Matrix developers report:
Today we are releasing security updates to libolm, matrix-js-sdk,
and several clients including Element Web / Desktop. Users are
encouraged to upgrade as soon as possible.
These releases mitigate a buffer overflow in olm_session_describe,
a libolm debugging function used by matrix-js-sdk in its end-to-end
encryption (E2EE) implementation. If you rely on matrix-js-sdk for
E2EE, you are affected.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center