Accepting request 854270 from network:messaging:matrix

OBS-URL: https://build.opensuse.org/request/show/854270
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/matrix-synapse?expand=0&rev=25
This commit is contained in:
Dominique Leuenberger 2020-12-09 21:12:36 +00:00 committed by Git OBS Bridge
commit b4cc2c15de
7 changed files with 271 additions and 10 deletions

View File

@ -4,7 +4,7 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param>
<param name="revision">v1.22.1</param>
<param name="revision">v1.24.0</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param>
<!--

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:216f06bc9c27dccce79755382fdabccaa46d978f4d86ce616113d137e00339e4
size 28683277

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2b762205ddb67cb50a76f0579a7247b98682d2a81953979fb7b075e30167f93d
size 28951565

View File

@ -32,7 +32,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
Version: 1.22.1
Version: 1.24.0
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0

View File

@ -1,3 +1,264 @@
-------------------------------------------------------------------
Wed Dec 9 11:34:37 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.24.0
Due to the two security issues highlighted below, server
administrators are encouraged to update Synapse. We are not aware
of these vulnerabilities being exploited in the wild.
- Security
- There is a denial of service attack (CVE-2020-26257) against
the federation APIs in which future events will not be
correctly sent to other servers over federation. This affects
all servers that participate in open federation. (Fixed in
#8776).
- Synapse may be affected by OpenSSL CVE-2020-1971.
Synapse administrators should ensure that they have the
latest versions of the cryptography Python package installed.
- Features
- Add admin API for logging in as a user. (#8617)
- Allow specification of the SAML IdP if the metadata returns
multiple IdPs. (#8630)
- Add support for re-trying generation of a localpart for
OpenID Connect mapping providers. (#8801, #8855)
- Allow the Date header through CORS. Contributed by Nicolas
Chamo. (#8804)
- Add a config option, push.group_by_unread_count, which
controls whether unread message counts in push notifications
are defined as "the number of rooms with unread messages" or
"total unread messages". (#8820)
- Add force_purge option to delete-room admin api. (#8843)
- Bugfixes
- Fix a regression in v1.24.0rc1 which failed to allow SAML
mapping providers which were unable to redirect users to an
additional page. (#8878)
- Fix a bug where appservices may be sent an excessive amount
of read receipts and presence. Broke in v1.22.0. (#8744)
- Fix a bug in some federation APIs which could lead to
unexpected behaviour if different parameters were set in the
URI and the request body. (#8776)
- Fix a bug where synctl could spawn duplicate copies of a
worker. Contributed by Waylon Cude. (#8798)
- Allow per-room profiles to be used for the server notice
user. (#8799)
- Fix a bug where logging could break after a call to SIGHUP.
(#8817)
- Fix register_new_matrix_user failing with "Bad Request" when
trailing slash is included in server URL. Contributed by
@angdraug. (#8823)
- Fix a minor long-standing bug in login, where we would offer
the password login type if a custom auth provider supported
it, even if password login was disabled. (#8835)
- Fix a long-standing bug which caused Synapse to require
unspecified parameters during user-interactive
authentication. (#8848)
- Fix a bug introduced in v1.20.0 where the user-agent and IP
address reported during user registration for CAS, OpenID
Connect, and SAML were of the wrong form. (#8784)
- Improved Documentation
- Clarify the usecase for a msisdn delegate. Contributed by
Adrian Wannenmacher. (#8734)
- Remove extraneous comma from JSON example in User Admin API
docs. (#8771)
- Update turn-howto.md with troubleshooting notes. (#8779)
- Fix the example on how to set the Content-Type header in
nginx for the Client Well-Known URI. (#8793)
- Improve the documentation for the admin API to list all media
in a room with respect to encrypted events. (#8795)
- Update the formatting of the push section of the homeserver
config file to better align with the code style guidelines.
(#8818)
- Improve documentation how to configure prometheus for
workers. (#8822)
- Update example prometheus console. (#8824)
- Deprecations and Removals
- Remove old /_matrix/client/*/admin endpoints which were
deprecated since Synapse 1.20.0. (#8785)
- Disable pretty printing JSON responses for curl. Users who
want pretty-printed output should use jq in combination with
curl. Contributed by @tulir. (#8833)
- Internal Changes
- Add a maximum version for pysaml2 on Python 3.5. (#8898)
- Add support for the prometheus_client newer than 0.9.0.
Contributed by Jordan Bancino. (#8875)
- Simplify the way the HomeServer object caches its internal
attributes. (#8565, #8851)
- Add an example and documentation for clock skew to the SAML2
sample configuration to allow for clock/time difference
between the homserver and IdP. Contributed by @localguru.
(#8731)
- Generalise RoomMemberHandler._locally_reject_invite to apply
to more flows than just invite. (#8751)
- Generalise RoomStore.maybe_store_room_on_invite to handle
other, non-invite membership events. (#8754)
- Refactor test utilities for injecting HTTP requests. (#8757,
#8758, #8759, #8760, #8761, #8777)
- Consolidate logic between the OpenID Connect and SAML code.
(#8765)
- Use TYPE_CHECKING instead of magic MYPY variable. (#8770)
- Add a commandline script to sign arbitrary json objects.
(#8772)
- Minor log line improvements for the SSO mapping code used to
generate Matrix IDs from SSO IDs. (#8773)
- Add additional error checking for OpenID Connect and SAML
mapping providers. (#8774, #8800)
- Add type hints to HTTP abstractions. (#8806, #8812)
- Remove unnecessary function arguments and add typing to
several membership replication classes. (#8809)
- Optimise the lookup for an invite from another homeserver
when trying to reject it. (#8815)
- Add tests for password_auth_providers. (#8819)
- Drop redundant database index on event_json. (#8845)
- Simplify uk.half-shot.msc2778.login.application_service login
handler. (#8847)
- Refactor password_auth_provider support code. (#8849)
- Add missing ordering to background database updates. (#8850)
- Allow for specifying a room version when creating a room in
unit tests via RestHelper.create_room_as. (#8854)
-------------------------------------------------------------------
Wed Nov 18 13:59:26 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.23.0
This release changes the way structured logging is configured.
See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.
Note: We are aware of a trivially exploitable denial of service
vulnerability in versions of Synapse prior to 1.20.0. Complete
details will be disclosed on Monday, November 23rd. If you have
not upgraded recently, please do so.
- Features
- Add a push rule that highlights when a jitsi conference is
created in a room. (#8286)
- Add an admin api to delete a single file or files that were
not used for a defined time from server. Contributed by
@dklimpel. (#8519)
- Split admin API for reported events (GET
/_synapse/admin/v1/event_reports) into detail and list
endpoints. This is a breaking change to #8217 which was
introduced in Synapse v1.21.0. Those who already use this API
should check their scripts. Contributed by @dklimpel. (#8539)
- Support generating structured logs via the standard logging
configuration. (#8607, #8685)
- Add an admin API to allow server admins to list users'
pushers. Contributed by @dklimpel. (#8610, #8689)
- Add an admin API GET /_synapse/admin/v1/users/<user_id>/media
to get information about uploaded media. Contributed by
@dklimpel. (#8647)
- Add an admin API for local user media statistics. Contributed
by @dklimpel. (#8700)
- Add displayname to Shared-Secret Registration for admins.
(#8722)
- Bugfixes
- Fix fetching of E2E cross signing keys over federation when
only one of the master key and device signing key is cached
already. (#8455)
- Fix a bug where Synapse would blindly forward bad responses
from federation to clients when retrieving profile
information. (#8580)
- Fix a bug where the account validity endpoint would silently
fail if the user ID did not have an expiration time. It now
returns a 400 error. (#8620)
- Fix email notifications for invites without local state.
(#8627)
- Fix handling of invalid group IDs to return a 400 rather than
log an exception and return a 500. (#8628)
- Fix handling of User-Agent headers that are invalid UTF-8,
which caused user agents of users to not get correctly
recorded. (#8632)
- Fix a bug in the joined_rooms admin API if the user has never
joined any rooms. The bug was introduced, along with the API,
in v1.21.0. (#8643)
- Fix exception during handling multiple concurrent requests
for remote media when using multiple media repositories.
(#8682)
- Fix bug that prevented Synapse from recovering after losing
connection to the database. (#8726)
- Fix bug where the /_synapse/admin/v1/send_server_notice API
could send notices to non-notice rooms. (#8728)
- Fix PostgreSQL port script fails when DB has no backfilled
events. Broke in v1.21.0. (#8729)
- Fix PostgreSQL port script to correctly handle foreign key
constraints. Broke in v1.21.0. (#8730)
- Fix PostgreSQL port script so that it can be run again after
a failure. Broke in v1.21.0. (#8755)
- Improved Documentation
- Instructions for Azure AD in the OpenID Connect
documentation. Contributed by peterk. (#8582)
- Improve the sample configuration for single sign-on
providers. (#8635)
- Fix the filepath of Dex's example config and the link to
Dex's Getting Started guide in the OpenID Connect docs.
(#8657)
- Note support for Python 3.9. (#8665)
- Minor updates to docs on running tests. (#8666)
- Interlink prometheus/grafana documentation. (#8667)
- Notes on SSO logins and media_repository worker. (#8701)
- Document experimental support for running multiple event
persisters. (#8706)
- Add information regarding the various sources of, and
expected contributions to, Synapse's documentation to
CONTRIBUTING.md. (#8714)
- Migrate documentation docs/admin_api/event_reports to
markdown. (#8742)
- Add some helpful hints to the README for new Synapse
developers. Contributed by @chagai95. (#8746)
- Internal Changes
- Optimise /createRoom with multiple invited users. (#8559)
- Implement and use an `@lru_cache` decorator. (#8595)
- Don't instansiate Requester directly. (#8614)
- Type hints for RegistrationStore. (#8615)
- Change schema to support access tokens belonging to one user
but granting access to another. (#8616)
- Remove unused OPTIONS handlers. (#8621)
- Run mypy as part of the lint.sh script. (#8633)
- Correct Synapse's PyPI package name in the OpenID Connect
installation instructions. (#8634)
- Catch exceptions during initialization of password_providers.
Contributed by Nicolai Søborg. (#8636)
- Fix typos and spelling errors in the code. (#8639)
- Reduce number of OpenTracing spans started. (#8640, #8668,
#8670)
- Add field total to device list in admin API. (#8644)
- Add more type hints to the application services code. (#8655,
#8693)
- Tell Black to format code for Python 3.5. (#8664)
- Don't pull event from DB when handling replication traffic.
(#8669)
- Abstract some invite-related code in preparation for landing
knocking. (#8671, #8688)
- Clarify representation of events in logfiles. (#8679)
- Don't require hiredis package to be installed to run unit
tests. (#8680)
- Fix typing info on cache call signature to accept
on_invalidate. (#8684)
- Fail tests if they do not await coroutines. (#8690)
- Improve start time by adding an index to
e2e_cross_signing_keys.stream_id. (#8694)
- Re-organize the structured logging code to separate the TCP
transport handling from the JSON formatting. (#8697)
- Use Python 3.8 in Docker images by default. (#8698)
- Remove the "draft" status of the Room Details Admin API.
(#8702)
- Improve the error returned when a non-string displayname or
avatar_url is used when updating a user's profile. (#8705)
- Block attempts by clients to send server ACLs, or redactions
of server ACLs, that would result in the local server being
blocked from the room. (#8708)
- Add metrics the allow the local sysadmin to track 3PID
/requestToken requests. (#8712)
- Consolidate duplicated lists of purged tables that are
checked in tests. (#8713)
- Add some mdui:UIInfo element examples for saml2_config in the
homeserver config. (#8718)
- Improve the error message returned when a remote server
incorrectly sets the Content-Type header in response to a
JSON request. (#8719)
- Speed up repeated state resolutions on the same room by
caching event ID to auth event ID lookups. (#8752)
-------------------------------------------------------------------
Fri Oct 30 16:04:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>

View File

@ -1,5 +1,5 @@
name: matrix-synapse
version: 1.22.1
mtime: 1604072013
commit: b176f1036a247959f64378f3f3fa4b5175b3b5e9
version: 1.24.0
mtime: 1607512044
commit: 9b26a4ac87cead4846c5bada73927cc2a6353a90

View File

@ -48,7 +48,7 @@
%define modname synapse
%define pkgname matrix-synapse
Name: %{pkgname}
Version: 1.22.1
Version: 1.24.0
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@ -106,7 +106,7 @@ BuildRequires: python3-netaddr >= 0.7.18
%requires_eq python3-netaddr
BuildRequires: python3-phonenumbers >= 8.2.0
%requires_eq python3-phonenumbers
BuildRequires: (python3-prometheus_client >= 0.4.0 with python3-prometheus_client < 0.9.0)
BuildRequires: python3-prometheus_client >= 0.4.0
%requires_eq python3-prometheus_client
BuildRequires: python3-psutil >= 2.0.0
%requires_eq python3-psutil