Skip to content

automation: Update matrix-synapse Docker tag to v1.85.0

Housekeeper (bot) requested to merge renovate/matrix-synapse-1.x into master

This MR contains the following updates:

Package Update Change
matrix-synapse minor 1.84.1 -> 1.85.0

Release Notes

matrix-org/synapse

v1.85.0

Compare Source

===========================

No significant changes since 1.85.0rc2.

Security advisory

The following issues are fixed in 1.85.0 (and RCs).

  • GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity

    It may be possible for a deactivated user to login when using uncommon configurations.

  • GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity

    A discovered oEmbed or image URL can bypass the url_preview_url_blacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the url_preview_ip_range_blacklist setting (by default this only allows public IPs).

See the advisories for more details. If you have any questions, email security@matrix.org.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot. The local configuration can be found in the local Renovate Bot repository.

Merge request reports