Skip to main content

ESS LTS 24.04 Change Log's and Update Notes

Upgrade Notes for the 24.04 LTS

If you are planning on upgrading to the LTS we always recommend upgrading to the latest LTS patch version, however you should be aware of all significant upgrade notes from each prior patch version. They have been collated for convenience below, you can find the full changelogs of each release there after.

24.04.04-gui

No Important Upgrade Notes

24.04.03-gui

No Important Upgrade Notes

24.04.02-gui

No Important Upgrade Notes

24.04.01-gui

This release contains an important Synapse security fix with a backwards incompatible change. Please note that simply reverting this ESS release is not possible.

Please ensure to have a working backups before upgrading as downgrading is not a possibility from this release.

24.04.04-gui

Bug Fixes

Enterprise / Starter

Improve robustness of adding custom well-known delegation configuration

Enterprise / Starter

Fix missing media tab in the Admin Console when using microk8s.

Enterprise

Fix Enable DM Admin not being respected for Adminbot

Enterprise / Starter

Fix failure regenerating installer authentication links.

24.04.03-gui

New Features

Enterprise

Improve GroupSync performance with large member lists

Enterprise

Add Azure Blob Storage support to Auditbot

Enterprise

Config GroupSync memory usage based on resource limits/requests

Upgrade Notes

Enterprise / Starter

Upgrade Element Web to 1.11.66

Bug Fixes

Enterprise

Improve reliability of Synapse user provisioning

Enterprise

Improve Jitsi timezone validation

Enterprise / Starter

Improve Postgres shutdown behaviour when using the ESS Postgreses in cluster

24.04.02-gui

Upgrade Notes

Enterprise

Upgrade airgapped microk8s to 1.27.13

Bug Fixes

Enterprise

Fix issue upgrading from 23.10 LTS in an Airgapped environment where images weren't uploaded to the registry anymore

Enterprise

Synapse HTTP proxy settings can now be edited in the installer.

Enterprise / Starter

Media volume name and size can now be configured for standalone cluster deployments.

24.04.01-gui

Release Summary

23.10.29 LTS to 24.04.01 LTS highlights

This release has focused on making deployments on Kubernetes more reliable. A lot of bugs were fixed, and helm charts have been enhanced to allow to deploy webhooks and CRDs together without the operator and updater.

LTS New Features

Enterprise / Starter

The admin app now allows viewing of uploaded media

Enterprise

Add WhatsApp Bridge support

Enterprise

Check the health of the deployment or a component using `kubectl describe`describe against any Element CRs, in the `status`status. Our documentation describes how to configure ArgoCD to get these informations into your Application health.

Enterprise

Add the possiblity to configure S3 for Synapse media storage.

Enterprise

Improve support for non-OIDC compliant upstream identity providers with Matrix Authentication Service,

Enterprise / Starter

Allow configuration of seLinuxOptions on all workloads.

Enterprise

Enable simple configuration of whether Element Web generates sharing links with its own URL or matrix.to

Enterprise

When using Airgapped deployment, it is now possible to login to the target upload registry in the installer UI.

Enterprise / Starter

A couple of speedups have been implemented both in the operator and the installer.

Enterprise / Starter

Change deploy order of components to have the core components deployed first by the updater.

Enterprise / Starter

The operator and the updater are now built based on distroless container, to reduce the image size and contents.

Enterprise

Auditbot UI does not need any ingress anymore.

Enterprise / Starter

The installer now contains crictl to allow for local ctr daemon maintenance on microk8s.

Enterprise

Reduce required resources for Standalone to 2 vCPU and 3Gb of memory.

Enterprise / Starter

Reduce postgres in cluster requests to 100Mi.

Enterprise

Add participant limit field in ElementCall configuration.

Enterprise / Starter

Add support for tolerations and nodeSelectors on workload.

Enterprise

Coturn is now managed by the UI view, by the updater, alongside ElementCall and Jitsi. It is now possible to deploy Coturn on a Kubernetes cluster.

Enterprise / Starter

We now configure automatically a CPU Limit of each Operator & Updater to be 25% of the machine vCPUs on standalone. The node still needs at least 2 vCPUs to work properly. On Kubernetes deployment, there's no CPU limit. The number of workers will be adapted relatively to the memory available to the operator/updater.

LTS Upgrade Notes

This new LTS can be upgraded from 23.10 if you want to get the new latest features of ESS.

LTS Version Updates

Enterprise / Starter

Update operator-sdk to v1.34.1

Enterprise

Update Hookshot to 5.2.1

Enterprise / Starter

Update ElementWeb to v1.11.64

Enterprise / Starter

Update SlidingSync to v0.99.15

Enterprise

Update Synapse to v1.99.0 with CVE-2024-31208 fix

Enterprise

Update Element Call to 0.5.16 and LiveKit to 1.5.1

Enterprise

Update Sydent to 2.6.1

LTS Synapse security release

This release contains a fix for GHSA-3h7q-rfh9-xm4v / CVE-2024-31208, a high severity Synapse security issue. Upgrading is advised at the soonest possible moment.

Important notes regarding rollback of this release

This release contains an important Synapse security fix with a backwards incompatible change. Please note that simply reverting this ESS release is not possible.

Please ensure to have a working backups before upgrading as downgrading is not a possibility from this release.

New Features

Enterprise

Check the health of the deployment or a component using kubectl describe against any Element CRs, in the status. Our documentation describes how to configure ArgoCD to get these information into your Application health.

Enterprise

Add the possibility to configure S3 for Synapse media storage.

Enterprise

Add options under Delegated Auth to configure users profiles editing permissions.

Enterprise

Improve support for non-OIDC compliant upstream identity providers with Matrix Authentication Service

Enterprise / Starter

Allow configuration of seLinuxOptions on all workloads

Enterprise

Enable simple configuration of whether Element Web generates sharing links with its own URL or matrix.to

Enterprise

Support GCM/FCM API v1 in Sygnal

Enterprise / Starter

Configure ansible poll interval to 0.01 to reduce CPU load

Enterprise / Starter

A couple of speedups have been implemented both in the operator and the installer.

Enterprise / Starter

We now configure automatically a CPU Limit of each Operator & Updater to be 25% of the machine vCPUs on standalone. The node still needs at least 2 vCPUs to work properly. On Kubernetes deployment, there's no CPU limit. The number of workers will be adapted relatively to the memory available to the operator/updater.

Upgrade Notes

Enterprise / Starter

Update operator-sdk to v1.34.1

Enterprise

Update Hookshot to 5.2.1

Enterprise / Starter

Update SlidingSync to v0.99.15

Enterprise

Update Synapse to v1.99.0 with CVE-2024-31208 fix

Enterprise / Starter

Upgrade Element Web to v1.11.64.

Enterprise

Upgrade Matrix Authentication Service to v0.9.0.

Enterprise

Update Secure Border Gateway to v1.1.1.

Enterprise

Upgrade Group Sync to v0.13.6.

Enterprise

Element Call 0.5.16 and LiveKit 1.5.1

Enterprise

Sydent 2.6.1

Enterprise

Make Jitsi and Element Call STUN configuration consistent with each other to ease the upgrade from 23.10.

Enterprise

Upgrade Sygnal to v0.14.1.

Security Issues

Enterprise

Upgrade IRC Bridge to 2.0.0 to fix CVE-2024-32000.

Bug Fixes

Enterprise / Starter

Correctly install apt package python3-venv on recent ubuntu version.

Enterprise

Fixes to how Admin/Auditbot configs are maintained in the installer.

Enterprise / Starter

Improve installer one-time login codes security.

Enterprise / Starter

Mitigate installer log injections via HTTP headers.

Enterprise

Fix admin console discovery of OIDC to use MSC2956.

Enterprise

Update Auditbot S3 object name to one that will not clash with other files.

Enterprise

Fix issues passing in Coturn external-ip and enabling host mode.

Enterprise / Starter

Fix an issue where Auditbot S3 storage would prune files too early.

Enterprise / Starter

Fix an issue with Jitsi where it would not be possible to configure the Sync Power Level in the Restrict Widgets to Synapse configuration.

Enterprise

AdminBot and Matrix Authentication Service can now be deployed together

Enterprise

Upgrade Synapse Admin to better support homeservers using SRV delegation

Enterprise

Fix support for APNS notifications in Sygnal going via a HTTP Forward Proxy

Enterprise

Fix configuration of multiple TURN servers in Synapse when manually configuring

Enterprise

Fix Sydent Terms & Conditions having a version that's just a number

Enterprise / Starter

Fix ServiceMonitors being left behind when components are removed

Enterprise

Fix SIP Bridge Services clashing

Enterprise

Fix a bug which could make airgapped impossible to deploy due to microk8s snap refresh being in error state.

Enterprise

Fix Synapse bootstrap phase getting stuck due to incompatible registration options.

Enterprise / Starter

Stop displaying NGINX version on error pages.

Enterprise

Clarify and improve validation of TURN server configuration section.

Enterprise

Ignore Adminbot/Auditbot users in IRC admin rooms.

Enterprise

Fix an issue where configuring Coturn would lead to infinite reconciliation.

Other

Enterprise

Clean up unused Matrix Authentication Service spa HTTP resource.

Enterprise

Auditbot no longer requires the configuration of a dedicated UI ingress. This is handled by Synapse Admin UI now

Enterprise

Clarify description of Synapse default room encryption section.