Public bug reported: The versions of matrix-synapse in 18.04 and 18.10 are sufficiently old that they will be unable to communicate with any other Matrix servers. They also contain a number of known security problems, including CVE-2019-5885 [1].
It would be preferable to remove the unmaintained packages from at least bionic and cosmic, rather than provide outdated packages containing significant security problems. Better-maintained packages are available for Ubuntu users in the matrix.org repositories [2]. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5885 ** Affects: matrix-synapse (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1848709 Title: implementation is unusably old and contains significant security problems To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/matrix-synapse/+bug/1848709/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
