 +- 14 files changed, 25 insertions(+), 15 deletions(-) delete mode 100644 changelog.d/6501.misc delete mode 100644 changelog.d/6503.misc delete mode 100644 changelog.d/6521.misc delete mode 100644 changelog.d/6524.misc delete mode 100644 changelog.d/6526.bugfix delete mode 100644 changelog.d/6527.bugfix delete mode 100644 changelog.d/6530.misc delete mode 100644 changelog.d/6531.misc delete mode 100644 changelog.d/6553.bugfix delete mode 100644 changelog.d/6556.bugfix delete mode 100644 changelog.d/6560.bugfix diff --git a/CHANGES.md b/CHANGES.md index c8aa5d177..f838a1679 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,20 @@ +Synapse 1.7.1 (2019-12-18) +========================== + +This release includes several security fixes as well as a fix to a bug exposed by the security fixes. Administrators are encouraged to upgrade as soon as possible. + +Security updates +---------------- + +- Fix a bug which could cause room events to be incorrectly authorized using events from a different room. ([\#6501](https://github.com/matrix-org/synapse/issues/6501)), ([\#6503](https://github.com/matrix-org/synapse/issues/6503)), ([\#6521](https://github.com/matrix-org/synapse/issues/6521)), ([\#6524](https://github.com/matrix-org/synapse/issues/6524), [\#6530](https://github.com/matrix-org/synapse/issues/6530), [\#6531](https://github.com/matrix-org/synapse/issues/6531)) +- Fix a bug causing responses to the `/context` client endpoint to not use the pruned version of the event. ([\#6553](https://github.com/matrix-org/synapse/issues/6553)) +- Fix a cause of state resets in room versions 2 onwards. ([\#6556](https://github.com/matrix-org/synapse/issues/6556), [\#6560](https://github.com/matrix-org/synapse/issues/6560)) + +Bugfixes +-------- + +- Fix a bug which could cause the federation server to incorrectly return errors when handling certain obscure event graphs. ([\#6526](https://github.com/matrix-org/synapse/issues/6526), [\#6527](https://github.com/matrix-org/synapse/issues/6527)) + Synapse 1.7.0 (2019-12-13) ========================== @@ -88,7 +105,7 @@ Internal Changes - Add a test scenario to make sure room history purges don't break `/messages` in the future. ([\#6392](https://github.com/matrix-org/synapse/issues/6392)) - Clarifications for the email configuration settings. ([\#6423](https://github.com/matrix-org/synapse/issues/6423)) - Add more tests to the blacklist when running in worker mode. ([\#6429](https://github.com/matrix-org/synapse/issues/6429)) -- Refactor data store layer to support multiple databases in the future. ([\#6454](https://github.com/matrix-org/synapse/issues/6454), [\#6464](https://github.com/matrix-org/synapse/issues/6464), [\#6469](https://github.com/matrix-org/synapse/issues/6469), [\#6487](https://github.com/matrix-org/synapse/issues/6487)) +- Refactor data store layer to support multiple databases in the future. ([\#6454](https://github.com/matrix-org/synapse/issues/6454), [\#6464](https://github.com/matrix-org/synapse/issues/6464), [\#6469](https://github.com/matrix-org/synapse/issues/6469), [\#6487](https://github.com/matrix-org/synapse/issues/6487)) - Port synapse.rest.client.v1 to async/await. ([\#6482](https://github.com/matrix-org/synapse/issues/6482)) - Port synapse.rest.client.v2_alpha to async/await. ([\#6483](https://github.com/matrix-org/synapse/issues/6483)) - Port SyncHandler to async/await. ([\#6484](https://github.com/matrix-org/synapse/issues/6484)) diff --git a/changelog.d/6501.misc b/changelog.d/6501.misc deleted file mode 100644 index 255f45a9c..000000000 --- a/changelog.d/6501.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor get_events_from_store_or_dest to return a dict. diff --git a/changelog.d/6503.misc b/changelog.d/6503.misc deleted file mode 100644 index e4e9a5a3d..000000000 --- a/changelog.d/6503.misc +++ /dev/null @@ -1 +0,0 @@ -Move get_state methods into FederationHandler. diff --git a/changelog.d/6521.misc b/changelog.d/6521.misc deleted file mode 100644 index d9a44389b..000000000 --- a/changelog.d/6521.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor some code in the event authentication path for clarity. diff --git a/changelog.d/6524.misc b/changelog.d/6524.misc deleted file mode 100644 index f88559742..000000000 --- a/changelog.d/6524.misc +++ /dev/null @@ -1,2 +0,0 @@ -Improve sanity-checking when receiving events over federation. - diff --git a/changelog.d/6526.bugfix b/changelog.d/6526.bugfix deleted file mode 100644 index 53214b074..000000000 --- a/changelog.d/6526.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug which could cause the federation server to incorrectly return errors when handling certain obscure event graphs. \ No newline at end of file diff --git a/changelog.d/6527.bugfix b/changelog.d/6527.bugfix deleted file mode 100644 index 53214b074..000000000 --- a/changelog.d/6527.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug which could cause the federation server to incorrectly return errors when handling certain obscure event graphs. \ No newline at end of file diff --git a/changelog.d/6530.misc b/changelog.d/6530.misc deleted file mode 100644 index f88559742..000000000 --- a/changelog.d/6530.misc +++ /dev/null @@ -1,2 +0,0 @@ -Improve sanity-checking when receiving events over federation. - diff --git a/changelog.d/6531.misc b/changelog.d/6531.misc deleted file mode 100644 index 598efb79f..000000000 --- a/changelog.d/6531.misc +++ /dev/null @@ -1 +0,0 @@ -Improve sanity-checking when receiving events over federation. diff --git a/changelog.d/6553.bugfix b/changelog.d/6553.bugfix deleted file mode 100644 index 4fe576b87..000000000 --- a/changelog.d/6553.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug causing responses to the `/context` client endpoint to not use the pruned version of the event. diff --git a/changelog.d/6556.bugfix b/changelog.d/6556.bugfix deleted file mode 100644 index e75639f5b..000000000 --- a/changelog.d/6556.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a cause of state resets in room versions 2 onwards. diff --git a/changelog.d/6560.bugfix b/changelog.d/6560.bugfix deleted file mode 100644 index e75639f5b..000000000 --- a/changelog.d/6560.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a cause of state resets in room versions 2 onwards. diff --git a/debian/changelog b/debian/changelog index bd43feb32..e400619eb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.7.1) stable; urgency=medium + + * New synapse release 1.7.1. + + -- Synapse Packaging team Wed, 18 Dec 2019 09:37:59 +0000 + matrix-synapse-py3 (1.7.0) stable; urgency=medium * New synapse release 1.7.0. diff --git a/synapse/__init__.py b/synapse/__init__.py index d3cf7b3d7..e951bab59 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -36,7 +36,7 @@ try: except ImportError: pass -__version__ = "1.7.0" +__version__ = "1.7.1" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when From e156c86a7f3d616bcb8fd80d5d319fd9a3d73cb6 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 18 Dec 2019 09:40:03 +0000 Subject: [PATCH 2/2] too many parens --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index f838a1679..7927714a3 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -6,7 +6,7 @@ This release includes several security fixes as well as a fix to a bug exposed b Security updates ---------------- -- Fix a bug which could cause room events to be incorrectly authorized using events from a different room. ([\#6501](https://github.com/matrix-org/synapse/issues/6501)), ([\#6503](https://github.com/matrix-org/synapse/issues/6503)), ([\#6521](https://github.com/matrix-org/synapse/issues/6521)), ([\#6524](https://github.com/matrix-org/synapse/issues/6524), [\#6530](https://github.com/matrix-org/synapse/issues/6530), [\#6531](https://github.com/matrix-org/synapse/issues/6531)) +- Fix a bug which could cause room events to be incorrectly authorized using events from a different room. ([\#6501](https://github.com/matrix-org/synapse/issues/6501), [\#6503](https://github.com/matrix-org/synapse/issues/6503), [\#6521](https://github.com/matrix-org/synapse/issues/6521), [\#6524](https://github.com/matrix-org/synapse/issues/6524), [\#6530](https://github.com/matrix-org/synapse/issues/6530), [\#6531](https://github.com/matrix-org/synapse/issues/6531)) - Fix a bug causing responses to the `/context` client endpoint to not use the pruned version of the event. ([\#6553](https://github.com/matrix-org/synapse/issues/6553)) - Fix a cause of state resets in room versions 2 onwards. ([\#6556](https://github.com/matrix-org/synapse/issues/6556), [\#6560](https://github.com/matrix-org/synapse/issues/6560))