matrix-synapse (1.52.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Wed, 16 Feb 2022 13:59:21 +0100 matrix-synapse (1.52.0-1) unstable; urgency=medium * New upstream release. * Update dependency constraints. * Refresh patches. -- Andrej Shadura Tue, 08 Feb 2022 23:20:40 +0100 matrix-synapse (1.51.0-1~bpo10+3) buster-backports-sloppy; urgency=medium * Upload to buster-backports-sloppy. -- Andrej Shadura Wed, 09 Feb 2022 16:00:55 +0100 matrix-synapse (1.51.0-1~bpo10+2) buster-backports; urgency=medium * Add an explicit python3-matrix-common dependency. * Add a NEWS item on deprecation of Synapse in buster-backports-sloppy. -- Andrej Shadura Wed, 09 Feb 2022 13:19:14 +0100 matrix-synapse (1.51.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 08 Feb 2022 23:26:03 +0100 matrix-synapse (1.51.0-1) unstable; urgency=high * New upstream release. * Sort entries in debian/copyright. -- Andrej Shadura Tue, 25 Jan 2022 17:20:03 +0100 matrix-synapse (1.50.2-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Mon, 24 Jan 2022 18:16:50 +0100 matrix-synapse (1.50.1-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 18 Jan 2022 19:46:48 +0100 matrix-synapse (1.50.0-1) unstable; urgency=medium * New upstream release. * Depend on python3-matrix-common. -- Andrej Shadura Tue, 18 Jan 2022 15:29:33 +0100 matrix-synapse (1.49.2-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 21 Dec 2021 20:46:08 +0100 matrix-synapse (1.49.0-1~bpo10+4) buster-backports-sloppy; urgency=medium * Fix an endless loop with "Invalid prev_events for ". -- Andrej Shadura Mon, 24 Jan 2022 18:14:51 +0100 matrix-synapse (1.49.0-1~bpo10+2) buster-backports-sloppy; urgency=medium * Fix a regression by cherry-picking an upstream fix from 1.49.2. -- Andrej Shadura Tue, 21 Dec 2021 20:55:17 +0100 matrix-synapse (1.49.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 21 Dec 2021 16:59:32 +0100 matrix-synapse (1.49.0-1) unstable; urgency=medium * New upstream release. * Bump ijson dependency. -- Andrej Shadura Tue, 14 Dec 2021 17:39:09 +0100 matrix-synapse (1.48.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Mon, 06 Dec 2021 08:39:18 +0100 matrix-synapse (1.48.0-1) unstable; urgency=medium * New upstream release. * Update copyrights. -- Andrej Shadura Tue, 30 Nov 2021 15:36:01 +0100 matrix-synapse (1.47.1-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Thu, 25 Nov 2021 09:14:19 +0100 matrix-synapse (1.47.1-1) unstable; urgency=high * New upstream security release. * CVE-2021-41281: Path traversal when downloading remote media: Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory. Homeservers with the media repository disabled or configured with a federation whitelist are unaffected. (GHSA-3hfw-x7gx-437c) -- Andrej Shadura Tue, 23 Nov 2021 13:17:43 +0100 matrix-synapse (1.47.0-2~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. * Fix security vulnerability in the media repository (CVE-2021-41281). -- Andrej Shadura Tue, 23 Nov 2021 13:12:10 +0100 matrix-synapse (1.47.0-2) unstable; urgency=medium * Require a Python 3.10-compatible version of frozendict. -- Andrej Shadura Thu, 18 Nov 2021 01:13:53 +0100 matrix-synapse (1.47.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 17 Nov 2021 21:12:33 +0100 matrix-synapse (1.46.0-1~bpo10+2) buster-backports-sloppy; urgency=high * Fix security vulnerability in the media repository (CVE-2021-41281). -- Andrej Shadura Tue, 23 Nov 2021 00:00:00 +0000 matrix-synapse (1.46.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Wed, 17 Nov 2021 21:10:07 +0100 matrix-synapse (1.46.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Mon, 08 Nov 2021 14:54:14 +0100 matrix-synapse (1.45.1-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Wed, 27 Oct 2021 09:54:52 +0200 matrix-synapse (1.45.1-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Wed, 20 Oct 2021 20:25:01 +0200 matrix-synapse (1.45.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 19 Oct 2021 19:02:47 +0200 matrix-synapse (1.44.0-2) unstable; urgency=medium * Drop unused dependency on blist. -- Andrej Shadura Tue, 12 Oct 2021 10:06:50 +0200 matrix-synapse (1.44.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. * Drop unused dependency on blist. -- Andrej Shadura Tue, 12 Oct 2021 10:05:42 +0200 matrix-synapse (1.44.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 05 Oct 2021 19:23:38 +0200 matrix-synapse (1.43.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 05 Oct 2021 19:22:13 +0200 matrix-synapse (1.43.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 22 Sep 2021 09:26:18 +0100 matrix-synapse (1.42.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 21 Sep 2021 20:46:09 +0100 matrix-synapse (1.42.0-1) unstable; urgency=medium * New upstream release. * Update jsonschema dependency to 3.0.0. -- Andrej Shadura Tue, 14 Sep 2021 21:39:56 +0100 matrix-synapse (1.41.1-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 14 Sep 2021 21:44:24 +0100 matrix-synapse (1.41.1-1) unstable; urgency=high * New upstream release. * SECURITY UPDATE: - Unauthorised users could enumerate a private room's list of members and their display names (CVE-2021-39164, GHSA-3x4c-pq33-4w3q). - Unauthorised users could disclose a private room's name, avatar, topic, and number of members (CVE-2021-39163, GHSA-jj53-8fmw-f2w2). -- Andrej Shadura Tue, 31 Aug 2021 16:22:39 +0100 matrix-synapse (1.40.0-1~bpo10+1) buster-backports-sloppy; urgency=medium * Rebuild for buster-backports-sloppy. -- Andrej Shadura Tue, 24 Aug 2021 14:57:39 +0200 matrix-synapse (1.40.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Sun, 15 Aug 2021 10:52:45 +0100 matrix-synapse (1.39.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Fri, 30 Jul 2021 10:06:05 +0200 matrix-synapse (1.38.1-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Thu, 22 Jul 2021 18:42:29 +0200 matrix-synapse (1.38.0-1) unstable; urgency=medium * New upstream release. * Install renamed documents under the old names. -- Andrej Shadura Wed, 14 Jul 2021 09:00:51 +0200 matrix-synapse (1.37.1-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 30 Jun 2021 22:18:16 +0200 matrix-synapse (1.37.0-1) unstable; urgency=medium * New upstream release. * Update the dependencies. -- Andrej Shadura Tue, 29 Jun 2021 15:22:07 +0200 matrix-synapse (1.36.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 16 Jun 2021 10:28:46 +0200 matrix-synapse (1.35.1-1) unstable; urgency=medium * New upstream release. * d/watch: Skip pre-releases. -- Andrej Shadura Mon, 14 Jun 2021 18:46:03 +0200 matrix-synapse (1.35.0-1) unstable; urgency=medium * New upstream release. * Depend on python3-ijson (>= 3.0). -- Andrej Shadura Wed, 02 Jun 2021 08:19:14 +0200 matrix-synapse (1.34.0-1) unstable; urgency=medium * New upstream release. * Recommend pympler required for caches.track_memory_usage setting. -- Andrej Shadura Mon, 17 May 2021 16:19:40 +0200 matrix-synapse (1.33.2-1) unstable; urgency=high * New upstream release. * Explicitly depend on python3-cryptography. * Refresh patch. * SECURITY UPDATE (CVE-2021-29471, GHSA-x345-32rc-8h85): - Denial of service attack via push rule patterns: "Push rules" can specify conditions under which they will match, including event_match, which matches event content against a pattern including wildcards. Certain patterns can cause very poor performance in the matching engine, leading to a denial-of-service when processing moderate-length events. -- Andrej Shadura Tue, 11 May 2021 16:47:19 +0200 matrix-synapse (1.31.0-2) unstable; urgency=medium * Stop using a deprecated dpkg-statoverride option (Closes: #927837). * Remove dpkg-statoverride on purge (Closes: #927838). * Properly escape variables in scripts. * Only log warnings and above to the journal (Closes: #919347). -- Andrej Shadura Tue, 13 Apr 2021 20:12:22 +0200 matrix-synapse (1.31.0-1) unstable; urgency=medium * New upstream release. * Revert upstream bump of python3-cryptography. -- Andrej Shadura Wed, 07 Apr 2021 13:51:56 +0200 matrix-synapse (1.30.0-1) unstable; urgency=medium * New upstream release. * Update the watch URL. -- Andrej Shadura Mon, 22 Mar 2021 18:36:56 +0100 matrix-synapse (1.29.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Fri, 12 Mar 2021 08:46:16 +0100 matrix-synapse (1.28.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Mon, 01 Mar 2021 15:22:17 +0100 matrix-synapse (1.27.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 17 Feb 2021 17:36:17 +0100 matrix-synapse (1.26.0-3) unstable; urgency=medium * Downgrade the level of sandboxing to prevent confusion. Strict sandboxing enabled by default caused issues for users running appservices: https://github.com/matrix-org/synapse/issues/9327 It’s best to leave it enabled but relax a bit and let users opt in for stricter protection if they wish. -- Andrej Shadura Tue, 09 Feb 2021 23:25:50 +0100 matrix-synapse (1.26.0-2) unstable; urgency=medium * Make psycopg2 a dependency. -- Andrej Shadura Thu, 04 Feb 2021 11:21:55 +0100 matrix-synapse (1.26.0-1) unstable; urgency=medium * New upstream release. * Recommend matrix-synapse-ldap3. * Put txacme into Recommends, add jwt and authlib into Suggests. -- Andrej Shadura Thu, 28 Jan 2021 13:05:02 +0100 matrix-synapse (1.25.0-2) unstable; urgency=medium * Don’t compress README. * Increase max_upload_size to 100M (Closes: #955974) * Stop the debconf interface when done debconfing (Correctly closes: #935654). * Fixes for the systemd unit files: - Add SELinux support to the systemd unit file (Closes: #977430). - Fix up service files for workers to point to the right Python location - Add sandboxing options (Closes: #955254). - Add Documentation option. * Replace the generic perl hashbang in a script with the real one. -- Andrej Shadura Wed, 27 Jan 2021 10:11:11 +0100 matrix-synapse (1.25.0-1) unstable; urgency=medium * New upstream release. * initscript: Add a service description. -- Andrej Shadura Wed, 13 Jan 2021 14:01:17 +0100 matrix-synapse (1.24.0-2) unstable; urgency=medium [ Lars Kruse ] * Fix the initscript: - Make sure the uploads directory exists. - Force start-stop-daemon to create a pidfile (Closes: #935654) - Remove the check for certifacte/key files (Closes: #960276). -- Andrej Shadura Sun, 10 Jan 2021 21:50:32 +0100 matrix-synapse (1.24.0-1) unstable; urgency=high * New upstream release. * SECURITY UPDATE: GHSA-hxmp-pqch-c8mm / CVE-2020-26257: - A malicious homeserver could send malformed events into a room which would then break federation of that room. * BREAKING CHANGE: - Removal historical Synapse Admin API. See /usr/share/doc/matrix-synapse/UPGRADE.rst.gz for more details. -- Andrej Shadura Thu, 10 Dec 2020 11:20:19 +0100 matrix-synapse (1.23.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Thu, 19 Nov 2020 09:38:22 +0100 matrix-synapse (1.22.1-2) unstable; urgency=medium * Provide a get-config-key script to finally unbreak the init script (Closes: #939069, #945759). * Add Pre-Depends and extend Depends with more substvars. -- Andrej Shadura Sat, 31 Oct 2020 10:47:26 +0100 matrix-synapse (1.22.1-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Sat, 31 Oct 2020 10:04:42 +0100 matrix-synapse (1.21.2-1) unstable; urgency=high * New upstream bugfix release. -- Andrej Shadura Thu, 15 Oct 2020 20:02:37 +0200 matrix-synapse (1.21.1-1) unstable; urgency=medium * New upstream release. * Bump canonicaljson dependency. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Use debhelper-compat 12 instead of debian/compat. * Bump Standards-Version to 4.5.0. * Update Vcs-Git. -- Andrej Shadura Wed, 14 Oct 2020 14:59:25 +0200 matrix-synapse (1.20.1-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Fri, 25 Sep 2020 18:06:35 +0200 matrix-synapse (1.20.0-1) unstable; urgency=medium * New upstream release. * Bump python3-canonicaljson version. -- Andrej Shadura Wed, 23 Sep 2020 10:03:06 +0200 matrix-synapse (1.19.3-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Sat, 19 Sep 2020 14:22:15 +0300 matrix-synapse (1.19.2-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Wed, 16 Sep 2020 17:44:26 +0300 matrix-synapse (1.19.1-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Thu, 27 Aug 2020 17:35:49 +0200 matrix-synapse (1.19.0-1) unstable; urgency=medium [ Andrej Shadura ] * New upstream release. * Bump python3-canonicaljson dependency. [ Aaron Raimist ] * Fix outdated documentation for SYNAPSE_CACHE_FACTOR. -- Andrej Shadura Wed, 19 Aug 2020 21:34:43 +0200 matrix-synapse (1.18.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Wed, 12 Aug 2020 09:05:45 +0200 matrix-synapse (1.17.0-1) unstable; urgency=medium * New upstream release. * Update the jQuery missing source and the copyrights. -- Andrej Shadura Tue, 14 Jul 2020 17:41:36 +0200 matrix-synapse (1.16.0-1) unstable; urgency=medium * New upstream release. * Update dependencies. -- Andrej Shadura Thu, 09 Jul 2020 08:40:47 +0200 matrix-synapse (1.15.2-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Thu, 02 Jul 2020 21:52:42 +0200 matrix-synapse (1.15.1-1) unstable; urgency=medium * New upstream bugfix release. -- Andrej Shadura Tue, 16 Jun 2020 11:56:35 +0200 matrix-synapse (1.15.0-1) unstable; urgency=medium * New upstream release. * Refresh the default configuration. -- Andrej Shadura Sun, 14 Jun 2020 20:32:44 +0200 matrix-synapse (1.13.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Mon, 25 May 2020 11:54:15 +0200 matrix-synapse (1.12.4-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Mon, 04 May 2020 10:31:40 +0200 matrix-synapse (1.12.3-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 07 Apr 2020 10:09:42 +0200 matrix-synapse (1.12.0-1) unstable; urgency=medium * New upstream release. * Pin Twisted to the version where the security issues have been fixed. -- Andrej Shadura Tue, 24 Mar 2020 09:51:23 +0100 matrix-synapse (1.11.1-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Tue, 03 Mar 2020 18:22:46 +0100 matrix-synapse (1.11.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Sat, 22 Feb 2020 11:04:00 +0300 matrix-synapse (1.10.0-2) unstable; urgency=medium * Depend on python3-signedjson (>= 1.1.0) (Closes: #951378). -- Andrej Shadura Sat, 15 Feb 2020 18:20:49 +0100 matrix-synapse (1.10.0-1) unstable; urgency=medium * New upstream release. * Drop synapse.federation.transport.server log level downgrade since the upstream has fixed log levels in the source code. -- Andrej Shadura Fri, 14 Feb 2020 15:03:45 +0100 matrix-synapse (1.9.1-1) unstable; urgency=high * New upstream bugfix release. -- Andrej Shadura Wed, 29 Jan 2020 14:47:02 +0100 matrix-synapse (1.9.0-1) unstable; urgency=medium * New upstream release. * The default logging config now comes with the logging level for Synapse itself set to INFO, but some other modules and Twisted set to WARN. This verbosity should be fine for normal uses, but when troubleshooting, users may want to revert all WARNs to INFO or maybe even DEBUG. The future releases will try to align the defaults to the upstream’s one. -- Andrej Shadura Thu, 23 Jan 2020 18:59:21 +0100 matrix-synapse (1.8.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Thu, 09 Jan 2020 17:19:59 +0100 matrix-synapse (1.7.3-1) unstable; urgency=high * New upstream bugfix release. -- Andrej Shadura Wed, 01 Jan 2020 13:21:02 +0100 matrix-synapse (1.7.2-1) unstable; urgency=high * New upstream release. * This release fixes a regression introduced in 1.7.1. -- Andrej Shadura Fri, 20 Dec 2019 13:23:26 +0100 matrix-synapse (1.7.1-1) unstable; urgency=high * New upstream release. * SECURITY UPDATE: - Fix a bug which could cause room events to be incorrectly authorised using events from a different room. - Fix a bug causing responses to the /context client endpoint to not use the pruned version of the event. - Fix a cause of state resets in room versions 2 onwards. * Add new options to the default homeserver.yaml. -- Andrej Shadura Wed, 18 Dec 2019 16:56:31 +0100 matrix-synapse (1.7.0-2) unstable; urgency=medium * Install CONTRIBUTING.md instead of .rst. -- Andrej Shadura Fri, 13 Dec 2019 20:29:38 +0100 matrix-synapse (1.7.0-1) unstable; urgency=medium * New upstream release. * Update parts of the homeserver.yaml config file. -- Andrej Shadura Fri, 13 Dec 2019 17:12:26 +0100 matrix-synapse (1.6.1-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Fri, 29 Nov 2019 14:43:09 +0100 matrix-synapse (1.6.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Tue, 26 Nov 2019 22:19:26 +0100 matrix-synapse (1.5.1-1) unstable; urgency=high * New upstream release. -- Andrej Shadura Mon, 11 Nov 2019 15:27:34 +0100 matrix-synapse (1.5.0-1) unstable; urgency=medium * New upstream release (Closes: #944355). * SECURITY UPDATE (CVE-2019-18835): - Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers. * Require python3-typing-extensions (>= 3.7.4). * Use secure copyright file specification URI. -- Andrej Shadura Fri, 08 Nov 2019 14:38:14 +0100 matrix-synapse (1.4.0-1) unstable; urgency=medium * New upstream release. * Bump Twisted requirement. -- Andrej Shadura Fri, 04 Oct 2019 10:07:43 +0200 matrix-synapse (1.3.0-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Thu, 15 Aug 2019 17:31:05 +0200 matrix-synapse (1.2.1-2) unstable; urgency=medium [ Axel Beckert ] * Fix the installation process hanging (Closes: #920339). -- Andrej Shadura Fri, 09 Aug 2019 14:14:57 +0200 matrix-synapse (1.2.1-1) unstable; urgency=high * New upstream release. * Drop an old patch. * SECURITY UPDATE: - Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. - Prevent a denial-of-service attack where cycles of redaction events would make Synapse spin infinitely. - Prevent an attack where users could be joined or parted from public rooms without their consent. - Fix a vulnerability where a federated server could spoof read receipts from users on other servers. -- Andrej Shadura Fri, 26 Jul 2019 13:02:23 -0300 matrix-synapse (1.1.0-1) unstable; urgency=medium * New upstream release. * Refresh patches. * Make most runtime dependencies mandatory. -- Andrej Shadura Thu, 18 Jul 2019 20:33:52 -0300 matrix-synapse (1.0.0-2) unstable; urgency=medium * Upload to unstable. -- Andrej Shadura Wed, 26 Jun 2019 13:09:57 -0500 matrix-synapse (1.0.0-1) experimental; urgency=medium * New upstream release. * Bump dependencies. * Use dh 11 and compat level 11. * Refresh patches. -- Andrej Shadura Fri, 21 Jun 2019 09:28:10 -0500 matrix-synapse (0.99.5.2-1) experimental; urgency=medium * New upstream release. -- Andrej Shadura Thu, 06 Jun 2019 15:30:26 +0200 matrix-synapse (0.99.5.1-1) experimental; urgency=medium * New upstream release. -- Andrej Shadura Wed, 22 May 2019 22:44:28 +0100 matrix-synapse (0.99.3.2-1) experimental; urgency=medium * Upload to experimental. * New upstream release. -- Andrej Shadura Fri, 03 May 2019 22:44:59 +0200 matrix-synapse (0.99.2-6) unstable; urgency=medium * Add a NEWS entry on the room format upgrade in 0.99.5.1. -- Andrej Shadura Thu, 06 Jun 2019 15:28:41 +0200 matrix-synapse (0.99.2-5) unstable; urgency=high * Security updates backported from 0.99.3: - Use SystemRandom for token generation - Blacklist 0.0.0.0 and :: by default for URL previews -- Andrej Shadura Fri, 03 May 2019 22:26:41 +0200 matrix-synapse (0.99.2-4) unstable; urgency=medium [ Antoine Beaupré ] * Fix log rotation to be less verbose (Closes: #927057). -- Andrej Shadura Sat, 27 Apr 2019 20:03:23 +0200 matrix-synapse (0.99.2-3) unstable; urgency=medium * Make the code querying the location of the key file actually work. Closes: #923573. * Verify the presence of TLS cert/key files. * Make sure warnings are not shown when querying configuration settings. -- Andrej Shadura Sun, 24 Mar 2019 14:02:48 +0100 matrix-synapse (0.99.2-2) unstable; urgency=medium * Make sure the key file is owned by the user running synapse (Closes: #923573). * No longer enable webclient by default (Closes: #923574). * Print a warning when the server name has not been set (Closes: #923586). * Update NEWS with a note on .well-known vs SRV. -- Andrej Shadura Sat, 16 Mar 2019 16:48:56 +0100 matrix-synapse (0.99.2-1) unstable; urgency=medium * New upstream release. * Depend on python3-all instead of python3-distutils. * Correct the dependency on python3-distutils (Closes: #922838). -- Andrej Shadura Fri, 01 Mar 2019 14:23:57 +0100 matrix-synapse (0.99.1.1-1) unstable; urgency=medium * New upstream release. * Ship docs, refresh NEWS. -- Andrej Shadura Wed, 20 Feb 2019 11:24:24 +0100 matrix-synapse (0.99.0-1) unstable; urgency=medium * New upstream release. * Recommend python3-bleach and python3-jinja2. * Suggest python3-txacme. * Update the dependencies. * Bump Standards-Version. * Update NEWS. -- Andrej Shadura Sat, 09 Feb 2019 15:34:08 +0100 matrix-synapse (0.34.1.1-4) unstable; urgency=high * Depend on python3-distutils (Closes: #920274). -- Andrej Shadura Wed, 23 Jan 2019 16:07:50 +0100 matrix-synapse (0.34.1.1-3) unstable; urgency=high * Python 3 needs py3dist-overrides. * Use Python 3 in the init script (Closes: #919709). * Update the dependencies (Closes: #919707). -- Andrej Shadura Sun, 20 Jan 2019 15:05:38 +0100 matrix-synapse (0.34.1.1-2) unstable; urgency=high * Fix Python dependencies (Closes: #919450). -- Andrej Shadura Wed, 16 Jan 2019 09:26:37 +0100 matrix-synapse (0.34.1.1-1) unstable; urgency=medium * New upstream release: - SECURITY UPDATE (CVE-2019-5885). -- Andrej Shadura Thu, 10 Jan 2019 16:24:02 +0100 matrix-synapse (0.34.0-3) unstable; urgency=medium * Add Breaks: matrix-synapse-ldap3 (<< 0.1.3-2~). Closes: #917558. -- Andrej Shadura Sat, 29 Dec 2018 11:59:09 +0100 matrix-synapse (0.34.0-2) unstable; urgency=medium * Bump dependencies to please Synapse. -- Andrej Shadura Sat, 22 Dec 2018 00:01:55 +0100 matrix-synapse (0.34.0-1) unstable; urgency=medium * New upstream release. * Remove unnecessary patch and the web_client setting. -- Andrej Shadura Fri, 21 Dec 2018 13:35:42 +0100 matrix-synapse (0.34.0~rc2-1) unstable; urgency=medium * New upstream version 0.34.0~rc2. * Use Python 3 (Closes: #897222). * debian/watch: Require a dot in the version. * Refresh patches. * Don’t use dh-systemd package, depend on a newer debhelper instead. -- Andrej Shadura Tue, 18 Dec 2018 17:09:27 +0100 matrix-synapse (0.33.9-2) unstable; urgency=medium * New upstream release. -- Andrej Shadura Fri, 23 Nov 2018 18:39:57 +0100 matrix-synapse (0.33.8-1) unstable; urgency=medium * New upstream release. * Refresh patches, update dependencies. * Normalise whitespace. * Wrap and sort debian/control. -- Andrej Shadura Fri, 02 Nov 2018 12:32:34 +0100 matrix-synapse (0.33.4-1) unstable; urgency=medium [ Richard van der Hoff ] * Don’t tell users to install packages with pip instead of apt. [ Andrej Shadura ] * New upstream version. * Update the configuration template with new keys. -- Andrej Shadura Wed, 12 Sep 2018 15:12:22 +0200 matrix-synapse (0.33.3.1-1) unstable; urgency=high * New upstream version. - SECURITY UPDATE (CVE-2018-16515): Check that signatures on events are valid Fix origin handling for pushed transactions - Closes: #908044. -- Andrej Shadura Thu, 06 Sep 2018 12:00:03 +0200 matrix-synapse (0.33.3-2) unstable; urgency=medium [ Richard van der Hoff ] * We now require python-twisted 17.1.0 or later. * Add recommendations for python-psycopg2 and python-lxml. -- Andrej Shadura Wed, 05 Sep 2018 17:57:16 +0200 matrix-synapse (0.33.3-1) unstable; urgency=medium * New upstream version. -- Andrej Shadura Wed, 22 Aug 2018 16:27:24 +0200 matrix-synapse (0.33.2+dfsg-3) unstable; urgency=medium * Remove Recommends for HTTP/2 packages, they break some functionality. -- Andrej Shadura Tue, 14 Aug 2018 07:48:14 +0200 matrix-synapse (0.33.2+dfsg-2) unstable; urgency=medium * Recommend python-priority and python-h2 for HTTP/2 support. -- Andrej Shadura Mon, 13 Aug 2018 15:19:45 +0200 matrix-synapse (0.33.2+dfsg-1) unstable; urgency=medium * New upstream version. * Depend on python-netaddr. -- Andrej Shadura Thu, 09 Aug 2018 16:42:11 +0200 matrix-synapse (0.33.1+dfsg-1) unstable; urgency=high * New upstream version. * Security fixes: - Fix a potential issue where servers could request events for rooms they have not joined. See https://github.com/matrix-org/synapse/issues/3641 - Fix a potential issue where users could see events in private rooms before they joined. See https://github.com/matrix-org/synapse/issues/3642 -- Andrej Shadura Thu, 02 Aug 2018 17:10:50 +0200 matrix-synapse (0.33.0+dfsg-1) unstable; urgency=medium * New upstream version. * Update debian/watch. * Refresh patches. -- Andrej Shadura Fri, 20 Jul 2018 20:01:00 +0200 matrix-synapse (0.32.2+dfsg-1) unstable; urgency=high * New upstream release. * Add dependency on python-sortedcontainers. -- Andrej Shadura Sun, 08 Jul 2018 19:44:33 +0200 matrix-synapse (0.31.2+dfsg-1) unstable; urgency=high * New upstream release: - SECURITY UPDATE: Prevent unauthorised users from setting state events in a room when there is no m.room.power_levels event in force in the room. (Closes: #901549) -- Andrej Shadura Thu, 14 Jun 2018 18:53:36 +0200 matrix-synapse (0.31.1+dfsg-2) unstable; urgency=high * Bump dependencies of the binary packages to allow smooth upgrades. -- Andrej Shadura Mon, 11 Jun 2018 08:46:06 +0200 matrix-synapse (0.31.1+dfsg-1) unstable; urgency=high * New upstream release: - SECURITY UPDATE: This release fixes a security bug in the get_missing_events federation API where event visibility rules were not applied correctly. We are not aware of it being actively exploited but please upgrade ASAP. -- Andrej Shadura Sun, 10 Jun 2018 22:45:05 +0200 matrix-synapse (0.31.0+dfsg-2) unstable; urgency=medium * Remove no longer relevant patches. * Add French debconf translation (Closes: #861924) by Jean-Pierre Giraud. * Add Dutch translation of debconf messages (Closes: #862208) by Frans Spiesschaert. * Add Brazilian Portuguese debconf templates translation (Closes: #891166) by Adriano Rafael Gomes. * Add Russian translation of debconf template (Closes: #883207) by Lev Lamberov. * Update the copyrights. * Refresh copyrights in the PO template and POs. -- Andrej Shadura Thu, 07 Jun 2018 09:10:23 +0200 matrix-synapse (0.31.0+dfsg-1) unstable; urgency=medium [ Richard van der Hoff ] * Refresh 0004-webclient-instructions.patch * Drop dependency on ujson, add dependencies on attr and prometheus-client. [ Andrej Shadura ] * New upstream release. * Add the missing six dependency. -- Andrej Shadura Wed, 06 Jun 2018 20:42:37 +0200 matrix-synapse (0.30.0+dfsg-1) unstable; urgency=medium * New upstream release. -- Andrej Shadura Fri, 25 May 2018 09:46:38 +0200 matrix-synapse (0.29.1+dfsg-1) unstable; urgency=medium * New upstream release. * Refresh patches. * Update Vcs-*. -- Andrej Shadura Fri, 18 May 2018 17:31:24 +0200 matrix-synapse (0.28.1+dfsg-1) unstable; urgency=high * New upstream release: - SECURITY UPDATE: Clamp the allowed values of event depth received over federation to be [0, 2**63 - 1]. This mitigates an attack where malicious events injected with depth = 2**63 - 1 render rooms unusable. * Prevent installing with python-pymacaroons-nacl or python-nacl (<< 1.1.0). -- Andrej Shadura Wed, 02 May 2018 12:02:15 +0200 matrix-synapse (0.28.0+dfsg-2) unstable; urgency=medium * Prefer python-nacl (>= 1.1.0) and python-pymacaroons. -- Andrej Shadura Tue, 01 May 2018 14:15:54 +0200 matrix-synapse (0.28.0+dfsg-1) unstable; urgency=medium * New upstream version. * Refresh patches. * Enable systemd journal logging by default. -- Andrej Shadura Mon, 30 Apr 2018 14:12:04 +0200 matrix-synapse (0.27.2+dfsg-1) unstable; urgency=medium [ Andrej Shadura ] * New upstream version. * Add python-phonenumbers dependency. * Drop a patch to not depend on python-phonenumbers. * Refresh patches. * Make the package team-maintained. [ Richard van der Hoff ] * Remove level for file log handler from the default log.yaml. -- Andrej Shadura Tue, 27 Mar 2018 17:39:49 +0200 matrix-synapse (0.24.0+dfsg-1) unstable; urgency=medium * New upstream version. * Remove an extra oversionmangle from debian/watch. * Drop a patch applied upstream. * Update debian/copyright. * Add a patch to temporarily avoid phonenumbers dependency. -- Andrew Shadura Tue, 24 Oct 2017 15:25:33 +0100 matrix-synapse (0.19.2+dfsg-6) unstable; urgency=medium [ Simó Albert i Beltran ] * Use set -e instead of passes -e to hte shell on the #! at debian/postinst [ Rui Branco ] * Add Portuguese translation for debconf messages. [ Andrew Shadura ] * Temporarily add an optional dependency on python-pymacaroons-pynacl for python-nacl << 1.1.0. -- Andrew Shadura Mon, 27 Mar 2017 11:52:05 +0200 matrix-synapse (0.19.2+dfsg-5) unstable; urgency=medium [ Simó Albert i Beltran ] * When purging remove configuration files created by debian/postinst (Closes: #857428) [ Helge Kreutzmann ] * Add initial German debconf translation. (Closes: #857526) [ Rahul De ] * Fail silently if server name is not configured (Closes: #857619) -- Andrew Shadura Sat, 18 Mar 2017 11:14:06 +0100 matrix-synapse (0.19.2+dfsg-4) unstable; urgency=medium * Add bcrypt and pymacaroons to pydist-overrides so that the runtime dependencies are picked up automatically. -- Andrew Shadura Fri, 10 Mar 2017 12:04:52 +0100 matrix-synapse (0.19.2+dfsg-3) unstable; urgency=medium * Add missing copyrights for jwt.py and saml2.py (Thanks to Andreas Henriksson). -- Andrew Shadura Mon, 06 Mar 2017 20:53:50 +0100 matrix-synapse (0.19.2+dfsg-2) unstable; urgency=medium * Move to Section: net. * Add Vcs-*. * Add Homepage. * Use oversionmangle and dversionmangle in debian/watch. * Move Apache-2.0 license text into a separate paragraph. -- Andrew Shadura Tue, 21 Feb 2017 18:32:09 +0100 matrix-synapse (0.19.2+dfsg-1) unstable; urgency=medium * Don't install upstream's minified jquery, depend on libjs-jquery. * Include the source code for jquery-2.1.3.min.js * Don't load reCAPTCHA. * Update debian/copyright. * Set repacksuffix, remove debian uupdate. * Actually add lsb-base as a dependency. -- Andrew Shadura Tue, 21 Feb 2017 18:01:45 +0100 matrix-synapse (0.19.2-1) unstable; urgency=medium [ Sunil Mohan Adapa ] * Bump standards version to 3.9.8. * Don't ignore errors in debian/config. * Internationalise strings in the template file. * Add lsb-base as a dependency. * Update debconf questions. * Add manpages for all binaries. [ Andrew Shadura ] * New upstream version. * Update debian/copyright file. -- Andrew Shadura Tue, 21 Feb 2017 16:14:52 +0100 matrix-synapse (0.19.1-1) unstable; urgency=medium [ Erik Johnston ] * Initial packaging for the upstream version 0.19.1. [ Andrew Shadura ] * First upload to Debian (Closes: #830601). -- Andrew Shadura Tue, 21 Feb 2017 15:39:04 +0100