From 8fc55b30c5e6f87ace69b8c61d09532d35569850 Mon Sep 17 00:00:00 2001 From: sakkiii Date: Tue, 11 May 2021 19:06:30 +0530 Subject: [PATCH] Upgrade Synapse (1.33.1 -> 1.33.2) This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade. Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2 --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a6b035c0..39a88333 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont # amd64 gets released first. # arm32 relies on self-building, so the same version can be built immediately. # arm64 users need to wait for a prebuilt image to become available. -matrix_synapse_version: v1.33.1 -matrix_synapse_version_arm64: v1.33.1 +matrix_synapse_version: v1.33.2 +matrix_synapse_version_arm64: v1.33.2 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"