Package: matrix-synapse Version: 0.33.3-1 Severity: grave Tags: patch security upstream Control: fixed -1 0.33.3.1-1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 From https://matrix.org/blog/2018/09/05/pre-disclosure-upcoming-critical-security-fix-for-synapse/: > During the ongoing work to finalise a stable release of Matrix’s > Server-Server federation API, we’ve been doing a full audit of > Synapse’s implementation and have identified a serious vulnerability > which we are going to release a security update to address (Synapse > 0.33.3.1) on Thursday Sept 6th 2018 at 12:00 UTC. - -- Cheers, Andrej -----BEGIN PGP SIGNATURE----- iQFIBAEBCAAyFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAluP1gAUHGFuZHJld3No QGRlYmlhbi5vcmcACgkQXkCM2RzYOdJKCQgAibJqmoQ7GMUugRTWTy1fmkEMVXvg 4GwBbhJ2pbuiI01EsOpG81K/XEg2GRFdH9iKLjKzpVWInDBZb+2g8v/TFw9Vk2J4 BSrALMBQBqUkaGZ7fx4/Ul4djw5rWmN+Op2Uh/IY3qx+lIiWlBcjITV9scwuL2aI 89wrt4JyOrbWiqfRnFsjiE2IWzoJr4hw79yQtsu/N0qceOv4xfDOUUdqYF3S6vld 25OobDqLkN9bCs6RyADXZbpdQzRhfY6ETQdI7P9BxFy/MJeuJuK+aFCfwJvSxhaO nD0CdGnIQrTypL1bIENo13JIoBejno2Xg0kStz1zNElrZVAw9sY73ptaag== =5L8n -----END PGP SIGNATURE-----
