963ee433ad
* Convert checkboxes to questions Signed-off-by: Kim Brose <2803622+HarHarLinks@users.noreply.github.com> * document internal links Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * document blog taxonomies Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * update PR bot CI from https://github.com/HarHarLinks/pr-template-autoclose Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix heading depth (MD001 MD003) Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix code blocks Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix spaces in link text (MD039) Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix no newline at end of file (MD047) Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix bare URLs without angle backets (MD034) Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * remove redundant attribute Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * linter exception Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * lint links and headings with rumdl instead of checklist Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * convert signoff checklist to heading Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * configure linter to .rumdl.toml explicitly Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * bump rumdl action Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * Shorten comments in the template Co-authored-by: Thibault Martin <thibaultamartin@users.noreply.github.com> Signed-off-by: Kim Brose <2803622+HarHarLinks@users.noreply.github.com> * Remove rumdl default config example comments Co-authored-by: Thibault Martin <thibaultamartin@users.noreply.github.com> Signed-off-by: Kim Brose <2803622+HarHarLinks@users.noreply.github.com> * explain more about the pr-bot Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * pin rumdl action to v0 Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> * fix unlinked email address in coc Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> --------- Signed-off-by: Kim Brose <2803622+HarHarLinks@users.noreply.github.com> Signed-off-by: HarHarLinks <2803622+HarHarLinks@users.noreply.github.com> Co-authored-by: Thibault Martin <thibaultamartin@users.noreply.github.com>
1.9 KiB
+++ title = "Synapse 1.11.1 released" path = "/blog/2020/03/03/synapse-1-11-1-released"
[taxonomies] author = ["Neil Johnson"] category = ["Releases"] +++
Synapse 1.11.1 is a security release which contains a fix impacting installations using Single Sign-On (i.e. SAML2 or CAS) for authentication. Administrators of such installations are encouraged to upgrade as soon as possible.
Admins not using Single Sign-On to authenticate users are not affected though may wish to upgrade anyway to pull in some unrelated bug fixes.
Thanks to Rhys Davies for the responsible disclosure.
Get the new release from github or any of the sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md.
Changelog since Synapse 1.11.0
Synapse 1.11.1 (2020-03-03)
This release includes a security fix impacting installations using Single Sign-On (i.e. SAML2 or CAS) for authentication. Administrators of such installations are encouraged to upgrade as soon as possible.
The release also includes fixes for a couple of other bugs.
Bugfixes
- Add a confirmation step to the SSO login flow before redirecting users to the redirect URL. (b2bd54a2, 65c73cdf, a0178df1)
- Fixed set a user as an admin with the admin API
PUT /_synapse/admin/v2/users/<user_id>. Contributed by @dklimpel. (#6910) - Fix bug introduced in Synapse 1.11.0 which sometimes caused errors when joining rooms over federation, with
'coroutine' object has no attribute 'event_id'. (#6996)