backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2026-02-04 15:51:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
grapevine/src/api
History
Olivia Lee 0aae932bc9 validate additional fields for incoming remote membership 
This was missed in the initial fix in 9a50c244 ("validate event type and
membership for create_join and create_invite"), but significantly less
impactful than the original vulnerability because it only affects
invite/join events that are able to pass auth/signature checks with our
server's signature. You could use this to forge invite events from a
local user, but not much else.
2025-12-30 17:48:33 -08:00
..
client_server validate membership events returned by remote servers 2025-12-30 17:11:01 -08:00
ruma_wrapper Bump ruma to 1387667de806c37a6d7f72125117009bd618e32a 2025-08-09 00:31:35 +02:00
appservice_server.rs fix api/appservice_server events 2024-07-16 11:12:07 -07:00
client_server.rs enable unreachable_pub lint 2024-05-12 18:51:26 -07:00
ruma_wrapper.rs client_server: use and provide authenticated media API 2024-09-01 09:42:45 +00:00
server_server.rs validate additional fields for incoming remote membership 2025-12-30 17:48:33 -08:00
well_known.rs Remove support for MSC3575 (sliding sync) 2025-08-08 22:24:56 +02:00