chore(deps): update dependency element-hq/synapse to v1.152.1 #6639

renovate-bot · 2026-05-07T20:25:06Z

renovate-bot commented

2026-05-07 20:25:06 +00:00

This PR contains the following updates:

Package	Update	Change
element-hq/synapse	patch	`v1.152.0` → `v1.152.1`

Release Notes

element-hq/synapse (element-hq/synapse)

`v1.152.1`

Compare Source

Synapse 1.152.1 (2026-05-07)

Security Fixes

Prevent CPU starvation (Denial of Service) under worker lock contention, additionally capping the WorkerLock time out interval to a maximum of 60 seconds. Contributed by Famedly. (#19394, ELEMENTSEC-2026-1706, GHSA-8q93-326v-3m7g, CVE pending)
Prevent pagination ending when a page is full of rejected events. (ELEMENTSEC-2025-1636, GHSA-6qf2-7x63-mm6v, CVE pending)

Configuration

📅 Schedule: (in timezone America/Chicago)

Branch creation
- At any time (no schedule defined)
Automerge
- At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [element-hq/synapse](https://github.com/element-hq/synapse) | patch | `v1.152.0` → `v1.152.1` | --- ### Release Notes <details> <summary>element-hq/synapse (element-hq/synapse)</summary> ### [`v1.152.1`](https://github.com/element-hq/synapse/releases/tag/v1.152.1) [Compare Source](https://github.com/element-hq/synapse/compare/v1.152.0...v1.152.1) ### Synapse 1.152.1 (2026-05-07) #### Security Fixes - Prevent CPU starvation (Denial of Service) under worker lock contention, additionally capping the `WorkerLock` time out interval to a maximum of 60 seconds. Contributed by Famedly. ([#19394](https://github.com/element-hq/synapse/issues/19394), ELEMENTSEC-2026-1706, [GHSA-8q93-326v-3m7g](https://github.com/element-hq/synapse/security/advisories/GHSA-8q93-326v-3m7g), CVE pending) - Prevent pagination ending when a page is full of rejected events. (ELEMENTSEC-2025-1636, [GHSA-6qf2-7x63-mm6v](https://github.com/element-hq/synapse/security/advisories/GHSA-6qf2-7x63-mm6v), CVE pending) </details> --- ### Configuration 📅 **Schedule**: (in timezone America/Chicago) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).

renovate-bot added the automerge github-releases labels 2026-05-07 20:25:06 +00:00

renovate-bot added 1 commit 2026-05-07 20:25:07 +00:00

chore(deps): update dependency element-hq/synapse to v1.152.1

lint-test-helm / lint-helm (pull_request) Failing after 1s

Details

renovate/stability-days Updates have not met minimum release age requirement

Details

lint-test-helm / validate-kubeconform (pull_request) Has been skipped

Details

render-manifests / render-manifests (pull_request) Successful in 1m8s

Details

d1c3e03db6

renovate-bot scheduled this pull request to auto merge when all checks succeed 2026-05-07 20:25:14 +00:00

renovate-bot merged commit 96d10c4bc7 into main

2026-05-07 20:25:26 +00:00

renovate-bot referenced this issue from a commit

2026-05-07 20:25:26 +00:00

Merge pull request 'chore(deps): update dependency element-hq/synapse to v1.152.1' (#6639) from renovate/unified-synapse into main

renovate-bot deleted branch renovate/unified-synapse

2026-05-07 20:25:34 +00:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: alexlebens/infrastructure#6639