Accepting request 841978 from home:darix:apps

- prepare to support more optional features in the buildrequires
  (oidc/redis). failing atm due to missing libraries

- Update to 1.21.2 
  - Security advisory
    - HTML pages served via Synapse were vulnerable to cross-site
      scripting (XSS) attacks. All server administrators are
      encouraged to upgrade. (#8444) (CVE-2020-26891)
    - This fix was originally included in v1.21.0 but was missing a
      security advisory.  This was reported by Denis Kasak.
  - Bugfixes
    - Fix rare bug where sending an event would fail due to a racey
      assertion. (#8530)
    - An updated version of the authlib dependency is included in
      the Docker and Debian images to fix an issue using OpenID
      Connect. See #8534 for details.

OBS-URL: https://build.opensuse.org/request/show/841978
OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=147
This commit is contained in:
Marcus Rückert 2020-10-15 17:17:52 +00:00 committed by Git OBS Bridge
parent 7803f922fb
commit 4c5b1c1305
7 changed files with 44 additions and 9 deletions

View File

@ -4,7 +4,7 @@
<param name="versionformat">@PARENT_TAG@</param> <param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param> <param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param> <param name="scm">git</param>
<param name="revision">v1.21.1</param> <param name="revision">v1.21.2</param>
<param name="versionrewrite-pattern">v(.*)</param> <param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param> <param name="versionrewrite-replacement">\1</param>
<!-- <!--

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:376af40c3224e3c343eae7118656cf6baf5a3b934130a00e80a0761c9c07c562
size 28527629

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dfd64b2877d1dc86bf724937719ae41c82817fa383008a83db1bacf237b4dd66
size 28528653

View File

@ -32,7 +32,7 @@
%define pkgname matrix-synapse %define pkgname matrix-synapse
Name: %{pkgname}-test Name: %{pkgname}-test
Version: 1.21.1 Version: 1.21.2
Release: 0 Release: 0
Summary: Test package for %{pkgname} Summary: Test package for %{pkgname}
License: Apache-2.0 License: Apache-2.0

View File

@ -1,3 +1,26 @@
-------------------------------------------------------------------
Thu Oct 15 17:16:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- prepare to support more optional features in the buildrequires
(oidc/redis). failing atm due to missing libraries
-------------------------------------------------------------------
Thu Oct 15 16:45:55 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.21.2
- Security advisory
- HTML pages served via Synapse were vulnerable to cross-site
scripting (XSS) attacks. All server administrators are
encouraged to upgrade. (#8444) (CVE-2020-26891)
- This fix was originally included in v1.21.0 but was missing a
security advisory. This was reported by Denis Kasak.
- Bugfixes
- Fix rare bug where sending an event would fail due to a racey
assertion. (#8530)
- An updated version of the authlib dependency is included in
the Docker and Debian images to fix an issue using OpenID
Connect. See #8534 for details.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Oct 14 16:09:43 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> Wed Oct 14 16:09:43 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>

View File

@ -1,5 +1,5 @@
name: matrix-synapse name: matrix-synapse
version: 1.21.1 version: 1.21.2
mtime: 1602581236 mtime: 1602772423
commit: 58e583eac1204e6eee6ee924a798180542f1e2c0 commit: 9b8a53c7b9e1a3ca5f46e417b9fa705f8bacb494

View File

@ -19,9 +19,11 @@
# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS. # These come from matrix-synapse's CONDITIONAL_REQUIREMENTS.
%bcond_without email_notifs %bcond_without email_notifs
%bcond_without postgres %bcond_without postgres
%bcond_with oidc
%bcond_without saml %bcond_without saml
%bcond_without url_preview %bcond_without url_preview
%bcond_without jwt %bcond_without jwt
%bcond_with redis
# missing deps # missing deps
%bcond_with opentracing %bcond_with opentracing
# matrix-synapse-ldap isn't packaged on openSUSE. # matrix-synapse-ldap isn't packaged on openSUSE.
@ -46,7 +48,7 @@
%define modname synapse %define modname synapse
%define pkgname matrix-synapse %define pkgname matrix-synapse
Name: %{pkgname} Name: %{pkgname}
Version: 1.21.1 Version: 1.21.2
Release: 0 Release: 0
Summary: Matrix protocol reference homeserver Summary: Matrix protocol reference homeserver
License: Apache-2.0 License: Apache-2.0
@ -154,6 +156,10 @@ BuildRequires: python3-txacme >= 0.9.2
BuildRequires: python3-pysaml2 >= 4.5.0 BuildRequires: python3-pysaml2 >= 4.5.0
%requires_eq python3-pysaml2 %requires_eq python3-pysaml2
%endif %endif
%if %{with oidc}
BuildRequires: python3-authlib >= 0.15.1
%requires_eq python3-authlib
%endif
%if %{with url_preview} %if %{with url_preview}
BuildRequires: python3-lxml >= 3.5.0 BuildRequires: python3-lxml >= 3.5.0
%requires_eq python3-lxml %requires_eq python3-lxml
@ -172,6 +178,12 @@ BuildRequires: python3-jaeger-client >= 4.0.0
BuildRequires: python3-opentracing >= 2.2.0 BuildRequires: python3-opentracing >= 2.2.0
%requires_eq python3-opentracing %requires_eq python3-opentracing
%endif %endif
%if %{with redis}
BuildRequires: python3-txredisapi >= 1.4.7
%requires_eq python3-txredisapi
BuildRequires: python3-hiredis
%requires_eq python3-hiredis
%endif
BuildArch: noarch BuildArch: noarch
# We only provide/obsolete python2 to ensure that users upgrade. # We only provide/obsolete python2 to ensure that users upgrade.
Obsoletes: python2-matrix-synapse < %{version}-%{release} Obsoletes: python2-matrix-synapse < %{version}-%{release}