FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

py-matrix-synapse -- multiple vulnerabilities in versions prior to 1.120.1

Affected packages
py310-matrix-synapse < 1.120.1
py311-matrix-synapse < 1.120.1
py38-matrix-synapse < 1.120.1
py39-matrix-synapse < 1.120.1

Details

VuXML ID 71f3e9f0-bafc-11ef-885d-901b0e934d69
Discovery 2024-12-03
Entry 2024-12-15

element-hq/synapse developers report:

[The 1.120.1] release fixes multiple security vulnerabilities, some affecting all prior versions of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild.

Administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below.

[source]

References

CVE Name CVE-2024-37302
CVE Name CVE-2024-37303
CVE Name CVE-2024-52805
CVE Name CVE-2024-52815
CVE Name CVE-2024-53863
CVE Name CVE-2024-53867
URL https://github.com/element-hq/synapse/security/advisories/GHSA-4mhg-xv73-xq2x
URL https://github.com/element-hq/synapse/security/advisories/GHSA-56w4-5538-8v8h
URL https://github.com/element-hq/synapse/security/advisories/GHSA-f3r3-h2mq-hx2h
URL https://github.com/element-hq/synapse/security/advisories/GHSA-gjgr-7834-rhxr
URL https://github.com/element-hq/synapse/security/advisories/GHSA-rfq8-j7rh-8hf2
URL https://github.com/element-hq/synapse/security/advisories/GHSA-vp6v-whfm-rv3g

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.