-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 28 Jun 2022 19:13:32 +0200 Source: matrix-synapse Architecture: source Version: 1.61.1-1 Distribution: unstable Urgency: medium Maintainer: Matrix Packaging Team <pkg-matrix-maintainers@lists.alioth.debian.org> Changed-By: Andrej Shadura <andrewsh@debian.org> Changes: matrix-synapse (1.61.1-1) unstable; urgency=medium . * New upstream release. * SECURITY ISSUE: GHSA-22p3-qrh9-cx32 / CVE-2022-31052. Synapse instances with the url_preview_enabled homeserver config option set to true are affected. URL previews of some web pages can lead to unbounded recursion, causing the request to either fail, or in some cases crash the running Synapse process. Checksums-Sha1: a7e8179f4c6d39005e32af4b1a1b5d8fb0cfa298 2601 matrix-synapse_1.61.1-1.dsc f55d7d1fe16daed9f0550cbeb2e12ab6e2c00edc 7880431 matrix-synapse_1.61.1.orig.tar.gz 462b4dcfef32fe44116c45c7e86374352bb9a9e6 109872 matrix-synapse_1.61.1-1.debian.tar.xz Checksums-Sha256: 74e1c1fcbcd07cd33d9f2c5dcb1b10067e7d1d5910629b25028add15c476190b 2601 matrix-synapse_1.61.1-1.dsc 79b216330a22711521d0ff6694c9f12e40de7e7345a1601bac22021fcace36fc 7880431 matrix-synapse_1.61.1.orig.tar.gz 77bd714c5a7b5441ff5f7d8ae348185943926a3637fdd3cfe998702d8c179eab 109872 matrix-synapse_1.61.1-1.debian.tar.xz Files: 3a9732f84d4f711d6685e151fb48f3ba 2601 net optional matrix-synapse_1.61.1-1.dsc 6e47108f4aa2531cbe81f38ce0ab3824 7880431 net optional matrix-synapse_1.61.1.orig.tar.gz 734753142db6c2c9372707e2ee6efaf2 109872 net optional matrix-synapse_1.61.1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCYrs29wAKCRDoRGtKyMdy YYrVAQCszcutkdJD22XHxMqWrTqZo3BQdW3wT/757sMUrhYQ4gEAmHKrRtC1LpOD ybnUicORhFxgvuJXHp3X0gJA9xjD9wI= =4Ut8 -----END PGP SIGNATURE-----
