diff --git a/CHANGES.md b/CHANGES.md
index f487ecf603..009c2b2af5 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,11 +1,11 @@
-Changes in Element v1.5.1 (2022-09-23)
+Changes in Element v1.5.1 (2022-09-28)
======================================
Security ⚠️
----------
This update provides important security fixes, update now.
-
+Ref: CVE-2022-39246 CVE-2022-39248
Changes in Element v1.5.0 (2022-09-23)
======================================
diff --git a/library/ui-strings/src/main/res/values/strings.xml b/library/ui-strings/src/main/res/values/strings.xml
index dec46159dd..992ab1c38c 100644
--- a/library/ui-strings/src/main/res/values/strings.xml
+++ b/library/ui-strings/src/main/res/values/strings.xml
@@ -2615,6 +2615,7 @@
Unencrypted
Encrypted by an unverified device
+ The authenticity of this encrypted message can\'t be guaranteed on this device.
Review where you’re logged in
Verify all your sessions to ensure your account & messages are safe
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
index b6a5136b8f..48b4652304 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
@@ -656,7 +656,7 @@ internal class MXOlmDevice @Inject constructor(
}
// else if the new one is safe and does not connect with existing, import the new one
} else {
- // If our existing session is better we keep it
+ // If our existing session is better we keep it
if (existingFirstKnown <= newKnownFirstIndex) {
val shouldUpdateTrust = trusted && (existingSession.sessionData.trusted != true)
Timber.tag(loggerTag.value).d("## addInboundGroupSession() : updateTrust for $sessionId")
@@ -664,10 +664,10 @@ internal class MXOlmDevice @Inject constructor(
// the existing as a better index but the new one is trusted so update trust
inboundGroupSessionStore.updateToSafe(existingSessionHolder, sessionId, senderKey)
}
- Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
+ Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
candidateSession.releaseSession()
- return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
- }
+ return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
+ }
}
} catch (failure: Throwable) {
Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/CryptoSyncHandler.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/CryptoSyncHandler.kt
index 7bda5f0a2f..b2fe12ebc3 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/CryptoSyncHandler.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/CryptoSyncHandler.kt
@@ -46,18 +46,18 @@ internal class CryptoSyncHandler @Inject constructor(
toDevice.events
?.filter { isSupportedToDevice(it) }
?.forEachIndexed { index, event ->
- progressReporter?.reportProgress(index * 100F / total)
- // Decrypt event if necessary
- Timber.tag(loggerTag.value).i("To device event from ${event.senderId} of type:${event.type}")
- decryptToDeviceEvent(event, null)
- if (event.getClearType() == EventType.MESSAGE &&
- event.getClearContent()?.toModel()?.msgType == "m.bad.encrypted") {
- Timber.tag(loggerTag.value).e("handleToDeviceEvent() : Warning: Unable to decrypt to-device event : ${event.content}")
- } else {
- verificationService.onToDeviceEvent(event)
- cryptoService.onToDeviceEvent(event)
- }
- }
+ progressReporter?.reportProgress(index * 100F / total)
+ // Decrypt event if necessary
+ Timber.tag(loggerTag.value).i("To device event from ${event.senderId} of type:${event.type}")
+ decryptToDeviceEvent(event, null)
+ if (event.getClearType() == EventType.MESSAGE &&
+ event.getClearContent()?.toModel()?.msgType == "m.bad.encrypted") {
+ Timber.tag(loggerTag.value).e("handleToDeviceEvent() : Warning: Unable to decrypt to-device event : ${event.content}")
+ } else {
+ verificationService.onToDeviceEvent(event)
+ cryptoService.onToDeviceEvent(event)
+ }
+ }
}
private val unsupportedPlainToDeviceEventTypes = listOf(
diff --git a/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/helper/MessageInformationDataFactory.kt b/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/helper/MessageInformationDataFactory.kt
index 37b5b76f79..31818e8672 100644
--- a/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/helper/MessageInformationDataFactory.kt
+++ b/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/helper/MessageInformationDataFactory.kt
@@ -225,24 +225,24 @@ class MessageInformationDataFactory @Inject constructor(
if (event.root.mxDecryptionResult?.isSafe == false) {
E2EDecoration.WARN_UNSAFE_KEY
} else {
- when {
- sendingDevice == null -> {
- // For now do not decorate this with warning
- // maybe it's a deleted session
+ when {
+ sendingDevice == null -> {
+ // For now do not decorate this with warning
+ // maybe it's a deleted session
E2EDecoration.WARN_SENT_BY_DELETED_SESSION
- }
- sendingDevice.trustLevel == null -> {
- E2EDecoration.WARN_SENT_BY_UNKNOWN
- }
- sendingDevice.trustLevel?.isVerified().orFalse() -> {
- E2EDecoration.NONE
- }
- else -> {
- E2EDecoration.WARN_SENT_BY_UNVERIFIED
+ }
+ sendingDevice.trustLevel == null -> {
+ E2EDecoration.WARN_SENT_BY_UNKNOWN
+ }
+ sendingDevice.trustLevel?.isVerified().orFalse() -> {
+ E2EDecoration.NONE
+ }
+ else -> {
+ E2EDecoration.WARN_SENT_BY_UNVERIFIED
+ }
}
}
}
- }
} else {
e2EDecorationForClearEventInE2ERoom(event, roomSummary)
}
@@ -254,12 +254,12 @@ class MessageInformationDataFactory @Inject constructor(
E2EDecoration.NONE
} else {
E2EDecoration.WARN_UNSAFE_KEY
+ }
+ } else {
+ E2EDecoration.NONE
}
- } else {
- E2EDecoration.NONE
}
}
- }
private fun e2EDecorationForClearEventInE2ERoom(event: TimelineEvent, roomSummary: RoomSummary) =
if (event.root.isStateEvent()) {
diff --git a/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/item/AbsBaseMessageItem.kt b/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/item/AbsBaseMessageItem.kt
index 938eb13b6e..37831e5715 100644
--- a/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/item/AbsBaseMessageItem.kt
+++ b/vector/src/main/java/im/vector/app/features/home/room/detail/timeline/item/AbsBaseMessageItem.kt
@@ -86,7 +86,7 @@ abstract class AbsBaseMessageItem(@LayoutRes layo
super.bind(holder)
renderReactions(holder, baseAttributes.informationData.reactionsSummary)
if (!baseAttributes.informationData.messageLayout.showsE2eDecorationInFooter()) {
- holder.getEffectiveE2eDecorationView().renderE2EDecoration(baseAttributes.informationData.e2eDecoration)
+ holder.e2EDecorationView.renderE2EDecoration(baseAttributes.informationData.e2eDecoration)
}
holder.view.onClick(baseAttributes.itemClickListener)
holder.view.setOnLongClickListener(baseAttributes.itemLongClickListener)
@@ -190,8 +190,6 @@ abstract class AbsBaseMessageItem(@LayoutRes layo
val reactionsContainer by bind(R.id.reactionsContainer)
val informationBottom by bind(R.id.informationBottom)
val e2EDecorationView by bind(R.id.messageE2EDecoration)
-
- open fun getEffectiveE2eDecorationView() = e2EDecorationView
}
/**