Hello community,
here is the log from the commit of package matrix-synapse for openSUSE:Factory
checked in at 2020-10-16 16:13:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/matrix-synapse (Old)
and /work/SRC/openSUSE:Factory/.matrix-synapse.new.3486 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "matrix-synapse"
Fri Oct 16 16:13:39 2020 rev:22 rq:841979 version:1.21.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse.changes
2020-09-25 16:37:23.620202394 +0200
+++ /work/SRC/openSUSE:Factory/.matrix-synapse.new.3486/matrix-synapse.changes
2020-10-16 16:13:51.128682831 +0200
@@ -1,0 +2,193 @@
+Thu Oct 15 17:16:29 UTC 2020 - Marcus Rueckert <mrueck...@suse.de>
+
+- prepare to support more optional features in the buildrequires
+ (oidc/redis). failing atm due to missing libraries
+
+-------------------------------------------------------------------
+Thu Oct 15 16:45:55 UTC 2020 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.21.2
+ - Security advisory
+ - HTML pages served via Synapse were vulnerable to cross-site
+ scripting (XSS) attacks. All server administrators are
+ encouraged to upgrade. (#8444) (CVE-2020-26891)
+ - This fix was originally included in v1.21.0 but was missing a
+ security advisory. This was reported by Denis Kasak.
+ - Bugfixes
+ - Fix rare bug where sending an event would fail due to a racey
+ assertion. (#8530)
+ - An updated version of the authlib dependency is included in
+ the Docker and Debian images to fix an issue using OpenID
+ Connect. See #8534 for details.
+
+-------------------------------------------------------------------
+Wed Oct 14 16:09:43 UTC 2020 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.21.1
+ This release fixes a regression in v1.21.0 that prevented debian
+ packages from being built. It is otherwise identical to v1.21.0.
+
+-------------------------------------------------------------------
+Mon Oct 12 17:08:13 UTC 2020 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.21.0
+ - Features
+ - Convert additional templates from inline HTML to Jinja2
+ templates. (#8444)
+ - Require the user to confirm that their password should be
+ reset after clicking the email confirmation link. (#8004)
+ - Add an admin API GET /_synapse/admin/v1/event_reports to read
+ entries of table event_reports. Contributed by @dklimpel.
+ (#8217)
+ - Consolidate the SSO error template across all configuration.
+ (#8248, #8405)
+ - Add a configuration option to specify a whitelist of domains
+ that a user can be redirected to after validating their email
+ or phone number. (#8275, #8417)
+ - Add experimental support for sharding event persister.
+ (#8294, #8387, #8396, #8419)
+ - Add the room topic and avatar to the room details admin API.
+ (#8305)
+ - Add an admin API for querying rooms where a user is a member.
+ Contributed by @dklimpel. (#8306)
+ - Add uk.half-shot.msc2778.login.application_service login type
+ to allow appservices to login. (#8320)
+ - Add a configuration option that allows existing users to log
+ in with OpenID Connect. Contributed by @BBBSnowball and
+ @OmmyZhang. (#8345)
+ - Add prometheus metrics for replication requests. (#8406)
+ - Support passing additional single sign-on parameters to the
+ client. (#8413)
+ - Add experimental reporting of metrics on expensive rooms for
+ state-resolution. (#8420)
+ - Add experimental prometheus metric to track numbers of
+ "large" rooms for state resolutiom. (#8425)
+ - Add prometheus metrics to track federation delays. (#8430)
+ - Bugfixes
+ - Fix duplication of events on high traffic servers, caused by
+ PostgreSQL could not serialize access due to concurrent
+ update errors. (#8456)
+ - Fix a regression in v1.21.0rc1 which broke thumbnails of
+ remote media. (#8438)
+ - Do not expose the experimental
+ uk.half-shot.msc2778.login.application_service flow in the
+ login API, which caused a compatibility problem with Element
+ iOS. (#8440)
+ - Fix malformed log line in new federation "catch up" logic.
+ (#8442)
+ - Fix DB query on startup for negative streams which caused
+ long start up times. Introduced in #8374. (#8447)
+ - Fix a bug in the media repository where remote thumbnails
+ with the same size but different crop methods would overwrite
+ each other. Contributed by @deepbluev7. (#7124)
+ - Fix inconsistent handling of non-existent push rules, and
+ stop tracking the enabled state of removed push rules.
+ (#7796)
+ - Fix a longstanding bug when storing a media file with an
+ empty upload_name. (#7905)
+ - Fix messages not being sent over federation until an event is
+ sent into the same room. (#8230, #8247, #8258, #8272, #8322)
+ - Fix a longstanding bug where files that could not be
+ thumbnailed would result in an Internal Server Error. (#8236,
+ #8435)
+ - Upgrade minimum version of canonicaljson to version 1.4.0, to
+ fix an unicode encoding issue. (#8262)
+ - Fix longstanding bug which could lead to incomplete database
+ upgrades on SQLite. (#8265)
+ - Fix stack overflow when stderr is redirected to the logging
+ system, and the logging system encounters an error. (#8268)
+ - Fix a bug which cause the logging system to report errors, if
+ DEBUG was enabled and no context filter was applied. (#8278)
+ - Fix edge case where push could get delayed for a user until a
+ later event was pushed. (#8287)
+ - Fix fetching malformed events from remote servers. (#8324)
+ - Fix UnboundLocalError from occuring when appservices send a
+ malformed register request. (#8329)
+ - Don't send push notifications to expired user accounts.
+ (#8353)
+ - Fix a regression in v1.19.0 with reactivating users through
+ the admin API. (#8362)
+ - Fix a bug where during device registration the length of the
+ device name wasn't limited. (#8364)
+ - Include guest_access in the fields that are checked for null
+ bytes when updating room_stats_state. Broke in v1.7.2.
+ (#8373)
+ - Fix theoretical race condition where events are not sent down
+ /sync if the synchrotron worker is restarted without
+ restarting other workers. (#8374)
+ - Fix a bug which could cause errors in rooms with malformed
+ membership events, on servers using sqlite. (#8385)
+ - Fix "Re-starting finished log context" warning when receiving
+ an event we already had over federation. (#8398)
+ - Fix incorrect handling of timeouts on outgoing HTTP requests.
+ (#8400)
+ - Fix a regression in v1.20.0 in the synapse_port_db script
+ regarding the ui_auth_sessions_ips table. (#8410)
+ - Remove unnecessary 3PID registration check when resetting
+ password via an email address. Bug introduced in v0.34.0rc2.
+ (#8414)
+ - Improved Documentation
+ - Add /_synapse/client to the reverse proxy documentation.
+ (#8227)
+ - Add note to the reverse proxy settings documentation about
+ disabling Apache's mod_security2. Contributed by Julian
+ Fietkau (@jfietkau). (#8375)
+ - Improve description of server_name config option in
+ homserver.yaml. (#8415)
+ - Deprecations and Removals
+ - Drop support for prometheus_client older than 0.4.0. (#8426)
+ - Internal Changes
+ - Fix tests on distros which disable TLSv1.0. Contributed by
+ @danc86. (#8208)
+ - Simplify the distributor code to avoid unnecessary work.
+ (#8216)
+ - Remove the populate_stats_process_rooms_2 background job and
+ restore functionality to populate_stats_process_rooms.
+ (#8243)
+ - Clean up type hints for PaginationConfig. (#8250, #8282)
+ - Track the latest event for every destination and room for
+ catch-up after federation outage. (#8256)
+ - Fix non-user visible bug in implementation of
+ MultiWriterIdGenerator.get_current_token_for_writer. (#8257)
+ - Switch to the JSON implementation from the standard library.
+ (#8259)
+ - Add type hints to synapse.util.async_helpers. (#8260)
+ - Simplify tests that mock asynchronous functions. (#8261)
+ - Add type hints to StreamToken and RoomStreamToken classes.
+ (#8279)
+ - Change StreamToken.room_key to be a RoomStreamToken instance.
+ (#8281)
+ - Refactor notifier code to correctly use the max event stream
+ position. (#8288)
+ - Use slotted classes where possible. (#8296)
+ - Support testing the local Synapse checkout against the
+ Complement homeserver test suite. (#8317)
+ - Update outdated usages of metaclass to python 3 syntax.
+ (#8326)
+ - Move lint-related dependencies to package-extra field, update
+ CONTRIBUTING.md to utilise this. (#8330, #8377)
+ - Use the admin_patterns helper in additional locations.
+ (#8331)
+ - Fix test logging to allow braces in log output. (#8335)
+ - Remove __future__ imports related to Python 2 compatibility.
+ (#8337)
+ - Simplify super() calls to Python 3 syntax. (#8344)
+ - Fix bad merge from release-v1.20.0 branch to develop. (#8354)
+ - Factor out a _send_dummy_event_for_room method. (#8370)
+ - Improve logging of state resolution. (#8371)
+ - Add type annotations to SimpleHttpClient. (#8372)
+ - Refactor ID generators to use async with syntax. (#8383)
+ - Add EventStreamPosition type. (#8388)
+ - Create a mechanism for marking tests "logcontext clean".
+ (#8399)
+ - A pair of tiny cleanups in the federation request code.
+ (#8401)
+ - Add checks on startup that PostgreSQL sequences are
+ consistent with their associated tables. (#8402)
+ - Do not include appservice users when calculating the total
+ MAU for a server. (#8404)
+ - Typing fixes for synapse.handlers.federation. (#8422)
+ - Various refactors to simplify stream token handling. (#8423)
+ - Make stream token serializing/deserializing async. (#8427)
+
+-------------------------------------------------------------------
Old:
----
matrix-synapse-1.20.1.obscpio
New:
----
matrix-synapse-1.21.2.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ matrix-synapse-test.spec ++++++
--- /var/tmp/diff_new_pack.fDIyRE/_old 2020-10-16 16:13:53.744683633 +0200
+++ /var/tmp/diff_new_pack.fDIyRE/_new 2020-10-16 16:13:53.748683634 +0200
@@ -32,7 +32,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
-Version: 1.20.1
+Version: 1.21.2
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0
++++++ matrix-synapse.spec ++++++
--- /var/tmp/diff_new_pack.fDIyRE/_old 2020-10-16 16:13:53.788683647 +0200
+++ /var/tmp/diff_new_pack.fDIyRE/_new 2020-10-16 16:13:53.792683647 +0200
@@ -19,9 +19,11 @@
# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS.
%bcond_without email_notifs
%bcond_without postgres
+%bcond_with oidc
%bcond_without saml
%bcond_without url_preview
%bcond_without jwt
+%bcond_with redis
# missing deps
%bcond_with opentracing
# matrix-synapse-ldap isn't packaged on openSUSE.
@@ -46,7 +48,7 @@
%define modname synapse
%define pkgname matrix-synapse
Name: %{pkgname}
-Version: 1.20.1
+Version: 1.21.2
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@@ -154,6 +156,10 @@
BuildRequires: python3-pysaml2 >= 4.5.0
%requires_eq python3-pysaml2
%endif
+%if %{with oidc}
+BuildRequires: python3-authlib >= 0.15.1
+%requires_eq python3-authlib
+%endif
%if %{with url_preview}
BuildRequires: python3-lxml >= 3.5.0
%requires_eq python3-lxml
@@ -172,6 +178,12 @@
BuildRequires: python3-opentracing >= 2.2.0
%requires_eq python3-opentracing
%endif
+%if %{with redis}
+BuildRequires: python3-txredisapi >= 1.4.7
+%requires_eq python3-txredisapi
+BuildRequires: python3-hiredis
+%requires_eq python3-hiredis
+%endif
BuildArch: noarch
# We only provide/obsolete python2 to ensure that users upgrade.
Obsoletes: python2-matrix-synapse < %{version}-%{release}
++++++ _service ++++++
--- /var/tmp/diff_new_pack.fDIyRE/_old 2020-10-16 16:13:53.840683662 +0200
+++ /var/tmp/diff_new_pack.fDIyRE/_new 2020-10-16 16:13:53.844683664 +0200
@@ -4,7 +4,7 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param>
- <param name="revision">v1.20.1</param>
+ <param name="revision">v1.21.2</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param>
<!--
++++++ matrix-synapse-1.20.1.obscpio -> matrix-synapse-1.21.2.obscpio ++++++
/work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse-1.20.1.obscpio
/work/SRC/openSUSE:Factory/.matrix-synapse.new.3486/matrix-synapse-1.21.2.obscpio
differ: char 49, line 1
++++++ matrix-synapse.obsinfo ++++++
--- /var/tmp/diff_new_pack.fDIyRE/_old 2020-10-16 16:13:53.896683679 +0200
+++ /var/tmp/diff_new_pack.fDIyRE/_new 2020-10-16 16:13:53.896683679 +0200
@@ -1,5 +1,5 @@
name: matrix-synapse
-version: 1.20.1
-mtime: 1600961731
-commit: ab903e7337f6c2c7cfcdac69b13dedf67e56d801
+version: 1.21.2
+mtime: 1602772423
+commit: 9b8a53c7b9e1a3ca5f46e417b9fa705f8bacb494
