Ubuntu 22.04 LTS: USN-7444-1 critical: Synapse security flaws

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Synapse. Software Description: - matrix-synapse: Synapse: Matrix homeserver written in Python/Twisted. Details: It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. (CVE-2023-32683) It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue to gain access to sensitive information. (CVE-2023-43796) It was discovered that Synapse could be tricked into rejecting state changes in rooms. An attacker could possibly use this issue to cause Synapse to stop functioning properly, resulting in a denial of service. This issue was only fixed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39374) It was discovered t...