Matrix (Synapse/Element) - Package Updates
-
Synapse [1.1.0]
- Update Synapse to 1.13.0
- Full changelog
- Set Referrer-Policy header to no-referrer on media downloads. (#7009)
- Admin API POST /_synapse/admin/v1/join/<roomIdOrAlias> to join users to a room like auto_join_rooms for creation of users. (#7051)
- Add options to prevent users from changing their profile or associated 3PIDs. (#7096)
- Allow server admins to define and enforce a password policy (MSC2000). (#7118)
- Improve the support for SSO authentication on the login fallback page. (#7152, #7235)
- Always whitelist the login fallback in the SSO configuration if public_baseurl is set. (#7153)
- Admin users are no longer required to be in a room to create an alias for it. (#7191)
- Require admin privileges to enable room encryption by default. This does not affect existing rooms. (#7230)
-
Riot [1.2.0]
- Remove matrix.org welcome bot - https://github.com/vector-im/riot-web/pull/12894
-
Synapse [1.4.0]
- Update Synapse to 1.15.1
- Full changelog
- Advertise support for Client-Server API r0.6.0 and remove related unstable feature flags. (#6585)
- Add an option to disable autojoining rooms for guest accounts. (#6637)
- Add admin APIs to allow server admins to manage users' devices. Contributed by @dklimpel. (#7481)
- Add support for generating thumbnails for WebP images. Previously, users would see an empty box instead of preview image. Contributed by @WGH-. (#7586)
- Support the standardized m.login.sso user-interactive authentication flow. (#7630)
-
[1.5.0]
- Update Synapse to 1.15.2
- Full changelog
- A malicious homeserver could force Synapse to reset the state in a room to a small subset of the correct state. This affects all Synapse deployments which federate with untrusted servers. (96e9afe6)
- HTML pages served via Synapse were vulnerable to clickjacking attacks. This predominantly affects homeservers with single-sign-on enabled, but all server administrators are encouraged to upgrade. (ea26e9a9)
This contains important security fixes. Please update immediately
-
Synapse [1.6.0]
- Update Synapse to 1.16.0
- Full changelog
- Add an option to enable encryption by default for new rooms. (#7639)
- Add support for running multiple media repository workers. See docs/workers.md for instructions. (#7706)
- Media can now be marked as safe from quarantined. (#7718)
- Expand the configuration options for auto-join rooms. (#7763)
-
Synapse [1.7.0]
- Update Synapse to 1.17.0
- Full changelog
- Fix inconsistent handling of upper and lower case in email addresses when used as identifiers for login, etc. Contributed by @dklimpel. (#7021)
- Fix "Tried to close a non-active scope!" error messages when opentracing is enabled. (#7732)
- Fix incorrect error message when database CTYPE was set incorrectly. (#7760)
- Fix to not ignore set_tweak actions in Push Rules that have no value, as permitted by the specification. (#7766)
- Fix synctl to handle empty config files correctly. Contributed by @kotovalexarian. (#7779)
- Fixes a long standing bug in worker mode where worker information was saved in the devices table instead of the original IP address and user agent. (#7797)
- Fix 'stuck invites' which happen when we are unable to reject a room invite received over federation. (#7804, #7809, #7810)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login