Hello, Here is an update to net/synapse 1.127.1 It solves GHSA-v56r-hwv5-mxg6 / CVE-2025-30355 https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6
Tested on amd64 Compiles and runs fine on 7.6-stable too Best Regards
Index: Makefile =================================================================== RCS file: /cvs/ports/net/synapse/Makefile,v diff -u -p -r1.98 Makefile --- Makefile 25 Mar 2025 17:06:35 -0000 1.98 +++ Makefile 27 Mar 2025 00:01:36 -0000 @@ -1,6 +1,6 @@ COMMENT = open network for secure, decentralized communication -MODPY_DISTV = 1.127.0 +MODPY_DISTV = 1.127.1 GH_ACCOUNT = element-hq GH_PROJECT = synapse Index: distinfo =================================================================== RCS file: /cvs/ports/net/synapse/distinfo,v diff -u -p -r1.74 distinfo --- distinfo 25 Mar 2025 17:06:35 -0000 1.74 +++ distinfo 27 Mar 2025 00:01:36 -0000 @@ -81,7 +81,7 @@ SHA256 (cargo/windows_x86_64_msvc-0.52.6 SHA256 (cargo/wit-bindgen-rt-0.33.0.tar.gz) = Mmjz2GZFi3h/OQz2H0u7VjuSLQkTWflgiEKZnq7jlDw= SHA256 (cargo/zerocopy-0.8.17.tar.gz) = qpFAfazOOmjFbeA6vidgFZWCuEbGpKzS9FZhgIfxJxM= SHA256 (cargo/zerocopy-derive-0.8.17.tar.gz) = BnGKFoNlytPV/wuxM6rTRpWaIHS9SoXBISVaETBKhiY= -SHA256 (synapse-1.127.0.tar.gz) = 3JpG4HMPQpJSYYInasUsrp/ROoZpGlER9iYBSanODCY= +SHA256 (synapse-1.127.1.tar.gz) = +EKnc/Cy5A8Q0+QLOcSH+XQibsHpDNJSTRDR/a0KZSc= SIZE (cargo/aho-corasick-1.1.3.tar.gz) = 183311 SIZE (cargo/anyhow-1.0.97.tar.gz) = 52221 SIZE (cargo/arc-swap-1.7.1.tar.gz) = 68512 @@ -165,4 +165,4 @@ SIZE (cargo/windows_x86_64_msvc-0.52.6.t SIZE (cargo/wit-bindgen-rt-0.33.0.tar.gz) = 3357 SIZE (cargo/zerocopy-0.8.17.tar.gz) = 230971 SIZE (cargo/zerocopy-derive-0.8.17.tar.gz) = 81373 -SIZE (synapse-1.127.0.tar.gz) = 8885163 +SIZE (synapse-1.127.1.tar.gz) = 8885485
smime.p7s
Description: S/MIME Cryptographic Signature
