The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients.
Note: release 1.135.1 was skipped due to issues discovered during the release process.
Two patched Synapse releases are now available:
1.135.2: stable release comprised of 1.135.0 + security patches
Upgrade to this release if you are currently running 1.135.0 or below.
1.136.0rc2: unstable release candidate comprised of 1.136.0rc1 + security patches.
Upgrade to this release only if you are on 1.136.0rc1.
Bugfixes
Fix invalidation of storage cache that was broken in 1.135.0. (#18786)
Internal Changes
Add a parameter to upgrade_rooms(..) to allow auto join local users. (#82)
Speed up upgrading a room with large numbers of banned users. (#18574)
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [ghcr.io/element-hq/synapse](https://matrix.org/docs/projects/server/synapse) ([source](https://github.com/element-hq/synapse)) | patch | `v1.135.0` -> `v1.135.2` |
---
### Release Notes
<details>
<summary>element-hq/synapse (ghcr.io/element-hq/synapse)</summary>
### [`v1.135.2`](https://github.com/element-hq/synapse/releases/tag/v1.135.2)
[Compare Source](https://github.com/element-hq/synapse/compare/v1.135.1...v1.135.2)
##### Synapse 1.135.2 (2025-08-11)
This is the Synapse portion of the [Matrix coordinated security release](https://matrix.org/blog/2025/07/security-predisclosure/). This release includes support for [room version](https://spec.matrix.org/v1.15/rooms/) 12 which fixes a number of security vulnerabilities, including [CVE-2025-49090](https://www.cve.org/CVERecord?id=CVE-2025-49090).
The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients.
Note: release 1.135.1 was skipped due to issues discovered during the release process.
Two patched Synapse releases are now available:
- `1.135.2`: stable release comprised of `1.135.0` + security patches
- Upgrade to this release **if you are currently running 1.135.0 or below**.
- `1.136.0rc2`: unstable release candidate comprised of `1.136.0rc1` + security patches.
- Upgrade to this release **only if you are on 1.136.0rc1**.
##### Bugfixes
- Fix invalidation of storage cache that was broken in 1.135.0. ([#​18786](https://github.com/element-hq/synapse/issues/18786))
##### Internal Changes
- Add a parameter to `upgrade_rooms(..)` to allow auto join local users. ([#​82](https://github.com/element-hq/synapse/issues/82))
- Speed up upgrading a room with large numbers of banned users. ([#​18574](https://github.com/element-hq/synapse/issues/18574))
### [`v1.135.1`](https://github.com/element-hq/synapse/compare/v1.135.0...v1.135.1)
[Compare Source](https://github.com/element-hq/synapse/compare/v1.135.0...v1.135.1)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS42Mi4zIiwidXBkYXRlZEluVmVyIjoiNDEuNjIuMyIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119-->
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
This PR contains the following updates:
v1.135.0->v1.135.2Release Notes
element-hq/synapse (ghcr.io/element-hq/synapse)
v1.135.2Compare Source
Synapse 1.135.2 (2025-08-11)
This is the Synapse portion of the Matrix coordinated security release. This release includes support for room version 12 which fixes a number of security vulnerabilities, including CVE-2025-49090.
The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients.
Note: release 1.135.1 was skipped due to issues discovered during the release process.
Two patched Synapse releases are now available:
1.135.2: stable release comprised of1.135.0+ security patches1.136.0rc2: unstable release candidate comprised of1.136.0rc1+ security patches.Bugfixes
Internal Changes
upgrade_rooms(..)to allow auto join local users. (#82)v1.135.1Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.