Accepting request 892256 from home:darix:apps

- Update to 1.33.2 Due to the security issue highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade. - Internal Changes - Unpin attrs dependency. (#9946) OBS-URL: https://build.opensuse.org/request/show/892256 OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=176
2021-05-11 14:14:47 +00:00 · 2021-05-11 14:14:47 +00:00 · 85934a8339
commit 85934a8339
parent 045a451866
7 changed files with 26 additions and 10 deletions
--- a/2
+++ b/2
@ -4,7 +4,7 @@
    <param name="versionformat">@PARENT_TAG@</param>
    <param name="url">https://github.com/matrix-org/synapse.git</param>
    <param name="scm">git</param>
-    <param name="revision">v1.33.1</param>
+    <param name="revision">v1.33.2</param>
    <param name="versionrewrite-pattern">v(.*)</param>
    <param name="versionrewrite-replacement">\1</param>
    <!--
--- a/matrix-synapse-1.33.1.obscpio
+++ b/matrix-synapse-1.33.1.obscpio
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1383a9491e44c5730b8f487cdf44eaaa9029d90d9b0f9d010beb80500689510a
-size 30060045
--- a/matrix-synapse-1.33.2.obscpio
+++ b/matrix-synapse-1.33.2.obscpio
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5177d693f414c3a6812f9e1c24c646c638ebc1fdd701c0857441f7d051cdfd06
+size 30069261
--- a/matrix-synapse-test.spec
+++ b/matrix-synapse-test.spec
@ -27,7 +27,7 @@

 %define         pkgname matrix-synapse
 Name:           %{pkgname}-test
-Version:        1.33.1
+Version:        1.33.2
 Release:        0
 Summary:        Test package for %{pkgname}
 License:        Apache-2.0
--- a/matrix-synapse.changes
+++ b/matrix-synapse.changes
@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Tue May 11 13:46:25 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.33.2
+  Due to the security issue highlighted below, server
+  administrators are encouraged to update Synapse. We are not aware
+  of these vulnerabilities being exploited in the wild.
+
+  Security advisory
+  This release fixes a denial of service attack (CVE-2021-29471)
+  against Synapse's push rules implementation. Server admins are
+  encouraged to upgrade.
+
+  - Internal Changes
+    - Unpin attrs dependency. (#9946)
+
 -------------------------------------------------------------------
 Thu May  6 14:44:02 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>

--- a/matrix-synapse.obsinfo
+++ b/matrix-synapse.obsinfo
@ -1,5 +1,5 @@
 name: matrix-synapse
-version: 1.33.1
-mtime: 1620306398
-commit: ac88aca7f7acc2ce909db230682f93bb4e2ff73b
+version: 1.33.2
+mtime: 1620738586
+commit: d1473f7362e9b146dbd256076c8e3c7d163e7d94

--- a/matrix-synapse.spec
+++ b/matrix-synapse.spec
@ -45,7 +45,7 @@
 %define         pkgname matrix-synapse
 %define         eggname matrix_synapse
 Name:           %{pkgname}
-Version:        1.33.1
+Version:        1.33.2
 Release:        0
 Summary:        Matrix protocol reference homeserver
 License:        Apache-2.0
@ -84,7 +84,7 @@ BuildRequires:  python3-PyYAML >= 3.11
 %requires_eq    python3-PyYAML
 BuildRequires:  python3-Twisted >= 20.3.0
 %requires_eq    python3-Twisted
-BuildRequires:  (python3-attrs >= 19.1.0 with python3-attrs < 21.1.0)
+BuildRequires:  ((python3-attrs >= 19.1.0 with python3-attrs < 21.1.0) or python3-attrs > 21.1.0)
 %requires_eq    python3-attrs
 BuildRequires:  python3-bcrypt >= 3.2.0
 %requires_eq    python3-bcrypt