This is a Docker-only update to mitigate CVE-2023-4863, a critical vulnerability in libwebp. Server admins not using Docker should ensure that their libwebp is up to date (if installed). We encourage admins to upgrade as soon as possible.
Updates to the Docker image
Update docker image to use Debian bookworm as the base. (#16324)
Configuration
📅Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕Ignore: Close this PR and you won't be reminded about this update again.
If you want to rebase/retry this PR, check this box
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [matrixdotorg/synapse](https://github.com/matrix-org/synapse) | patch | `v1.92.1` -> `v1.92.2` |
---
### Release Notes
<details>
<summary>matrix-org/synapse (matrixdotorg/synapse)</summary>
### [`v1.92.2`](https://github.com/matrix-org/synapse/releases/tag/v1.92.2)
[Compare Source](https://github.com/matrix-org/synapse/compare/v1.92.1...v1.92.2)
##### Synapse 1.92.2 (2023-09-15)
This is a Docker-only update to mitigate [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863), a critical vulnerability in `libwebp`. Server admins not using Docker should ensure that their `libwebp` is up to date (if installed). We encourage admins to upgrade as soon as possible.
##### Updates to the Docker image
- Update docker image to use Debian bookworm as the base. ([#​16324](https://github.com/matrix-org/synapse/issues/16324))
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi45NC4xIiwidXBkYXRlZEluVmVyIjoiMzYuOTQuMSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
This PR contains the following updates:
v1.92.1->v1.92.2Release Notes
matrix-org/synapse (matrixdotorg/synapse)
v1.92.2Compare Source
Synapse 1.92.2 (2023-09-15)
This is a Docker-only update to mitigate CVE-2023-4863, a critical vulnerability in
libwebp. Server admins not using Docker should ensure that theirlibwebpis up to date (if installed). We encourage admins to upgrade as soon as possible.Updates to the Docker image
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.