Debian Package Tracker

From: Andrej Shadura <andrewsh@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted matrix-synapse 0.28.1+dfsg-1 (source) into unstable
Date: Wed, 02 May 2018 10:19:47 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 02 May 2018 12:02:15 +0200
Source: matrix-synapse
Binary: matrix-synapse
Architecture: source
Version: 0.28.1+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Matrix Packaging Team <pkg-matrix-maintainers@lists.alioth.debian.org>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Description:
 matrix-synapse - Matrix reference homeserver
Changes:
 matrix-synapse (0.28.1+dfsg-1) unstable; urgency=high
 .
   * New upstream release:
     - SECURITY UPDATE:
       Clamp the allowed values of event depth received over federation to
       be [0, 2**63 - 1]. This mitigates an attack where malicious events
       injected with depth = 2**63 - 1 render rooms unusable.
   * Prevent installing with python-pymacaroons-nacl or python-nacl (<< 1.1.0).
Checksums-Sha1:
 cdb32209495387939aa02e8e0eae2188864960fb 2432 matrix-synapse_0.28.1+dfsg-1.dsc
 d02f73141191993f624d43d88d4dac5e7b2ea1ad 898772 matrix-synapse_0.28.1+dfsg.orig.tar.gz
 750b24af10bec180e3fb369e6867b6a7486ba5f5 84100 matrix-synapse_0.28.1+dfsg-1.debian.tar.xz
Checksums-Sha256:
 ab187da15c261a2e83da0d909ab43901c1d2ff8d2a4f86f9d5ce7a37b7285f3e 2432 matrix-synapse_0.28.1+dfsg-1.dsc
 0c90b6a9af6b044783876b4fce553b15eb3aa9852d697dc60935771e79cf1194 898772 matrix-synapse_0.28.1+dfsg.orig.tar.gz
 87ad440e11138308739c72feaaff0efa0d59f6789170b059db984e31fdb5d993 84100 matrix-synapse_0.28.1+dfsg-1.debian.tar.xz
Files:
 4b19db8ad60e248d4fc1c185f15a50f2 2432 net optional matrix-synapse_0.28.1+dfsg-1.dsc
 c8cf1b4bd577099628debf80f20d47f6 898772 net optional matrix-synapse_0.28.1+dfsg.orig.tar.gz
 e1aa66f4914e15a316a05bfef835932f 84100 net optional matrix-synapse_0.28.1+dfsg-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlrpjOsACgkQXkCM2RzY
OdIjugf/St65Ll9XezZ5mU+UFTU1dTOKffJSLAHYYtB26kNCuiOhpF9ZbcvS6qgv
xDHeNyGverrjGQjfi9jspCsuS6S8OsB7F0d/03dO0AoXIatspVdZ87fEfMVmsRsr
jMjMs9K9veA4aQmOnSn8HRuTXhrtbZvR+VkPYy4518X29LLIUVE/bVsnp9OD9Kgm
P8jggxGC9NIO4gxFKtPulhPFBQ4THWmCixvRDFl0LMbi5RGlgQzPVV+gGuxyABA5
DTNema6XDMsUYUbgYriATt2JiiwRo2tiW8cef8qJvlLKUsJWA8ORDvP4br4ZQ5o0
nfxQ5OlRIn1KnUFG0pOGgTIAUWhS7A==
=+www
-----END PGP SIGNATURE-----

News for package matrix-synapse