This tag was signed with a verified signature.
erikjohnston
Erik Johnston
v0.17.0
Changes in synapse v0.17.0 (2016-08-08)
This release contains significant security bug fixes regarding authenticating
events received over federation. PLEASE UPGRADE.
This release changes the LDAP configuration format in a backwards incompatible
way, see PR #843 for details.
Changes:
Bug fixes:
- Fix URL preview API to exclude HTML comments in description (PR #988)
- Fix error handling of remote joins (PR #991)
Changes in synapse v0.17.0-rc4 (2016-08-05)
Changes:
- Change the way we summarize URLs when previewing (PR #973)
- Add new
/state_ids/federation API (PR #979) - Speed up processing of
/state/response (PR #986)
Bug fixes:
- Fix event persistence when event has already been partially persisted
(PR #975, #983, #985) - Fix port script to also copy across backfilled events (PR #982)
Changes in synapse v0.17.0-rc3 (2016-08-02)
Changes:
- Forbid non-ASes from registering users whose names begin with '_' (PR #958)
- Add some basic admin API docs (PR #963)
Bug fixes:
- Send the correct host header when fetching keys (PR #941)
- Fix joining a room that has missing auth events (PR #964)
- Fix various push bugs (PR #966, #970)
- Fix adding emails on registration (PR #968)
Changes in synapse v0.17.0-rc2 (2016-08-02)
(This release did not include the changes advertised and was identical to RC1)
Changes in synapse v0.17.0-rc1 (2016-07-28)
This release changes the LDAP configuration format in a backwards incompatible
way, see PR #843 for details.
Features:
- Add purge_media_cache admin API (PR #902)
- Add deactivate account admin API (PR #903)
- Add optional pepper to password hashing (PR #907, #910 by @KentShikama)
- Add an admin option to shared secret registration (breaks backwards compat)
(PR #909) - Add purge local room history API (PR #911, #923, #924)
- Add requestToken endpoints (PR #915)
- Add an /account/deactivate endpoint (PR #921)
- Add filter param to /messages. Add 'contains_url' to filter. (PR #922)
- Add device_id support to /login (PR #929)
- Add device_id support to /v2/register flow. (PR #937, #942)
- Add GET /devices endpoint (PR #939, #944)
- Add GET /device/{deviceId} (PR #943)
- Add update and delete APIs for devices (PR #949)
Changes:
- Rewrite LDAP Authentication against ldap3 (PR #843 by @mweinelt)
- Linearize some federation endpoints based on (origin, room_id) (PR #879)
- Remove the legacy v0 content upload API. (PR #888)
- Use similar naming we use in email notifs for push (PR #894)
- Optionally include password hash in createUser endpoint (PR #905 by
@KentShikama) - Use a query that postgresql optimises better for get_events_around (PR #906)
- Fall back to 'username' if 'user' is not given for appservice registration.
(PR #927 by @Half-Shot) - Add metrics for psutil derived memory usage (PR #936)
- Record device_id in client_ips (PR #938)
- Send the correct host header when fetching keys (PR #941)
- Log the hostname the reCAPTCHA was completed on (PR #946)
- Make the device id on e2e key upload optional (PR #956)
- Add r0.2.0 to the "supported versions" list (PR #960)
- Don't include name of room for invites in push (PR #961)
Bug fixes:
- Fix substitution failure in mail template (PR #887)
- Put most recent 20 messages in email notif (PR #892)
- Ensure that the guest user is in the database when upgrading accounts
(PR #914) - Fix various edge cases in auth handling (PR #919)
- Fix 500 ISE when sending alias event without a state_key (PR #925)
- Fix bug where we stored rejections in the state_group, persist all
rejections (PR #948) - Fix lack of check of if the user is banned when handling 3pid invites
(PR #952) - Fix a couple of bugs in the transaction and keyring code (PR #954, #955)