Skip to content

[3.20] community/synapse: upgrade to 1.120.2

jahway603 requested to merge jahway603/aports:3.20_synapse-1.120.2 into 3.20-stable

THIS IS A SECURITY UPDATE FOR SYNAPSE

CVE fixed are:

  • CVE-2024-52805
  • CVE-2024-52815
  • CVE-2024-53863
  • CVE-2024-53867

Additionally, they disclosed the following vulnerabilities, both have been fixed in Synapse 1.106.0:

  • CVE-2024-37302
  • CVE-2024-37303

More details in Release Notes:
https://github.com/element-hq/synapse/releases/tag/v1.120.2

This update supersedes the non-merged PR !75993 (closed), but this provides major security fixes of CVE.

Edited by jahway603

Merge request reports