Skip to content

Release Notes 26.4 LTS

Info

ESS Pro 26.4.0 is the start of the 26.4 LTS series. If you are coming from the immediately prior LTS series, upgrading to 26.4 LTS wil get you all the changes that happened on mainline up to 26.4.

ESS Pro LTS 26.4.6 (2026-06-30)

Added

  • Allow to configure Advanced Identity Management user localpart. Note that this should not be changed past initial setup, at the risk of breaking spaces and rooms ownership when they were created by the Advanced Identity Management bot user.

Changed

  • Ensure consistent setup of SCIM in Advanced Identity Management values files examples.

Fixed

  • Fix an issue where configuring Advanced Access and Identity Management without SCIM or LDAP Authentication would result in a null source in its configuration.

  • Synapse: Fix access token cache not being invalidated for sessions using refresh tokens.

ESS Pro LTS 26.4.5 (2026-06-17)

Fixed

  • Fix an issue where a custom appservice registration file configured for Hookshot would not be mounted properly into Synapse pods.

ESS Pro LTS 26.4.4 (2026-06-12)

Added

  • Add support for configuring PersistentVolumeClaim volumeName property.

Fixed

  • Advanced Identity Management: don't skip applying templated mappings of LDAP user attributes when no LDAP admin attribute mapping is configured.

ESS Pro LTS 26.4.3 (2026-06-10)

Added

  • Add restrictToFossImageFunctionality to allow the chart to run with FOSS images.

    This does not automatically change the chart to using FOSS images. It validates that:

    • components that have no FOSS image aren't enabled
    • chart functionality that relies on Pro matrix-tools isn't used

    And also customises the rendered manifests for FOSS image variants.

  • Advanced Identity Management: map the LDAP email user attribute configured by authentication.ldap[0].attributesMapping.email.

Changed

  • Advanced Identity Management: apply templated mappings of LDAP user attributes configured by authentication.ldap[0].attributesMapping.*.template, which was previously supported only by Matrix Authentication Service.

ESS Pro LTS 26.4.2 (2026-05-18)

Changed

  • Ensure consistency of the volumeMounts for custom Certificate Authorities.

Fixed

  • Fix S3 media cleanup sidecar not being able to connect to Synapse's database.

  • Fixed error when fetching server keys using the Pro federation reader worker.

  • Ensure turn.external_tls is correctly set in the Matrix RTC SFU configuration depending on matrixRTC.sfu.exposedServices.turnTLS.tlsTerminationOnPod.

  • Ensure no TI-Messenger sidecar manifests are rendered if the Secure Border Gateway is disabled.

  • Fixed matrixRTC.sfu.exposedServices.rtpUdp not documenting externalTrafficPolicy or internalTrafficPolicy.

  • TI-Messenger: Fix an issue where Synapse would be denied access to the Federation List Service.

ESS Pro LTS 26.4.1 (2026-05-07)

Changed

  • LTS releases will have version numbers ending in +lts.

  • Upgrade Synapse to v1.152.1-lts.1.

    Highlights:

    • Prevent CPU starvation (Denial of Service) under worker lock contention, additionally capping the WorkerLock time out interval to a maximum of 60 seconds. Contributed by Famedly. (#19394, ELEMENTSEC-2026-1706, GHSA-8q93-326v-3m7g, CVE pending)
    • Prevent pagination ending when a page is full of rejected events. (ELEMENTSEC-2025-1636, GHSA-6qf2-7x63-mm6v, CVE pending)

    Full Changelogs: