Update Synapse ASAP, there is a high severity vulnerability which malicious actors could use to prevent your homeserver from federating with other servers

⁨70⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨month⁩ ago⁩ by ⁨lena@gregtech.eu⁩ to ⁨selfhosted@lemmy.world⁩

https://www.cve.org/CVERecord?id=CVE-2025-30355

Cross-posted from “Update Synapse ASAP, there is a high severity vulnerability which malicious actors could use to prevent your homeserver from federating with other servers” by @lena@gregtech.eu in !matrix@programming.dev

Comments

Sort:hotnew top

Shimitar@downonthestreet.eu ⁨1⁩ ⁨month⁩ ago
On Conduwuit here… Synapse is a PITA.

source
- rice@lemmy.org ⁨1⁩ ⁨month⁩ ago
  been running it 7 years and it really isn’t that much of an issue. Conduit unfortunately likely has a lot of things unseen since the user base is so small.
  
  I still wish migration was easy because I’d change to dendrite
  
  source
- lena@gregtech.eu ⁨1⁩ ⁨month⁩ ago
  Yeah, sadly there’s currently no way to migrate.
  
  source
  - Shimitar@downonthestreet.eu ⁨1⁩ ⁨month⁩ ago
    I know, what a pity
    
    source