From 26b84e6e511535bf99f7bb1de84cba4d11cad8be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Tue, 25 Feb 2020 23:03:02 +0100 Subject: [PATCH 1/3] Fix "if" condition" --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 34636b8..25f57ea 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -235,7 +235,7 @@ ynh_replace_special_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$s ynh_replace_special_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$homeserver_config_path" ynh_replace_special_string --match_string=__REGISTRATION_SECRET__ --replace_string="$registration_shared_secret" --target_file="$homeserver_config_path" ynh_replace_special_string --match_string=__FORM_SECRET__ --replace_string="$form_secret" --target_file="$homeserver_config_path" -if [ -n $macaroon_secret_key ]; then +if [ -z $macaroon_secret_key ]; then # Well, in this package this value was not managed because it was not needed, synapse is able to generate this with some other secret in the config file but after some vulnerability was found with this practice. # For more detail about this issue you can see : https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/ # The problem is that we can't just say generate a new value if the package has not already defined a value. The reason is that changing this value logout all user. And in case of a user has enabled the encryption, the user might lost all conversation !! From a3050ffd238f39f482c79b53b6827fc9931ad426 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Tue, 3 Mar 2020 21:54:16 +0000 Subject: [PATCH 2/3] Upgrade synapse to 1.11.1 --- README.md | 2 +- conf/armv7_stretch.src | 4 ++-- manifest.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 2bdd207..69ca5a9 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ Instant messaging server matrix network. Yunohost chatroom with matrix : [https://riot.im/app/#/room/#yunohost:matrix.org](https://riot.im/app/#/room/#yunohost:matrix.org) -**Shipped version:** 1.11.0 +**Shipped version:** 1.11.1 ## Configuration diff --git a/conf/armv7_stretch.src b/conf/armv7_stretch.src index 667b8bf..6bcd6d3 100644 --- a/conf/armv7_stretch.src +++ b/conf/armv7_stretch.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.11.0/matrix-synapse_1.11.0-stretch-bin1_armv7l.tar.gz -SOURCE_SUM=8a4f13bdbe429c94df3aab07d289a61f5f2e372d45cda21ea9d297f1cc224ece +SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.11.1/matrix-synapse_1.11.1-stretch-bin1_armv7l.tar.gz +SOURCE_SUM=d793d49c561898330ce62bc7c1620b71467d611c375c41b697d2fd3064ddbee4 # (Optional) Program to check the integrity (sha256sum, md5sum...) # default: sha256 SOURCE_SUM_PRG=sha256sum diff --git a/manifest.json b/manifest.json index 8d26690..cd6b819 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Instant messaging server who use matrix", "fr": "Un serveur de messagerie instantané basé sur matrix" }, - "version": "1.11.0~ynh1", + "version": "1.11.1~ynh1", "url": "http://matrix.org", "license": "Apache-2.0", "maintainer": { From 874d68f6537a4efb3915600569d6da774fe3b6ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Fri, 6 Mar 2020 21:41:56 +0100 Subject: [PATCH 3/3] Fix "if" condition" --- scripts/change_url | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index 59a44c5..d8065af 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -114,7 +114,7 @@ ynh_replace_special_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$s ynh_replace_special_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$homeserver_config_path" ynh_replace_special_string --match_string=__REGISTRATION_SECRET__ --replace_string="$registration_shared_secret" --target_file="$homeserver_config_path" ynh_replace_special_string --match_string=__FORM_SECRET__ --replace_string="$form_secret" --target_file="$homeserver_config_path" -if [ -n $macaroon_secret_key ]; then +if [ -z $macaroon_secret_key ]; then # Well, in this package this value was not managed because it was not needed, synapse is able to generate this with some other secret in the config file but after some vulnerability was found with this practice. # For more detail about this issue you can see : https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/ # The problem is that we can't just say generate a new value if the package has not already defined a value. The reason is that changing this value logout all user. And in case of a user has enabled the encryption, the user might lost all conversation !!