Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Fedora 38 matrix-synapse Critical Buffer Overflow Threat CVE-2024-31208

fedora
Calendar Grey May 3, 2024
Dist Fedora Esm H88
To address the vulnerabilities classified as CVE-2024-31208, which pose significant security risks, upgrade the matrix-synapse package to version 1.105.1 on Fedora 38
Update matrix-synapse to v1.105.1 (CVE-2024-31208) Update to v1.105.0

Summary

Matrix is an ambitious new ecosystem for open federated Instant Messaging and

VoIP. Synapse is a reference "homeserver" implementation of Matrix from the

core development team at matrix.org, written in Python/Twisted. It is intended

to showcase the concept of Matrix and let folks see the spec in the context of

a coded base and let you run your own homeserver and generally help bootstrap

the ecosystem.

Update Information:

Update matrix-synapse to v1.105.1 (CVE-2024-31208) Update to v1.105.0

Change Log

* Tue Apr 23 2024 Kai A. Hiller - 1.105.1-1 - Update to v1.105.1 (CVE-2024-31208) * Tue Apr 23 2024 Kai A. Hiller - 1.105.0-2 - Update pyo3 to v0.21.1 * Wed Apr 17 2024 Kai A. Hiller - 1.105.0-1 - Update to v1.105.0

References


[ 1 ] Bug #2263120 - matrix-synapse-1.105.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2263120

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7be0693731' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: matrix-synapse
Product: Fedora 38
Version: 1.105.1
Release: 1.fc38
Summary: A Matrix reference homeserver written in Python using Twisted

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.