rpm/matrix-synapse
SHA256
1
0
Fork 0
forked from pool/matrix-synapse
Code Pull Requests Activity

Accepting request 1113560 from home:darix:apps

Browse Source 
- Update to 1.92.3
  This release does not affect openSUSE as we do not use the intree
  libwebp
  Upstream changes:
  This is again a security update targeted at mitigating
  CVE-2023-4863. It turns out that libwebp is bundled statically in
  Pillow wheels so we need to update this dependency instead of
  libwebp package at the OS level.
  Unlike what was advertised in 1.92.2 changelog this release also
  impacts PyPI wheels and Debian packages from matrix.org.
  We encourage admins to upgrade as soon as possible.
  Internal Changes
  - Pillow 10.0.1 is now mandatory because of libwebp
    CVE-2023-4863, since Pillow provides libwebp in the wheels.
    (#16347)
- bump all the dependencies which are not available in tumbleweed.

- Update to 1.92.2
  Only fix in this is actually changing the upstream docker
  configuration to mitigate the webp security bug. Does not affect
  our package.

- Update to 1.92.1
  - Bugfixes
    - Revert MSC3861 introspection cache, admin impersonation and
      account lock. (#16258)
  - Internal Changes
    - Fix incorrect docstring for Ratelimiter. (#16255)
    - Update the release script to work on macOS. (#16266)
    - Stop building Ubuntu Kinetic since it is EOL and repos seem

OBS-URL: https://build.opensuse.org/request/show/1113560
OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=287
This commit is contained in:
Marcus Rückert 2023-09-25 23:13:20 +00:00 committed by Git OBS Bridge
parent 732a56b96c
commit 3548a07d65
8 changed files with 68 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
_service
View File

@ -4,11 +4,11 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param>
<param name="revision">v1.91.2</param>
<param name="revision">v1.92.3</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param>
<!--
<param name="revision">v1.92.0rc1</param>
<param name="revision">v1.93.0rc1</param>
<param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
<param name="versionrewrite-replacement">\1~\2</param>
-->

3
matrix-synapse-1.91.2.obscpio
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8df6270da824c716c7855c1dbe4426801844378f369274ad9233dd5bc19e0cc2
size 35482637

3
matrix-synapse-1.92.3.obscpio Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:90148eebf7b4080ec4426230d6769155e9d6e4bdbce77c5d164cc1df2a21c046
size 35512845

2
matrix-synapse-test.spec
View File

@ -27,7 +27,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
Version: 1.91.2
Version: 1.92.3
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0

45
matrix-synapse.changes
View File

@ -1,3 +1,48 @@
-------------------------------------------------------------------
Mon Sep 25 23:09:42 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.92.3
This release does not affect openSUSE as we do not use the intree
libwebp
Upstream changes:
This is again a security update targeted at mitigating
CVE-2023-4863. It turns out that libwebp is bundled statically in
Pillow wheels so we need to update this dependency instead of
libwebp package at the OS level.
Unlike what was advertised in 1.92.2 changelog this release also
impacts PyPI wheels and Debian packages from matrix.org.
We encourage admins to upgrade as soon as possible.
Internal Changes
- Pillow 10.0.1 is now mandatory because of libwebp
CVE-2023-4863, since Pillow provides libwebp in the wheels.
(#16347)
- bump all the dependencies which are not available in tumbleweed.
-------------------------------------------------------------------
Fri Sep 15 13:57:20 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.92.2
Only fix in this is actually changing the upstream docker
configuration to mitigate the webp security bug. Does not affect
our package.
-------------------------------------------------------------------
Tue Sep 12 20:21:04 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
- Update to 1.92.1
- Bugfixes
- Revert MSC3861 introspection cache, admin impersonation and
account lock. (#16258)
- Internal Changes
- Fix incorrect docstring for Ratelimiter. (#16255)
- Update the release script to work on macOS. (#16266)
- Stop building Ubuntu Kinetic since it is EOL and repos seem
to be dead.
-------------------------------------------------------------------
Wed Sep 6 20:43:15 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>

6
matrix-synapse.obsinfo
View File

@ -1,4 +1,4 @@
name: matrix-synapse
version: 1.91.2
mtime: 1694013057
commit: 9de615b3aa4f20cab182cf3822943b9465a30643
version: 1.92.3
mtime: 1695044157
commit: e36990c00e201b35b62a91991be15c35edb20d8d

30
matrix-synapse.spec
View File

@ -21,17 +21,14 @@
# NOTE: Keep this is in the same order as pyproject.toml.
%if %{with use_poetry_for_dependencies}
%global Jinja2_version 3.1.2
# TODO: 10.0.0
%global Pillow_version 9.5.0
# TODO: 6.0.1
%global PyYAML_version 6.0
%global Pillow_version 10.0.1
%global PyYAML_version 6.0.1
%global Twisted_version 22.10.0
%global attrs_version 23.1.0
%global bcrypt_version 4.0.1
%global bleach_version 5.0.1
%global canonicaljson_version 2.0.0
# TODO: 41.0.3
%global cryptography_version 41.0.2
%global cryptography_version 41.0.3
%global immutabledict_version 3.0.0
%global idna_version 3.4
%global ijson_version 3.2.3
@ -41,15 +38,14 @@
%global matrix_common_max_version 2
%global msgpack_version 1.0.5
%global netaddr_version 0.8.0
# TODO: 8.13.14
# TODO: 8.13.19
%global phonenumbers_version 8.13.18
# TODO: 0.17.1
%global prometheus_client_version 0.17.0
%global psutil_version 2.0.0
%global pyOpenSSL_version 23.0.0
%global pyasn1_version 0.5.0
# TODO 0.3.0
%global pyasn1_modules_version 0.2.8
%global pyasn1_modules_version 0.3.0
%global pymacaroons_version 0.13.0
%global service_identity_version 23.1.0
%global signedjson_version 1.1.4
@ -61,13 +57,12 @@
%global unpaddedbase64_version 2.1.0
%global matrix_synapse_ldap3_version 0.2.2
%global packaging_version 23.1
%global psycopg2_version 2.9.6
%global psycopg2_version 2.9.7
# TODO 7.3.1
%global pysaml2_version 7.2.1
%global Authlib_version 1.2.1
# TODO 4.9.3
%global lxml_version 4.9.2
%global sentry_sdk_version 1.29.2
%global lxml_version 4.9.3
%global sentry_sdk_version 1.30.0
%global PyJWT_version 2.4.0
%global jaeger_client_version 4.8.0
%global opentracing_version 2.4.0
@ -76,12 +71,11 @@
%global txredisapi_version 1.4.9
%global Pympler_version 1.0.1
%global pydantic_version 1.9.1
# TODO: 2.10.2
%global pyicu_version 2.10.2
%global pyicu_version 2.11
%else
# some version locks based on poetry.lock
%global Jinja2_version 3.0
%global Pillow_version 5.4.0
%global Pillow_version 10.0.1
%global PyYAML_version 3.13
%global Twisted_version 18.9.0
%global attrs_version 21.1.1
@ -160,7 +154,7 @@
%define pkgname matrix-synapse
%define eggname matrix_synapse
Name: %{pkgname}
Version: 1.91.2
Version: 1.92.3
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@ -198,7 +192,7 @@ BuildRequires: (%{use_python}-poetry-core >= 1.0.0 with %{use_python}-poetry-co
%{?systemd_ordering}
%{sysusers_requires}
%requires_peq %{use_python}-base
BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.6.0)
BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.7.0)
# NOTE: Keep this is in the same order as pyproject.toml.
# some version locks based on poetry.lock
BuildRequires: %{use_python}-Jinja2 >= %{Jinja2_version}

4
vendor.tar.zst
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ff32dd13fbe8c28fc0a31caeabf132296d4f72f17f84da2f2fcb8b89f0738ba8
size 5740177
oid sha256:7b26ed3c343eb29af62e73dadc59813a8a3e142c62208b906a525fef27b56078
size 5755545