We found a high severity vulnerability in Synapse and plan to release a fix in Synapse 1.47.1 on Tuesday 23rd November.

If you run a Synapse instance, please be prepared to upgrade as soon as the patched version is released.

@matrix Are earlier versions than 1.47.0 affected as well?

@matrix And I just patched to 1.47 within the last hour.

Guess I'll be standing by for the next one, too.

Sign in to participate in the conversation's Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!