diff options
| author | js <js@pkgsrc.org> | 2020-12-09 20:40:20 +0000 |
|---|---|---|
| committer | js <js@pkgsrc.org> | 2020-12-09 20:40:20 +0000 |
| commit | 61f4246ebc11daeaccbcca2025354cf5ebc01dbf (patch) | |
| tree | f58e3e98c68f0c79f07bda9cad16b5be92aec449 /chat | |
| parent | 67cb8fe4fde29a904067519e54007bc5e3ff8b8a (diff) | |
| download | pkgsrc-61f4246ebc11daeaccbcca2025354cf5ebc01dbf.tar.gz | |
Update chat/matrix-synapse to 1.24.0
Synapse 1.24.0 (2020-12-09)
===========================
Due to the two security issues highlighted below, server administrators are
encouraged to update Synapse. We are not aware of these vulnerabilities being
exploited in the wild.
Security advisory
-----------------
The following issues are fixed in v1.23.1 and v1.24.0.
- There is a denial of service attack
([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
against the federation APIs in which future events will not be correctly sent
to other servers over federation. This affects all servers that participate in
open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).
- Synapse may be affected by OpenSSL
[CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
Synapse administrators should ensure that they have the latest versions of
the cryptography Python package installed.
To upgrade Synapse along with the cryptography package:
* Administrators using the [`matrix.org` Docker
image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
packages from
`matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
the updated packages.
* Administrators who have [installed Synapse from
source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
should upgrade the cryptography package within their virtualenv by running:
```sh
<path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
```
* Administrators who have installed Synapse from distribution packages should
consult the information from their distributions.
Internal Changes
----------------
- Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
Synapse 1.24.0rc2 (2020-12-04)
==============================
Bugfixes
--------
- Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\#8878](https://github.com/matrix-org/synapse/issues/8878))
Internal Changes
----------------
- Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\#8875](https://github.com/matrix-org/synapse/issues/8875))
Synapse 1.24.0rc1 (2020-12-02)
==============================
Features
--------
- Add admin API for logging in as a user. ([\#8617](https://github.com/matrix-org/synapse/issues/8617))
- Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\#8630](https://github.com/matrix-org/synapse/issues/8630))
- Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\#8801](https://github.com/matrix-org/synapse/issues/8801), [\#8855](https://github.com/matrix-org/synapse/issues/8855))
- Allow the `Date` header through CORS. Contributed by Nicolas Chamo. ([\#8804](https://github.com/matrix-org/synapse/issues/8804))
- Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as "the number of rooms with unread messages" or "total unread messages". ([\#8820](https://github.com/matrix-org/synapse/issues/8820))
- Add `force_purge` option to delete-room admin api. ([\#8843](https://github.com/matrix-org/synapse/issues/8843))
Bugfixes
--------
- Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. ([\#8744](https://github.com/matrix-org/synapse/issues/8744))
- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776))
- Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\#8798](https://github.com/matrix-org/synapse/issues/8798))
- Allow per-room profiles to be used for the server notice user. ([\#8799](https://github.com/matrix-org/synapse/issues/8799))
- Fix a bug where logging could break after a call to SIGHUP. ([\#8817](https://github.com/matrix-org/synapse/issues/8817))
- Fix `register_new_matrix_user` failing with "Bad Request" when trailing slash is included in server URL. Contributed by @angdraug. ([\#8823](https://github.com/matrix-org/synapse/issues/8823))
- Fix a minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\#8835](https://github.com/matrix-org/synapse/issues/8835))
- Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\#8848](https://github.com/matrix-org/synapse/issues/8848))
- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\#8784](https://github.com/matrix-org/synapse/issues/8784))
Improved Documentation
----------------------
- Clarify the usecase for a msisdn delegate. Contributed by Adrian Wannenmacher. ([\#8734](https://github.com/matrix-org/synapse/issues/8734))
- Remove extraneous comma from JSON example in User Admin API docs. ([\#8771](https://github.com/matrix-org/synapse/issues/8771))
- Update `turn-howto.md` with troubleshooting notes. ([\#8779](https://github.com/matrix-org/synapse/issues/8779))
- Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\#8793](https://github.com/matrix-org/synapse/issues/8793))
- Improve the documentation for the admin API to list all media in a room with respect to encrypted events. ([\#8795](https://github.com/matrix-org/synapse/issues/8795))
- Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). ([\#8818](https://github.com/matrix-org/synapse/issues/8818))
- Improve documentation how to configure prometheus for workers. ([\#8822](https://github.com/matrix-org/synapse/issues/8822))
- Update example prometheus console. ([\#8824](https://github.com/matrix-org/synapse/issues/8824))
Deprecations and Removals
-------------------------
- Remove old `/_matrix/client/*/admin` endpoints which were deprecated since Synapse 1.20.0. ([\#8785](https://github.com/matrix-org/synapse/issues/8785))
- Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\#8833](https://github.com/matrix-org/synapse/issues/8833))
Internal Changes
----------------
- Simplify the way the `HomeServer` object caches its internal attributes. ([\#8565](https://github.com/matrix-org/synapse/issues/8565), [\#8851](https://github.com/matrix-org/synapse/issues/8851))
- Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. ([\#8731](https://github.com/matrix-org/synapse/issues/8731))
- Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. ([\#8751](https://github.com/matrix-org/synapse/issues/8751))
- Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. ([\#8754](https://github.com/matrix-org/synapse/issues/8754))
- Refactor test utilities for injecting HTTP requests. ([\#8757](https://github.com/matrix-org/synapse/issues/8757), [\#8758](https://github.com/matrix-org/synapse/issues/8758), [\#8759](https://github.com/matrix-org/synapse/issues/8759), [\#8760](https://github.com/matrix-org/synapse/issues/8760), [\#8761](https://github.com/matrix-org/synapse/issues/8761), [\#8777](https://github.com/matrix-org/synapse/issues/8777))
- Consolidate logic between the OpenID Connect and SAML code. ([\#8765](https://github.com/matrix-org/synapse/issues/8765))
- Use `TYPE_CHECKING` instead of magic `MYPY` variable. ([\#8770](https://github.com/matrix-org/synapse/issues/8770))
- Add a commandline script to sign arbitrary json objects. ([\#8772](https://github.com/matrix-org/synapse/issues/8772))
- Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\#8773](https://github.com/matrix-org/synapse/issues/8773))
- Add additional error checking for OpenID Connect and SAML mapping providers. ([\#8774](https://github.com/matrix-org/synapse/issues/8774), [\#8800](https://github.com/matrix-org/synapse/issues/8800))
- Add type hints to HTTP abstractions. ([\#8806](https://github.com/matrix-org/synapse/issues/8806), [\#8812](https://github.com/matrix-org/synapse/issues/8812))
- Remove unnecessary function arguments and add typing to several membership replication classes. ([\#8809](https://github.com/matrix-org/synapse/issues/8809))
- Optimise the lookup for an invite from another homeserver when trying to reject it. ([\#8815](https://github.com/matrix-org/synapse/issues/8815))
- Add tests for `password_auth_provider`s. ([\#8819](https://github.com/matrix-org/synapse/issues/8819))
- Drop redundant database index on `event_json`. ([\#8845](https://github.com/matrix-org/synapse/issues/8845))
- Simplify `uk.half-shot.msc2778.login.application_service` login handler. ([\#8847](https://github.com/matrix-org/synapse/issues/8847))
- Refactor `password_auth_provider` support code. ([\#8849](https://github.com/matrix-org/synapse/issues/8849))
- Add missing `ordering` to background database updates. ([\#8850](https://github.com/matrix-org/synapse/issues/8850))
- Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. ([\#8854](https://github.com/matrix-org/synapse/issues/8854))
Diffstat (limited to 'chat')
| -rw-r--r-- | chat/matrix-synapse/Makefile | 5 | ||||
| -rw-r--r-- | chat/matrix-synapse/PLIST | 6 | ||||
| -rw-r--r-- | chat/matrix-synapse/distinfo | 10 |
3 files changed, 12 insertions, 9 deletions
diff --git a/chat/matrix-synapse/Makefile b/chat/matrix-synapse/Makefile index 3d2c01e6479..ed60dde85e2 100644 --- a/chat/matrix-synapse/Makefile +++ b/chat/matrix-synapse/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.13 2020/12/04 20:45:02 nia Exp $ +# $NetBSD: Makefile,v 1.14 2020/12/09 20:40:20 js Exp $ -DISTNAME= matrix-synapse-1.23.0 -PKGREVISION= 1 +DISTNAME= matrix-synapse-1.24.0 CATEGORIES= chat MASTER_SITES= ${MASTER_SITE_GITHUB:=matrix-org/} EGG_NAME= matrix_synapse-${PKGVERSION_NOREV} diff --git a/chat/matrix-synapse/PLIST b/chat/matrix-synapse/PLIST index 9c642014119..156aea6f7fa 100644 --- a/chat/matrix-synapse/PLIST +++ b/chat/matrix-synapse/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.5 2020/11/18 21:06:08 js Exp $ +@comment $NetBSD: PLIST,v 1.6 2020/12/09 20:40:20 js Exp $ bin/export_signing_key bin/generate_config bin/generate_log_config @@ -430,6 +430,9 @@ ${PYSITELIB}/synapse/handlers/search.pyo ${PYSITELIB}/synapse/handlers/set_password.py ${PYSITELIB}/synapse/handlers/set_password.pyc ${PYSITELIB}/synapse/handlers/set_password.pyo +${PYSITELIB}/synapse/handlers/sso.py +${PYSITELIB}/synapse/handlers/sso.pyc +${PYSITELIB}/synapse/handlers/sso.pyo ${PYSITELIB}/synapse/handlers/state_deltas.py ${PYSITELIB}/synapse/handlers/state_deltas.pyc ${PYSITELIB}/synapse/handlers/state_deltas.pyo @@ -1429,6 +1432,7 @@ ${PYSITELIB}/synapse/storage/databases/main/schema/delta/58/21drop_device_max_st ${PYSITELIB}/synapse/storage/databases/main/schema/delta/58/22puppet_token.sql ${PYSITELIB}/synapse/storage/databases/main/schema/delta/58/22users_have_local_media.sql ${PYSITELIB}/synapse/storage/databases/main/schema/delta/58/23e2e_cross_signing_keys_idx.sql +${PYSITELIB}/synapse/storage/databases/main/schema/delta/58/24drop_event_json_index.sql ${PYSITELIB}/synapse/storage/databases/main/schema/full_schemas/16/application_services.sql ${PYSITELIB}/synapse/storage/databases/main/schema/full_schemas/16/event_edges.sql ${PYSITELIB}/synapse/storage/databases/main/schema/full_schemas/16/event_signatures.sql diff --git a/chat/matrix-synapse/distinfo b/chat/matrix-synapse/distinfo index e10036f7036..18b0b8f2353 100644 --- a/chat/matrix-synapse/distinfo +++ b/chat/matrix-synapse/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.8 2020/11/18 21:06:08 js Exp $ +$NetBSD: distinfo,v 1.9 2020/12/09 20:40:20 js Exp $ -SHA1 (matrix-synapse-1.23.0.tar.gz) = 9896e876b81e581c5287a5f9d209b8116a85a657 -RMD160 (matrix-synapse-1.23.0.tar.gz) = 106d4b3938f924bd1ef502fca7fdb1cc961b6541 -SHA512 (matrix-synapse-1.23.0.tar.gz) = 5ebb65ca84816b0117cdff96a24d0b8c9bc7676817d42516b2aa3b0cea70d4a00d88e7ef525f3eece168bf26091b05c88a6f3a2545073994778d6a00e40126f5 -Size (matrix-synapse-1.23.0.tar.gz) = 6987361 bytes +SHA1 (matrix-synapse-1.24.0.tar.gz) = 6b2142ac0dedfeefb484596c29b1cd44bd7cd2df +RMD160 (matrix-synapse-1.24.0.tar.gz) = 7be0ec4af9c3126f72c2f4d1bb3b0ee8a419d74b +SHA512 (matrix-synapse-1.24.0.tar.gz) = c58867cb2f55be423cf295ec0b383a60ae3f33036fd365027b91f6ed5168dc773ce9cacb574b4cc825bc9d597385e33e635bd9ba8187bd3a360c984e9ab939aa +Size (matrix-synapse-1.24.0.tar.gz) = 7008162 bytes |