We found a high severity vulnerability in Synapse and plan to release a fix in Synapse 1.47.1 on Tuesday 23rd November.

If you run a Synapse instance, please be prepared to upgrade as soon as the patched version is released.

@matrix Are earlier versions than 1.47.0 affected as well?

@matrix And I just patched to 1.47 within the last hour.

Guess I'll be standing by for the next one, too.

Sign in to participate in the conversation's Mastodon is one server in the network