From 0d4764a21346e168bc3a9c6f1248bc2cf6986eff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 15 Nov 2021 11:24:01 +0200 Subject: [PATCH] Upgrade matrix-corporal (2.1.2 -> 2.1.3) 2.1.3 fixes a security vulnerability, which allowed attackers to circuimvent policy checks by sending HTTP requests with trailing slashes. Learn more in the matrix-corporal changelog: https://github.com/devture/matrix-corporal/blob/master/CHANGELOG.md --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 313f79a8..fd6b65d3 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -22,7 +22,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.1.2 +matrix_corporal_version: 2.1.3 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility