mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-11-04 09:08:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Mention log4j vulnerability affecting mautrix-signal

Browse Source 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1459
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1452
This commit is contained in:
Slavi Pantaleev
2021-12-14 12:33:59 +02:00
parent 9bc8581d7f
commit a8fc4fe6ce
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md
View File

@@ -1,3 +1,12 @@
# 2021-12-14
## (Security) Users of the Signal bridge may wish to upgrade it to work around log4j vulnerability
Recently, a security vulnerability affecting the Java logging package `log4j` [has been discovered](https://www.huntress.com/blog/rapid-response-critical-rce-vulnerability-is-affecting-java). Software that uses this Java package is potentially vulnerable.
One such piece of software that is part of the playbook is the [mautrix-signal bridge](./docs/configuring-playbook-bridge-mautrix-signal.md), which [has been patched already](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1452). If you're running this bridge, you may wish to [upgrade](./docs/maintenance-upgrading-services.md).
# 2021-11-11
## Dropped support for Postgres v9.6