From 6a67c5b8524aef113f1fa755dd4fb1d254b47c9c Mon Sep 17 00:00:00 2001
From: Alex Vandiver <alexmv@zulip.com>
Date: Wed, 16 Nov 2022 15:43:21 +0000
Subject: [PATCH] Release Zulip Server 5.7.

---
 docs/overview/changelog.md | 22 ++++++++++++++++++++++
 version.py                 |  4 ++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/docs/overview/changelog.md b/docs/overview/changelog.md
index fbf84743fd..49d922503a 100644
--- a/docs/overview/changelog.md
+++ b/docs/overview/changelog.md
@@ -7,6 +7,28 @@ up-to-date list of raw changes.
 
 ## Zulip 5.x series
 
+### 5.7 -- 2022-11-16
+
+- CVE-2022-41914: Fixed the verification of the SCIM account
+  management bearer tokens to use a constant-time comparator. Zulip
+  Server 5.0 through 5.6 checked SCIM bearer tokens using a comparator
+  that did not run in constant time. For organizations with SCIM
+  account management enabled, this bug theoretically allowed an
+  attacker to steal the SCIM bearer token, and use it to read and
+  update the Zulip organization’s user accounts. In practice, this
+  vulnerability may not have been practical or exploitable. Zulip
+  Server installations which have not explicitly enabled SCIM are not
+  affected.
+- Fixed an error with deactivating users with `manage.py sync_ldap_user_data`
+  when `LDAP_DEACTIVATE_NON_MATCHING_USERS` was enabled.
+- Fixed several subtle bugs that could lead to browsers reloading
+  repeatedly when the server was updated.
+- Fixed a live-update bug when changing certain notifications
+  settings.
+- Improved error logs when sending push notifications to the push
+  notifications service fails.
+- Upgraded Python requirements.
+
 ### 5.6 -- 2022-08-24
 
 - CVE-2022-36048: Change the Markdown renderer to only rewrite known
diff --git a/version.py b/version.py
index 03d51430b9..5efedc460f 100644
--- a/version.py
+++ b/version.py
@@ -1,6 +1,6 @@
 import os
 
-ZULIP_VERSION = "5.6+git"
+ZULIP_VERSION = "5.7"
 
 # Add information on number of commits and commit hash to version, if available
 zulip_git_version_file = os.path.join(
@@ -14,7 +14,7 @@ ZULIP_VERSION = lines.pop(0).strip()
 ZULIP_MERGE_BASE = lines.pop(0).strip()
 
 LATEST_MAJOR_VERSION = "5.0"
-LATEST_RELEASE_VERSION = "5.6"
+LATEST_RELEASE_VERSION = "5.7"
 LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.com/2022/03/29/zulip-5-0-released/"
 
 # Versions of the desktop app below DESKTOP_MINIMUM_VERSION will be