|
|
|
@ -1,3 +1,27 @@
|
|
|
|
|
Synapse 1.66.0 (2022-08-31)
|
|
|
|
|
===========================
|
|
|
|
|
|
|
|
|
|
No significant changes since 1.66.0rc2.
|
|
|
|
|
|
|
|
|
|
This release removes the ability for homeservers to delegate email ownership
|
|
|
|
|
verification and password reset confirmation to identity servers. This removal
|
|
|
|
|
was originally planned for Synapse 1.64, but was later deferred until now. See
|
|
|
|
|
the [upgrade notes](https://matrix-org.github.io/synapse/v1.66/upgrade.html#upgrading-to-v1660) for more details.
|
|
|
|
|
|
|
|
|
|
Deployments with multiple workers should note that the direct TCP replication
|
|
|
|
|
configuration was deprecated in Synapse v1.18.0 and will be removed in Synapse
|
|
|
|
|
v1.67.0. In particular, the TCP `replication` [listener](https://matrix-org.github.io/synapse/v1.66/usage/configuration/config_documentation.html#listeners)
|
|
|
|
|
type (not to be confused with the `replication` resource on the `http` listener
|
|
|
|
|
type) and the `worker_replication_port` config option will be removed .
|
|
|
|
|
|
|
|
|
|
To migrate to Redis, add the [`redis` config](https://matrix-org.github.io/synapse/v1.66/workers.html#shared-configuration),
|
|
|
|
|
then remove the TCP `replication` listener from config of the master and
|
|
|
|
|
`worker_replication_port` from worker config. Note that a HTTP listener with a
|
|
|
|
|
`replication` resource is still required. See the
|
|
|
|
|
[worker documentation](https://matrix-org.github.io/synapse/v1.66/workers.html)
|
|
|
|
|
for more details.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Synapse 1.66.0rc2 (2022-08-30)
|
|
|
|
|
==============================
|
|
|
|
|
|
|
|
|
@ -10,12 +34,6 @@ Bugfixes
|
|
|
|
|
Synapse 1.66.0rc1 (2022-08-23)
|
|
|
|
|
==============================
|
|
|
|
|
|
|
|
|
|
This release removes the ability for homeservers to delegate email ownership
|
|
|
|
|
verification and password reset confirmation to identity servers. This removal
|
|
|
|
|
was originally planned for Synapse 1.64, but was later deferred until now.
|
|
|
|
|
|
|
|
|
|
See the [upgrade notes](https://matrix-org.github.io/synapse/v1.66/upgrade.html#upgrading-to-v1660) for more details.
|
|
|
|
|
|
|
|
|
|
Features
|
|
|
|
|
--------
|
|
|
|
|
|
|
|
|
@ -390,6 +408,20 @@ No significant changes since 1.62.0rc3.
|
|
|
|
|
|
|
|
|
|
Authors of spam-checker plugins should consult the [upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.62/docs/upgrade.md#upgrading-to-v1620) to learn about the enriched signatures for spam checker callbacks, which are supported with this release of Synapse.
|
|
|
|
|
|
|
|
|
|
## Security advisory
|
|
|
|
|
|
|
|
|
|
The following issue is fixed in 1.62.0.
|
|
|
|
|
|
|
|
|
|
* [GHSA-jhjh-776m-4765](https://github.com/matrix-org/synapse/security/advisories/GHSA-jhjh-776m-4765) / [CVE-2022-31152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31152)
|
|
|
|
|
|
|
|
|
|
Synapse instances prior to 1.62.0 did not implement the Matrix [event authorization rules](https://spec.matrix.org/v1.3/rooms/v10/#authorization-rules) correctly. An attacker could craft events which would be accepted by Synapse but not a spec-conformant server, potentially causing divergence in the room state between servers.
|
|
|
|
|
|
|
|
|
|
Homeservers with federation disabled via the [`federation_domain_whitelist`](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#federation_domain_whitelist) config option are unaffected.
|
|
|
|
|
|
|
|
|
|
Administrators of homeservers with federation enabled are advised to upgrade to v1.62.0 or higher.
|
|
|
|
|
|
|
|
|
|
Fixed by [#13087](https://github.com/matrix-org/synapse/pull/13087) and [#13088](https://github.com/matrix-org/synapse/pull/13088).
|
|
|
|
|
|
|
|
|
|
Synapse 1.62.0rc3 (2022-07-04)
|
|
|
|
|
==============================
|
|
|
|
|
|
|
|
|
|