You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 12, 2024. It is now read-only.
Copy file name to clipboardExpand all lines: CHANGES.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,14 +1,14 @@
1
1
Synapse 1.21.2 (2020-10-15)
2
2
===========================
3
3
4
-
Debian packages and Docker images are rebuilt using the latest versions of dependency libraries, including authlib 0.15.1. Please see bugfixes below.
4
+
Debian packages and Docker images have been rebuilt using the latest versions of dependency libraries, including authlib 0.15.1. Please see bugfixes below.
5
5
6
6
Security advisory
7
7
-----------------
8
8
9
9
* HTML pages served via Synapse were vulnerable to cross-site scripting (XSS)
10
10
attacks. All server administrators are encouraged to upgrade.
This fix was originally included in v1.21.0 but was missing a security advisory.
@@ -19,7 +19,7 @@ Bugfixes
19
19
--------
20
20
21
21
- Fix rare bug where sending an event would fail due to a racey assertion. ([\#8530](https://github.com/matrix-org/synapse/issues/8530))
22
-
- An updated version of the authlib dependency is included in the Docker and Debian release to fix an issue using OpenID Connect.
22
+
- An updated version of the authlib dependency is included in the Docker and Debian images to fix an issue using OpenID Connect. See [\#8534](https://github.com/matrix-org/synapse/issues/8534) for details.
0 commit comments