Release v0.99.3.1: Synapse 0.99.3.1 (2019-05-03) · nrj5k/synapse

v0.99.3.1
f73f18f
Verified

This tag was signed with the committer’s verified signature.

richvdh Richard van der Hoff

GPG key ID: 8A1F93D575B5E8D5

Learn about vigilant mode
Compare

Choose a tag to compare

Loading

View all tags

v0.99.3.1: Synapse 0.99.3.1 (2019-05-03)

v0.99.3.1
f73f18f
Compare

Choose a tag to compare

Loading

View all tags
Verified

This tag was signed with the committer’s verified signature.

richvdh Richard van der Hoff

GPG key ID: 8A1F93D575B5E8D5

Learn about vigilant mode

richvdh tagged this 03 May 16:27

=============================

Security update
---------------

This release includes two security fixes:

- Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue! ([\#5133](https://github.com/matrix-org/synapse/issues/5133))
- Blacklist 0.0.0.0 and :: by default for URL previews. Thanks to @opnsec for identifying and responsibly disclosing this issue too! ([\#5134](https://github.com/matrix-org/synapse/issues/5134))

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly