Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Matrix - Package Updates


  • Staff

    [1.3.0]


  • Staff

    [1.5.0]

    • Update Synapse to 1.15.2
    • Full changelog
    • A malicious homeserver could force Synapse to reset the state in a room to a small subset of the correct state. This affects all Synapse deployments which federate with untrusted servers. (96e9afe6)
    • HTML pages served via Synapse were vulnerable to clickjacking attacks. This predominantly affects homeservers with single-sign-on enabled, but all server administrators are encouraged to upgrade. (ea26e9a9)

    This contains important security fixes. Please update immediately


  • Staff

    Riot [1.3.1]

    • Update riot to 1.6.8
    • Full changelog
    • Upgrade to JS SDK 7.1.0 and React SDK 2.9.0

  • Staff

    Synapse [1.6.0]

    • Update Synapse to 1.16.0
    • Full changelog
    • Add an option to enable encryption by default for new rooms. (#7639)
    • Add support for running multiple media repository workers. See docs/workers.md for instructions. (#7706)
    • Media can now be marked as safe from quarantined. (#7718)
    • Expand the configuration options for auto-join rooms. (#7763)

  • Staff

    Synapse [1.6.1]

    • Update Synapse to 1.16.1
    • Full changelog
    • Drop table local_rejections_stream which was incorrectly added in Synapse 1.16.0. (#7816, b1beb3ff5)

  • Staff

    Synapse [1.7.0]

    • Update Synapse to 1.17.0
    • Full changelog
    • Fix inconsistent handling of upper and lower case in email addresses when used as identifiers for login, etc. Contributed by @dklimpel. (#7021)
    • Fix "Tried to close a non-active scope!" error messages when opentracing is enabled. (#7732)
    • Fix incorrect error message when database CTYPE was set incorrectly. (#7760)
    • Fix to not ignore set_tweak actions in Push Rules that have no value, as permitted by the specification. (#7766)
    • Fix synctl to handle empty config files correctly. Contributed by @kotovalexarian. (#7779)
    • Fixes a long standing bug in worker mode where worker information was saved in the devices table instead of the original IP address and user agent. (#7797)
    • Fix 'stuck invites' which happen when we are unable to reject a room invite received over federation. (#7804, #7809, #7810)

  • Staff

    Element [1.4.0]

    • Update Element to 1.7.0
    • Full changelog
    • App name changed from Riot to Element

  • Staff

    Element [1.4.1]

    • Update Element to 1.7.1
    • Full changelog
    • Run pngcrush on vector-icons
    • Use the right protocol for SSO URLs
    • Fix mstile-310x150 by renaming it

  • Staff

    [1.4.2]

    • Update Element to 1.7.2
    • Full changelog
    • Upgrade to React SDK 3.0.0 and JS SDK 8.0.0
    • Capitalize letters #14566
    • Riot to Element #14581

  • Staff

    Synapse [1.8.0]

    • Update Synapse to 1.18.0
    • Full changelog
    • Include room states on invite events that are sent to application services. Contributed by @Sorunome. (#6455)
    • Add delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete). Contributed by @dklimpel. (#7613, #7953)
    • Add experimental support for running multiple federation sender processes. (#7798)
    • Add the option to validate the iss and aud claims for JWT logins. (#7827)
    • Add support for handling registration requests across multiple client reader workers. (#7830)
    • Add an admin API to list the users in a room. Contributed by Awesome Technologies Innovationslabor GmbH. (#7842)
    • Allow email subjects to be customised through Synapse's configuration. (#7846)
    • Add the ability to re-activate an account from the admin API. (#7847, #7908)
    • Support oEmbed for media previews. (#7920)

  • Staff

    Element [1.4.3]

    • Update Element to 1.7.3
    • Full changelog
    • Element Web 1.7.3 fixes an issue where replying to a specially formatted message would make it seem like the replier said something they did not. Thanks to Sorunome for responsibly disclosing this via Matrix's Security Disclosure Policy.
      Element Web 1.7.3 fixes an issue where an unexpected language ID in a code block could cause Element to crash. Thanks to SakiiR for responsibly disclosing this via Matrix's Security Disclosure Policy.
    • Upgrade to React SDK 3.1.0 and JS SDK 8.0.1

Log in to reply