implementation is unusably old and contains significant security problems
Bug #1848709 reported by
Richard van der Hoff
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
matrix-synapse (Debian) |
Fix Released
|
Unknown
|
|||
matrix-synapse (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
The versions of matrix-synapse in 18.04 and 18.10 are sufficiently old that they will be unable to communicate with any other Matrix servers. They also contain a number of known security problems, including CVE-2019-5885 [1].
It would be preferable to remove the unmaintained packages from at least bionic and cosmic, rather than provide outdated packages containing significant security problems.
Better-maintained packages are available for Ubuntu users in the matrix.org repositories [2].
[1] https:/
tags: | added: community-security |
Changed in matrix-synapse (Debian): | |
status: | Unknown → Fix Released |
To post a comment you must log in.
[2]: https:/ /github. com/matrix- org/synapse/ blob/master/ INSTALL. md#matrixorg- packages