-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 25 May 2024 16:22:51 +0200
Source: matrix-synapse
Architecture: source
Version: 1.103.0-2
Distribution: unstable
Urgency: medium
Maintainer: Matrix Packaging Team <pkg-matrix-maintainers@lists.alioth.debian.org>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Closes: 1069763
Changes:
matrix-synapse (1.103.0-2) unstable; urgency=medium
.
* Fix CVE-2024-31208 / GHSA-3h7q-rfh9-xm4v:
- Weakness in auth chain indexing allows DoS from remote room members
through disk fill and high CPU usage.
Closes: 1069763
Checksums-Sha1:
8938744eaeb84b9a2500a4e35809659fc6854d66 3230 matrix-synapse_1.103.0-2.dsc
34d1e40682bcc873958c25eaa3c301ffe7d77807 128588 matrix-synapse_1.103.0-2.debian.tar.xz
Checksums-Sha256:
ca320d936bb9ebdbf1da33cdba7a19b4853262ca8535c7f0b4a0022583d9ca9d 3230 matrix-synapse_1.103.0-2.dsc
fa7e9139e75fa41ac022ff60d7ac61051c61e0e4a1ee82827737d85eb245a3ab 128588 matrix-synapse_1.103.0-2.debian.tar.xz
Files:
1da88fab329d4ae0d40003365b9c292d 3230 net optional matrix-synapse_1.103.0-2.dsc
3eb711c8d2880d002c0d0077bb7ee75c 128588 net optional matrix-synapse_1.103.0-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCZlH0jQAKCRDoRGtKyMdy
YU0lAP0ZwHjsRLQL4zAAb+aiTBNCJcu7mxoHLILaOFIO3TCYnAD/TDmC+KZ+ONXC
BfUB6kWJYvyL7vyzcuJ51+TkpkpEHAQ=
=xrQH
-----END PGP SIGNATURE-----
Attachment:
pgpi2rC1H9Bve.pgp
Description: PGP signature