Matrix (Synapse/Element) - Package Updates
-
Riot [1.2.0]
- Remove matrix.org welcome bot - https://github.com/vector-im/riot-web/pull/12894
-
Synapse [1.4.0]
- Update Synapse to 1.15.1
- Full changelog
- Advertise support for Client-Server API r0.6.0 and remove related unstable feature flags. (#6585)
- Add an option to disable autojoining rooms for guest accounts. (#6637)
- Add admin APIs to allow server admins to manage users' devices. Contributed by @dklimpel. (#7481)
- Add support for generating thumbnails for WebP images. Previously, users would see an empty box instead of preview image. Contributed by @WGH-. (#7586)
- Support the standardized m.login.sso user-interactive authentication flow. (#7630)
-
[1.5.0]
- Update Synapse to 1.15.2
- Full changelog
- A malicious homeserver could force Synapse to reset the state in a room to a small subset of the correct state. This affects all Synapse deployments which federate with untrusted servers. (96e9afe6)
- HTML pages served via Synapse were vulnerable to clickjacking attacks. This predominantly affects homeservers with single-sign-on enabled, but all server administrators are encouraged to upgrade. (ea26e9a9)
This contains important security fixes. Please update immediately
-
Synapse [1.6.0]
- Update Synapse to 1.16.0
- Full changelog
- Add an option to enable encryption by default for new rooms. (#7639)
- Add support for running multiple media repository workers. See docs/workers.md for instructions. (#7706)
- Media can now be marked as safe from quarantined. (#7718)
- Expand the configuration options for auto-join rooms. (#7763)
-
Synapse [1.7.0]
- Update Synapse to 1.17.0
- Full changelog
- Fix inconsistent handling of upper and lower case in email addresses when used as identifiers for login, etc. Contributed by @dklimpel. (#7021)
- Fix "Tried to close a non-active scope!" error messages when opentracing is enabled. (#7732)
- Fix incorrect error message when database CTYPE was set incorrectly. (#7760)
- Fix to not ignore set_tweak actions in Push Rules that have no value, as permitted by the specification. (#7766)
- Fix synctl to handle empty config files correctly. Contributed by @kotovalexarian. (#7779)
- Fixes a long standing bug in worker mode where worker information was saved in the devices table instead of the original IP address and user agent. (#7797)
- Fix 'stuck invites' which happen when we are unable to reject a room invite received over federation. (#7804, #7809, #7810)
-
Synapse [1.8.0]
- Update Synapse to 1.18.0
- Full changelog
- Include room states on invite events that are sent to application services. Contributed by @Sorunome. (#6455)
- Add delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete). Contributed by @dklimpel. (#7613, #7953)
- Add experimental support for running multiple federation sender processes. (#7798)
- Add the option to validate the iss and aud claims for JWT logins. (#7827)
- Add support for handling registration requests across multiple client reader workers. (#7830)
- Add an admin API to list the users in a room. Contributed by Awesome Technologies Innovationslabor GmbH. (#7842)
- Allow email subjects to be customised through Synapse's configuration. (#7846)
- Add the ability to re-activate an account from the admin API. (#7847, #7908)
- Support oEmbed for media previews. (#7920)
