Summary: | <net-im/synapse-1.93.0: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Petr Vaněk <arkamar> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | arkamar, proxy-maint |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://github.com/gentoo/gentoo/pull/33076 https://github.com/gentoo/gentoo/pull/33279 |
||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 916010 | ||
Bug Blocks: |
Description
Petr Vaněk
![]() The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fac914d542d409b61503fb44d4a55713632de066 commit fac914d542d409b61503fb44d4a55713632de066 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-09-26 20:39:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-09-26 20:44:35 +0000 net-im/synapse: drop 1.88.0 Bug: https://bugs.gentoo.org/914765 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Closes: https://github.com/gentoo/gentoo/pull/33076 Signed-off-by: Sam James <sam@gentoo.org> net-im/synapse/Manifest | 10 -- net-im/synapse/synapse-1.88.0.ebuild | 210 ----------------------------------- 2 files changed, 220 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a3c6a063d96b19d670055e4475337a400d4f3f6 commit 1a3c6a063d96b19d670055e4475337a400d4f3f6 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-09-26 20:18:53 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-09-26 20:44:35 +0000 net-im/synapse: add 1.93.0 Upstream has set a restriction on pillow to be >=10.0.1 due to libwebp CVE-2023-4863. While they mention the possibility of lowering the restriction to >=5.4.0 if the issue is addressed downstream (which we have done), it seems to be unnecessary since we already have the pillow-10 line stabilized. Bug: https://bugs.gentoo.org/914765 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Signed-off-by: Sam James <sam@gentoo.org> net-im/synapse/Manifest | 5 + net-im/synapse/synapse-1.93.0.ebuild | 210 +++++++++++++++++++++++++++++++++++ 2 files changed, 215 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c559bb7c5683fd991d317ca697c899915619423 commit 7c559bb7c5683fd991d317ca697c899915619423 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-10-19 15:48:51 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-27 02:53:12 +0000 net-im/synapse: drop 1.90.0, 1.92.2 Bug: https://bugs.gentoo.org/914765 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Signed-off-by: Sam James <sam@gentoo.org> net-im/synapse/Manifest | 14 --- net-im/synapse/synapse-1.90.0.ebuild | 210 ----------------------------------- net-im/synapse/synapse-1.92.2.ebuild | 210 ----------------------------------- 3 files changed, 434 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=17e2b155a748af5cd1276229d389b4641fec18c7 commit 17e2b155a748af5cd1276229d389b4641fec18c7 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-07 10:31:28 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-07 10:31:54 +0000 [ GLSA 202401-12 ] Synapse: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/914765 Bug: https://bugs.gentoo.org/916609 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-12.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) |