Home Explore Help
Register Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Browse Source

Add security advisory note to the changelog

Olivier Wilkinson (reivilibre) 6 months ago
parent
25c412b3c5
commit
4f87edc6e8
1 changed files with 13 additions and 0 deletions
Split View Show Diff Stats
  1. 13 0
      CHANGES.md

+ 13 - 0
CHANGES.md
View File 

@@ -1,6 +1,19 @@
 
 # Synapse 1.94.0 (2023-10-10)
 
 
 No significant changes since 1.94.0rc1.
 
+However, please take note of the security advisory that follows.
 
+
 
+## Security advisory
 
+
 
+The following issue is fixed in 1.94.0 (and RC).
 
+
 
+- [GHSA-5chr-wjw5-3gq4](https://github.com/matrix-org/synapse/security/advisories/GHSA-5chr-wjw5-3gq4) — Moderate Severity
 
+
 
+  A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.
 
+
 
+  Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.
 
+
 
+See the advisory for more details. If you have any questions, email security@matrix.org.
 
 
 
 # Synapse 1.94.0rc1 (2023-10-03)