SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for openfire-doc-4.1.1-5.1.x86_64.rpm :
Wed Jan 4 13:00:00 2017 ecsosAATTopensuse.org
- update to 4.1.1
Bug
[OF-1253] - Due to initial mysql schema failure, a new install will ask for current admin password and fail due to non-existent schema
[OF-1254] - Database update scripts for 25 set version 24
[OF-1255] - Invalid SQL syntax in Mysql installation script.
[OF-1257] - SQLServer syntax error java.sql.SQLException: Incorrect syntax near the keyword \'COLUMN\'.
[OF-1260] - ClientControl plugin: Improve CSRF error message
New Feature
[OF-1258] - Add an option to Client Control plugin to disable Anonymous login in Spark
Improvement
[OF-1259] - Migrate XML property \'xmpp.fqdn\'
- update to 4.1.0
Sub-task
[OF-777] - Admin Console Cross Site Request Forgery (CSRF) Vulnerability
[OF-836] - Multiple Reflected XSS Vulnerabilities in Admin Console
[OF-845] - XSS vulnerability in Monitoring Service pages in Admin Console
[OF-941] - CVE-2015-7707 Admin Console Privilege Escalation Vulnerability
[OF-997] - Admin Console: Frameable Response (potential Clickjacking)
[OF-1018] - The “alias” field on the Trust Store Import Form permits entry of JavaScript
[OF-1019] - Admin Cross Site Scripting (XSS) Vulnerabilities
[OF-1252] - Log null cache stores
Bug
[OF-355] - ldap.authorizeField property is ignored in LdapAuthorizationPolicy
[OF-477] - SASL server in OF creates digest-uri based on xmpp.fqdn but it sends xmpp.domain to the client
[OF-817] - ofMucConversationLog only persists body of groupchat stanzas
[OF-867] - Inconsistent use of keys in groupMetaCache
[OF-927] - Pressing enter should trigger Continue button on admin password setup page
[OF-942] - CVE-2015-6972 CVE-2015-6973 Admin Console Security Improvements
[OF-1013] - Setting StartTLS policy for S2S has no effect
[OF-1040] - Banning users from room does not result in proper exit
[OF-1041] - Using AD specific attribute breaks OpenLDAP support
[OF-1042] - NPE in stanza handler (after failed TLS?)
[OF-1045] - NPE with cluster management if cluster has not been started
[OF-1046] - Error 503 emitted sending update notifications to offline admins that are over offline storage quota
[OF-1051] - ConcurrentModificationException in PluginManager
[OF-1053] - i18n params fail when text has apostrophe
[OF-1054] - IllegalStateException when destroying MUC room prevents unavailable broadcast to be sent
[OF-1061] - MUC history and room subject are sent in wrong order
[OF-1063] - Avoid thread pool startvation under load
[OF-1079] - Database migration script for oracle has wrong syntax in v22
[OF-1081] - StartTLS policy \'required\' ignored for S2S
[OF-1082] - Fix unicode read on BOSH
[OF-1083] - Cannot join room in a cluster after an availability update
[OF-1087] - Monitoring plugin gives invalid responses
[OF-1090] - Outcasts should not be allowed to register with room
[OF-1091] - Set affiliation to \'none\' after removing registration from room
[OF-1093] - Prevent NPE on Admin Console user listing when user has no creationDate
[OF-1100] - SSL Certificate import should be more forgiving
[OF-1103] - Stun server plugin is not showing saved configuration
[OF-1104] - Scram support bypasses AuthProvider
[OF-1105] - Plugin-registered servlets won\'t work with uppercase characters in path
[OF-1116] - Java 7 incompatibility
[OF-1122] - GSSAPI fails
[OF-1126] - AbstractGroupProvider hides exception from interface definition
[OF-1129] - Setup truncates LDAP password to 30 characters
[OF-1132] - Monitoring plugin does not add namespace
[OF-1146] - LocalMUCRoom.addParticipant no longer works
[OF-1156] - Cache implementations should have consistent behavior regarding null keys
[OF-1167] - Fresh installation asks for a current password
[OF-1171] - Update message routing to RFC 6120
[OF-1173] - Add EXTERNAL to the list of default SASL mechanisms
[OF-1175] - noarch RPM should explicitly require jre-headless >= 7
[OF-1188] - Blacklisted s2s domain still consumes outbound available threads
[OF-1203] - Concurrency issues during plugin load/unload
[OF-1204] - When unloading a parent plugin, all children should be unloaded.
[OF-1206] - PrivacyManager does not share data between instances.
[OF-1207] - NullPointException in LocalMUCRoom canSendPrivateMessage
[OF-1212] - Monitoring plugin usage of LONG column type for Oracle
[OF-1213] - Add extension points to MUC
[OF-1220] - Allow logins with non-latin usernames
[OF-1228] - First startup emits NPE for AdminConsolePlugin HTTPS
[OF-1229] - [HSQL] PubSubPersistenceManager - statement is not in batch mode
[OF-1230] - Fastpath Service plugin not working
[OF-1233] - Incoming stream open response always contains IM domain
[OF-1236] - SASL code does not generate/handle equals sign properly in all cases
[OF-1239] - NPE in MultiUserChatServiceImpl#process(IQ) with null iqHandlers
[OF-1240] - Empty nicknames allowed even when MUC requires registration
[OF-1245] - Openfire fails to parse the subject alternate name of certs it generated itself.
[OF-1247] - Monitoring plugin database script fails
New Feature
[OF-190] - RFE: show openfire process owner on admin console
[OF-862] - Add support for XEP-313: Message Archive Management
[OF-1139] - User-to-Provider mapped User and AuthProvider
[OF-1197] - Support XEP-0227 Portable Import/Export Format for XMPP-IM Servers
[OF-1199] - Allow list of admins to be defined through JDBC.
[OF-1214] - Update MAM (XEP-0313) to support :0 and :1 versions
[OF-1225] - Add Russian translation for Search plugin
[OF-1232] - Fastpath now has JiveSharedSecretSaslServer requirement found in 4.1 Openfire
[OF-1246] - Support MAM (XEP-0313) for MUC (XEP-0045)
Task
[OF-1217] - Update install4j config file to match current release schema
Improvement
[OF-512] - Configurable host/IP for file transfers (streamhost / port 7777)
[OF-955] - Update HSQLDB to the latest version
[OF-1037] - Split bookmark from clientcontrol
[OF-1048] - Should not store chat state messages
[OF-1049] - Improve Certificate Store Management
[OF-1055] - Remove exclamation mark from the Search button
[OF-1056] - Have proper drop-in replacement for commons-logging
[OF-1057] - Upgrade Jetty to latest patch release of its 9.2 branch.
[OF-1085] - Allows dynamic setting of disco info handler and disco items handler
[OF-1088] - Update Chinese Simplified translation
[OF-1089] - XEP-0313: send IQ result only after messages
[OF-1092] - Allow SASL mechanisms to be plugged in
[OF-1094] - Allow UserProvider to be reset to default
[OF-1095] - Have uniform logging of plugin lifecycle
[OF-1096] - Update log4j to its latest release.
[OF-1097] - Make jabber:iq:auth (XEP-0078) optional
[OF-1098] - Anonymous authentication should not be enabled by default.
[OF-1111] - Bundle 64bit JVM with RPM artifact
[OF-1117] - Improve performance of monitoring plugin by adding database indexes.
[OF-1123] - Should not offer SASL mechanisms when there\'s no implementation.
[OF-1124] - Changing SASL config should not require restart
[OF-1125] - Use StreamID class instead of plain string
[OF-1133] - Allow JSP compilation with developmentMode=true
[OF-1147] - Improve Plugin Management
[OF-1149] - Improve (plugin) build speed
[OF-1150] - Add support for muc#roomconfig_allowpm
[OF-1162] - Update bundled postgresql driver to 9.4-1209
[OF-1170] - File Transfer Proxy should list on all addresses
[OF-1172] - Add support for a wildcard DNS override
[OF-1182] - Remove obsolete Releases news from RSS and expand Blog section
[OF-1184] - Improve Domain field\'s tooltip in the setup process
[OF-1189] - Get enum value from JiveGlobals
[OF-1194] - SMS notification
[OF-1196] - System properties should not be shortened when unnecessary.
[OF-1198] - Improve MUC error handling (don\'t try to respond to responses)
[OF-1205] - Show message when plugin manager is working
[OF-1227] - Improve Plugin servlet filter functionality
[OF-1238] - Introduce LocalMUCRoomManager to encapsule the simple management for LocalMucRooms
[OF-1241] - Add NT Hashing for JDBC connections
[OF-1244] - Help evaluate DNS SRV config
- clean spec-file

Mon Dec 5 13:00:00 2016 ecsosAATTopensuse.org
- update to 4.0.4
Bug
[OF-266] - Fastpath Form UI page in Admin Console doesnt show images
[OF-1141] - PEP nodes return no items when asked for all of them
[OF-1152] - XmlDebugger not printing non-interpreted xml traffic
[OF-1174] - MUC should respond to IQ queries
[OF-1177] - .deb requirement of default-jre is too strict and does not allow for side loaded Oracle
[OF-1180] - BOSH endpoints redirect all the requests with the trailing slash
[OF-1201] - BOSH servlet should close async context on exception
[OF-1202] - Proxool disconnects active threads after 5 minutes
[OF-1209] - s2s connection settings whitelisting does not work / console UI broken
[OF-1210] - correct time-to-live-seconds and MaxLifetime settings for hazelcast
[OF-1223] - Messages loaded from ofOffline are not sorted by time stamp leading to out-of-order receipt
[OF-1226] - Enable use of wildcard when searching users in LDAP
Task
[OF-1158] - Update installation package with the latest Java JRE
Improvement
[OF-1142] - Improve documentation part about UAC on Windows
[OF-1211] - Fix description of Broadcast disabling option in Client Control plugin
[OF-1221] - Add options from default.properties to Client Control plugin

Fri Aug 19 14:00:00 2016 ecsosAATTopensuse.org
- update to 4.0.3
Bug
[OF-1116] - Java 7 incompatibility
[OF-1118] - Check encryption protocol & cipher suite configuration against currently available ones.
[OF-1119] - TLS failure when certificate chain is a tree
[OF-1126] - AbstractGroupProvider hides exception from interface definition
[OF-1157] - max_items ignored for some admin commands
[OF-1165] - Stored Cross-Site Scripting
[OF-1168] - Invalid Oracle DDL statements for Oracle 11g
[OF-1169] - Debian dpkg java requirements should allow for java 7 or java 8
New Feature
[OF-1128] - Avatar Resizer plugin
Task
[OF-1062] - Update installation package with the latest Java JRE
Improvement
[OF-1099] - Update StartCom Class 1 DV Server CA
[OF-1120] - Change default behavior of Email on Away plugin
[OF-1142] - Improve documentation part about UAC on Windows
[OF-1161] - Sync Openfire\'s truststore with Mozilla\'s shipped CAs

Sun Apr 17 14:00:00 2016 ecsosAATTopensuse.org
- update to 4.0.2
Bug
[OF-829] - Ghost sessions left on a server when using Pidgin client
[OF-954] - Openfire clustering fails to correctly sync MUC room occupants
[OF-1082] - Fix unicode read on BOSH
[OF-1083] - Cannot join room in a cluster after an availability update
[OF-1087] - Monitoring plugin gives invalid responses
[OF-1090] - Outcasts should not be allowed to register with room
Improvement
[OF-1086] - Update bundled JRE to 1.8u74
[OF-1089] - XEP-0313: send IQ result only after messages
[OF-1107] - Add option to not show email in Email on Away plugin

Fri Feb 5 13:00:00 2016 ecsosAATTopensuse.org
- update to 4.0.1
Bug
[OF-1040] - Banning users from room does not result in proper exit
[OF-1041] - Using AD specific attribute breaks OpenLDAP support
[OF-1042] - NPE in stanza handler (after failed TLS?)
[OF-1045] - NPE with cluster management if cluster has not been started
[OF-1046] - Error 503 emitted sending update notifications to offline admins that are over offline storage quota
[OF-1051] - ConcurrentModificationException in PluginManager
[OF-1053] - i18n params fail when text has apostrophe
[OF-1054] - IllegalStateException when destroying MUC room prevents unavailable broadcast to be sent
Improvement
[OF-1048] - Should not store chat state messages
[OF-1049] - Improve Certificate Store Management
[OF-1055] - Remove exclamation mark from the Search button
[OF-1057] - Upgrade Jetty to latest patch release of its 9.2 branch.

Fri Jan 15 13:00:00 2016 ecsosAATTopensuse.org
- update to 4.0.0
Sub-task
[OF-454] - Openfire does not send user presence information to all resources of the user
[OF-547] - Create branch of code to test-drive new setup.
[OF-631] - Implement SCRAM support
[OF-834] - Admin console login.jsp allows redirects to non-local URIs
[OF-997] - Admin Console: Frameable Response (potential Clickjacking)
[OF-1022] - Reflected XSS vulnerability in muc-room-edit-form.jsp params in Admin Console
Bug
[OF-122] - Shouldn\'t allow subject change, when it is forbidden in room settings
[OF-317] - Subscribe with Response Unsubscribed Causes Roster Push to Responding Client
[OF-373] - Ant buildscript should not check for explicit Ant version numbers
[OF-484] - Windows installer getting stuck on Uninstalling the previous version
[OF-509] - Unable to disable weak ciphers
[OF-793] - javax.net.ssl.SSLException: Unsupported record version Unknown-47.115
[OF-798] - Embedded RSS/community links need to be updated for new (SSL) locations
[OF-821] - MUC service returns wrong number of occupants and duplicate occupants in service discovery
[OF-856] - Monitoring plugin uses secs attribute relative from beginning message instead of last message
[OF-868] - User name update does not propagate to the affected roster(s)
[OF-881] - NIOConnection Thread Deadlock when two clients in each others roster simultaneously disconnect
[OF-898] - Timestamp parsing fails when fractions of seconds are supplied.
[OF-905] - Admin console taglib URI does not correspond with usage.
[OF-906] - SSO does not work with Openfire + Java 8
[OF-913] - lib/log4j.xml should be denoted as a config file in the installers
[OF-915] - Private Storage should return an error if feature is disabled
[OF-918] - Character encoding issue in BOSH
[OF-919] - Update jDTS driver to 1.3.1 Release
[OF-921] - MUC Group ACLs are not updated when users join a group
[OF-922] - Major performance hit with MINA 2.0.9 vs 2.0.7
[OF-928] - Error with adding presence to MUC presence stanza
[OF-930] - Overlay enhancements
[OF-932] - XEP-0202 Entity Time should respect Daylight Saving Time
[OF-934] - Buildscript: preset javac configuration should have all shared properties
[OF-936] - Plugins build should fail fast by default
[OF-939] - NPE in ScramSha1SaslServer#getStoredKey
[OF-958] - Setup fails with StackOverflowException
[OF-959] - Database installation script does not set correct version
[OF-964] - message body tag getting empty xmlns set sometimes when BOSH client is in MUC room
[OF-974] - Copy cache content when updating cache factory strategy
[OF-976] - Language is not properly set in HttpSession
[OF-982] - jabber:iq:last queries without \'to\' attribute should not return server uptime
[OF-983] - Deadlock (federation)
[OF-984] - Deadlock (MUC / federation?)
[OF-985] - Missing to attribute in stream open
[OF-986] - Dialback verify-only connections do not negotiate TLS
[OF-987] - MUC Freezes when someone joins from federated domain
[OF-988] - Sometimes, messages are duplicated in MUC
[OF-989] - BOSH packet delivery fails for larger packets with WritePendingException
[OF-992] - BOSH fails when disabling/re-enabling the port
[OF-995] - Parent Plugin case sensitivity
[OF-996] - NullPointerException on Admin Console /audit-policy.jsp
[OF-998] - Openfire build should not need internet connectivity
[OF-999] - BOSH worker threads should be configurable
[OF-1000] - Audit file log rotation causes NullPointerException
[OF-1002] - NPE during connection close with XEP-0198
[OF-1003] - Exception during propcessing in XEP-0198
[OF-1008] - Iteratively failure to deliver message
[OF-1009] - [s2s] Federation issue with talkonaut.com
[OF-1010] - LDAPS fails
[OF-1023] - Roster cache not being updated for shared group changes
[OF-1025] - web-custom.xml fails to load
[OF-1028] - NoSuchElement Exception in XEP-0198 support
Improvement
[OF-675] - Add a comment about restarting in Managing Plugins section of documentation
[OF-844] - CertificateManager logs useless warning messages
[OF-892] - Mutual authentication support
[OF-925] - AdHoc SessionData should be extensible
[OF-931] - Improve installation guide
[OF-935] - During build, parentPlugin should be on classpath
[OF-940] - Update bundled postgresql driver to 9.4-1202
[OF-951] - Drop support for the Solaris platform
[OF-953] - Replace antiquated JSP libraries
[OF-956] - Admins should be able to configure cryptographical protocols & cypher suites
[OF-957] - AuditManager Module does not load properly
[OF-969] - Delete URLUTF8Encoder.java in favor of java.net.URLEncoder.
[OF-970] - Modernize XMLProperties with Java NIO.2 File API
[OF-971] - Add PropertyListener support to AuditManagerImpl
[OF-972] - Remove unused classes
[OF-973] - Tests should retrieve resources from the classpath rather than files.
[OF-975] - JDBCAuthProvider: add support for bcrypt and more
[OF-981] - Remove \'ant-jive-edition\' and \'qdox\' libraries from build
[OF-991] - In Ant buildfile, use properties instead of hardcoded value.
[OF-993] - Remove thread factory code duplication
[OF-1004] - Improve connection configuration in admin console
[OF-1005] - Undo module loading driven by a file
[OF-1007] - Improve support for whitelisting/blacklisting client IP addresses
[OF-1011] - When importing PEM certificates, ignore leading/trailing whitespace
[OF-1029] - Overlay should be able to override web.xml
[OF-1033] - Orderly shutdown of MUC Service
New Feature
[OF-446] - Implement XEP-0198: Stream Management
[OF-682] - Add Portuguese translation
[OF-923] - FileTransferManager should generate \'complete\' event.
[OF-946] - Allow for multiple sets of keystores
[OF-947] - Overlay should support i18n
[OF-948] - Overlay should allow modification of src/resources
[OF-950] - Buildscript should be able to clean one plugin
[OF-967] - Add option to use Name as a nickname when adding muc bookmark
Story
[OF-990] - Remove support for Legacy Date Time (XEP-0090 / 91)
Task
[OF-767] - Bundle Openfire with Java 8 SE JRE
[OF-1001] - Drop Clearspace support
[OF-1016] - Add explanation to setup about default admin password

Wed Nov 18 13:00:00 2015 ecsosAATTopensuse.org
- update to 3.10.3
Bug
[OF-332] - ldap.connect.timeout not working with SSL connection
[OF-477] - SASL server in OF creates digest-uri based on xmpp.fqdn but it sends xmpp.domain to the client
[OF-881] - NIOConnection Thread Deadlock when two clients in each others roster simultaneously disconnect
[OF-887] - ldap.readTimeout not used when LDAP getContext() is called for queries
[OF-903] - ISE attempting to write data to a closed/closing session
[OF-918] - Character encoding issue in BOSH
[OF-926] - Clients can\'t authenticate using LDAP SSL
[OF-938] - BOSH packet namespace issue
[OF-949] - Offline message delivery failures
[OF-954] - Openfire clustering fails to correctly sync MUC room occupants
[OF-966] - failure tag not closed for TLS Negotiation Failure
New Feature
[OF-933] - Update websocket support per RFC 7395

Sun Jul 5 14:00:00 2015 ecsosAATTopensuse.org
- update to 3.10.2
Bug
[OF-992] - Downgrade Apache MINA to version 2.0.7 to fix performance and 100% CPU issue
[OF-924] - Enable LDAP SSL Connection Pooling
- changes from 3.10.1
Bug
[OF-881] - NIOConnection Thread Deadlock when two clients in each others roster simultaneously disconnect
[OF-883] - High CPU usage and hangup after a few days of running
[OF-889] - NPE on Admin Console (client sessions listing)
[OF-907] - SSLv2 Hello is rejected; prevents some clients connecting
[OF-909] - BOSH response should return ack attribute
[OF-910] - MUC de-synchronization issues
[OF-916] - Deadlock with MINA sslFilter

Fri Apr 24 14:00:00 2015 ecsosAATTopensuse.org
- update to 3.10.0
Bug
[OF-116] - Add a text explaining the path used for http-binding
[OF-397] - Do not deliver offline messages to clients with negative priority
[OF-405] - Openfire fails to verify chained certificates
[OF-444] - Jingle Nodes plugin should use lowercase in i18n file\'s name
[OF-460] - Debug log is not saving its state between restarts
[OF-474] - OpenFire still provides entry forms for already-registered room users
[OF-560] - Restore or drop support for Pack200 compression
[OF-565] - ConnectionHandler has parsing problems due to use of hashcode under heavy load.
[OF-629] - Remove XMPP Sessions
[OF-670] - MUC user count not kept in sync across cluster nodes
[OF-736] - Openfire should return SASL failure, when not using base64 encoding
[OF-754] - Lock out user option works incorrectly in some cases
[OF-778] - Setup LDAP broken during initial openfire configuration
[OF-786] - Muc - grant membership: nickname is not stored
[OF-794] - Client sessions for failed cluster nodes are not being cleaned up properly
[OF-795] - Unable to disable Message Carbons after they have been enabled by the client
[OF-796] - Plugin version check should be numeric rather than textual
[OF-799] - Changing server 2 server idle settings has broken UI
[OF-800] - Encryption setting wrong when adding a property via System Properties page
[OF-802] - MUC Invites result in 404
[OF-803] - Message Carbons may throw org.dom4j.IllegalAddException, resulting in disconnection
[OF-804] - Joining a locked MUC room should return instead of
[OF-805] - [MUC] OF does not return all affiliated users when requesting multiple affiliations
[OF-806] - Flash client connection closing with invalid_namespace error
[OF-807] - S2S whitelist form saving domains with \"-\" without it
[OF-811] - Remove deprecated \"xml-not-well-formed\" error in favor of \"not-well-formed\"
[OF-812] - Monitor plugin fails to handle start date properly
[OF-813] - Memory leak
[OF-818] - Message routing to bare JID can route to negative priority resources
[OF-819] - IQs (e.g. XMPP Pings) of type error get falsely routed to IQ.createResult() which results in an Exception and connection termination
[OF-822] - If a non-occupant sends a request to an occupant, a MUC service MUST return a error.
[OF-823] - Numeric overflow in MUCPersistenceManager when loading history older than 24 days.
[OF-830] - LDAP shared groups disappear after some time
[OF-832] - Monitoring plugin fixes
[OF-837] - PubSub should return non-persistent items (last published item)
[OF-839] - Forwarded extension should not overwrite extension namespaces of the forwarded message.
[OF-840] - BOSH does not include
[OF-845] - XSS vulnerability in Monitoring Service pages in Admin Console
[OF-849] - Error decoding subjectAltName DERTaggedObject cannot be cast to ASN1Sequence
[OF-853] - XEP-0077 Registration must return if username or password are unspecified.
[OF-855] - Openfire looses messages when multiple senders send messages to the same receiver that looses connection
[OF-857] - c2s stop responding, new connections hang
[OF-859] - Remove static service id reference in Node.class
[OF-860] - No MUC status code 110 (self-presence) after joining a room with more than one user
[OF-861] - Disable SSLv3 by default as per POODLE vulnerability
[OF-863] - Multiple NPEs encountered when running under high load/latency in cluster mode (via hazelcast plugin)
[OF-864] - Cleanup routes from defunct cluster member servers
[OF-866] - Unexpected \"session not found\" errors under load
[OF-870] - stanza with multiple \"to\" attributes generated after restart
[OF-874] - disco#items request SHOULD return connected or available resources
[OF-875] - Roster requests to bare JID of the user are not responded
[OF-876] - IQRosterHandler does not respect error cases in RFC 6121 § 2.3.3.
[OF-877] - BOSH connector does not properly restart after a configuration change
[OF-878] - NPE in MINAStatCollector
[OF-881] - NIOConnection Thread Deadlock when two clients in each others roster simultaneously disconnect
[OF-884] - Auditor uses wrong hour for file rotation
[OF-885] - Use non-blocking, async API for BOSH servlet
[OF-886] - Openfire fails to parse CDATA when it ends with sequence ]]]>
[OF-888] - s2s locks up with gmail
[OF-890] - BOSH client connections sometimes failing
[OF-894] - Openfire tries to close a closing session over and over.
[OF-895] - Update postgresql driver to support PostgreSQL 9.4
[OF-896] - Default client compression inconsistency
[OF-897] - GZipFilter fails on Async BOSH servlet
Improvement
[OF-189] - do not use com.sun.
* classes
[OF-593] - LocaleUtils.java_dots_ to_underscores_i18n _bundles
[OF-797] - Move ant-tasks in subdirectory (and delete ant.jar)
[OF-801] - Extend ant build script to support multi-platform binaries that do not have a file extension
[OF-828] - Add the MUC service plugin to Openfire plugins
[OF-835] - Prevent fast clients flooding Openfire causing OutOfMemoryError
[OF-838] - Allow for custom lib and conf file placement
[OF-841] - Add a note about UAC to the Installation Guide
[OF-842] - Additional properties in User Properties view
[OF-847] - Upgrade bouncycastle from 1.50 to 1.51
[OF-850] - Improve initialization state for JiveGlobals
[OF-869] - Update Jetty to 9.2.x version
[OF-893] - Mutual Authentication Broken for BOSH
New Feature
[OF-69] - Add \"Groups user belongs to\" column to the User Summary page
[OF-179] - Allow MUC permissions to be set using groups
[OF-250] - Allow to configure the groups of a user from the user profile
[OF-324] - Offline Email Notification
[OF-843] - Upgrade clustering components for new Session API method
Task
[OF-421] - Update MINA library to latest version
[OF-466] - Drop Java 5 support
[OF-709] - Update Jetty from 7.4 to 9.1
[OF-831] - A typo on Database Settings page during setup
[OF-901] - Update bundled JRE to 1.7.0_76

Fri Dec 19 13:00:00 2014 ecsosAATTopensuse.org
- insert requirements for building in openSUSE_13.2
xerces-j2-xml-apis xerces-j2-xml-resolver

Wed Jun 18 14:00:00 2014 ecsosAATTopensuse.org
- update to 3.9.3
Openfire Bugfix
[OF-2] - LocalOutgoingServerSession logs connection failures over verbosely
[OF-746] - Use update-alternatives to set JAVA_HOME on debian
[OF-779] - fetching from LDAP should escape results
[OF-780] - Update reCaptcha for HTTPS
[OF-781] - ConcurrentModificationException in kickPresence
[OF-782] - Wrong URL generated for editing groups with space in the names
[OF-783] - Apply encryption to secure properties during setup
[OF-784] - Possible NullPointerException in MessageRouter logic
[OF-787] - TLS server to server connections are not working with 3.9.2
[OF-788] - UserService plugin should not reset group properties when adding user to group
[OF-789] - Invalid token in Pubsub item purge SQL
[OF-791] - Joining new MUC room results in a 404 error
Openfire Improvement
[OF-744] - Replace package.html with package-info.java

Sat May 3 14:00:00 2014 marcelloceschiaAATTusers.sourceforge.net
- update to 3.9.2
Openfire Bugfix
[OF-24] - \"Issue with IQ subscription=\"remove\"
[OF-114] - Clearing cache can lock up MUC
[OF-183] - Bad-namespace prefix is actually invalid-namespace?
[OF-193] - Last logouts are not recorded when server is shut down
[OF-297] - fix: mutual roster deletion problem
[OF-303] - fix Flexible Offline Message Retrieval (XEP-0013) support
[OF-455] - Some unicode pattern in status message can break the session connection
[OF-471] - Error integrity of the compressed stream
[OF-544] - MUC change affiliation/role - admin IQ item processing bug
[OF-562] - Broadcasting roles for MUC are not loaded correctly from DB
[OF-633] - Current OfflineMessageStore logic discards valid MUC invites
[OF-640] - log4j doesn\'t pick up ${openfireHome}
[OF-669] - Visually failed first login to Admin Console
[OF-686] - Anonymous registration permits name with javascript payload
[OF-687] - MUC topic permits javascript payloads
[OF-692] - Node column in ofSecurityAuditLog table should accept NULL entries
[OF-693] - openfire init script target reload should not call restart
[OF-699] - Race condition during cluster initialization (Hazelcast plugin)
[OF-705] - Admin console (XSS) vulnerability lets attacker change admin password or create new admin
[OF-706] - Openfire does not close the stream with a stream error if the namespace is not \'http://etherx.jabber.org/streams\'
[OF-717] - The BOSH implementation should include a \'from\' attribute in its session creation response.
[OF-720] - Roster deletion of userB by userA should not remove userA from userB\'s roster
[OF-722] - Openfire should save XEP-0184 delivery receipts as offline message
[OF-725] - Openfire must return a service-unavailable error when blocking an IQ of type get or set because of a privacy list. OF should return error if a message stanza is blocked
[OF-731] - HybridUserProvider does not initialize correctly
[OF-733] - OF should not silently close a connection, when receiving a message without \'to\' attribute
[OF-734] - Openfire cannot deal with SASL
[OF-735] - Openfire should return SASL failure, when requesting an unknown mechanism
[OF-741] - Debian Installer should allow Java7 as a prereq
[OF-742] - MUC Service sends \"disturbing\" service messages.
[OF-743] - MUC room does not return its identity or features, when querying for room info
[OF-745] - Use TLS-dialback even if that mechanism is not advertised
[OF-746] - Use update-alternatives to set JAVA_HOME on debian
[OF-751] - NPE on PubSubEngine#shutdown on server shutdown
[OF-753] - Improve init script to work with opensuse and fix logic with PID file
[OF-755] - Monitoring plugin database fixes
[OF-756] - Fix Postgres purge process error
[OF-757] - Allow s2s message of subdomain of XMPP domain when no components are found
[OF-759] - Update bundled postgresql driver to PostgreSQL 9.3 JDBC4 (build 1101)
[OF-760] - MUC service does not include \"self-presence\" status code 110
[OF-761] - OF must return instead of when joining a MUC room without nickname
[OF-769] - Fix typo in monitoring plugin
[OF-770] - CVE-2014-2741 Uncontrolled Resource Consumption with XMPP-Layer Compression
[OF-772] - IQ type=\"result\" getting java.lang.IllegalArgumentException
[OF-774] - Needless code in AuthorizationManager
Openfire Improvements
[OF-163] - fix RosterItemProvider.getItems() for Oracle
[OF-298] - EntityCapabilityManager should not use a clustered cache
[OF-309] - Privacy Lists drop messages silently
[OF-411] - Admin or owner should be able to join a room when it has reached maximum occupants number
[OF-464] - Verify if there were packets pending to be sent and decide what to do with them
[OF-569] - Add deluser adhoc command
[OF-592] - build.xml_chmod_executables.patch
[OF-594] - PluginServlet.java_support_registering_servlets_programmatically.patch
[OF-729] - Upgrade Hazelcast plugin to latest release version (3.1.x)
[OF-730] - Migrate operational configuration properties from openfire.xml to DB
[OF-749] - Upgrade bouncycastle library from 1.49 to 1.50 to keep up with JitsiVideobridge
[OF-764] - Group chat history (MUC) should match configuration after server restart
[OF-771] - MUC service should flush recent history before shutting down
Openfire Features
[OF-125] - Restrict discovery of rooms based on users membership
[OF-206] - Add HybridUserProvider
[OF-347] - The domain should add support for Last Activity requests
[OF-638] - Add support for XEP-0202: Entity Time
[OF-682] - Add Portuguese translation
[OF-714] - Add ability to encrypt properties so they are encrypted in the db and do not appear in the admin console.
[OF-758] - Add support for XEP-0280 \"Message Carbons\"
[OF-775] - Improve logging of invalid presence show
Openfire Tasks
[OF-728] - Update installation package with the latest Java JRE
Openfire Sub-task
[OF-10] - Pubsub event message with SHIM information holding multiple subscriptions should have the name=\'SubID\'.
[OF-103] - [MUC] Allow nicknames to be used more than once in the same room

Thu Feb 6 13:00:00 2014 ecsosAATTopensuse.org
- update to 3.9.1
Openfire Improvements
[OF-697] - Update bundled MySQL JDBC driver to the newest 5.1.x version
[OF-715] - Update Openfire bouncycastle library from 1.46 to 1.49
Openfire Features
[OF-727] - Configuration option to disable presence broadcast for other resources on single user
Openfire Tasks
[OF-513] - Update installation package with the latest Java JRE (1.7.0_2 or higher)

Thu Feb 6 13:00:00 2014 ecsosAATTopensuse.org
- update to 3.9.0
Openfire Bug Fixes
[OF-454] - Openfire does not send user presence information to all resources of the user
[OF-496] - javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
[OF-676] - Pressing on workgroup in Fastpath causes an exception
[OF-677] - Monitoring Plugin - \"Null\" reappearing in Archive for Message Body
[OF-678] - Monitoring Plugin - Ever expanding Index
[OF-680] - Packet Filter Plugin does not allow creation of wildcard rules
[OF-718] - Fix Debian initscript to support more JAVA_HOME paths
[OF-719] - Userservice plugin leaves user roster items in DB when user is deleted
Openfire Improvements
[OF-654] - Openfire failes to create tables on MySQL 5.6
[OF-679] - Packet Filter - Add option for \"All Groups\" and auto creation of rules based on Openfire Group Settings
[OF-700] - Add a method to refresh a MUC room
[OF-701] - Better group properties handling
[OF-703] - UserService Plugin - Auto-create shared groups if not existing
[OF-704] - Make LDAP connection timeout configurable
[OF-715] - Update Openfire bouncycastle library from 1.46 to 1.49
Openfire New Features
[OF-681] - Add ability to search plugin to be able to restrict searching for users to only the group a user is in
[OF-716] - Add Jitsi Videobridge plugin to Openfire plugins
Openfire Task Fixes
[OF-698] - Bump version on all bundled openfire plugins, bump min version due to distributing java6 binaries now

Sun Jun 16 14:00:00 2013 ecsosAATTopensuse.org
- update to 3.8.2
Openfire Improvements
[OF-342] - Add CORS headers to HTTP-Binding/BOSH
[OF-393] - Group names with <> should be properly HTML escaped
[OF-650] - Add support for X-Forwarded-For (XFF) headers from proxied BOSH clients
[OF-655] - Add configurable JMX support
[OF-657] - Merge Atlassian Crowd provider into Openfire core
[OF-660] - Enhance the sessions pages (summary/detail) in the admin console
[OF-674] - Add roster management capabilities to userservice plugin
Openfire Bug Fixes
[OF-14] - Subscriptions to pubsub node should be based on the JID as supplied, not the bare JID
[OF-108] - Admin Console is adding BR tags when editing system property containing string with newlines
[OF-453] - Ensure HttpSession is terminated properly by session reaper
[OF-465] - Kicking MUC occupant on server is not propagated to clients
[OF-476] - FlashCrossDomainHandler causes infinite loop under some circumstances
[OF-477] - SASL server in OF creates digest-uri based on xmpp.fqdn but it sends xmpp.domain to the client
[OF-595] - Security audit logviewer is not escaping tags
[OF-646] - XmppDateTimeFormat is unable to parse date Strings
[OF-653] - BOSH deadlock
[OF-656] - Fix crossdomain.xml for BOSH
[OF-659] - JDBCUserProvider returns all users for a paginated search
[OF-661] - MUC Topic/Subject change not propagated to other cluster nodes
[OF-664] - Monitoring archive shows null in room chat logs
[OF-665] - MUC changes/activities do not propagate across cluster nodes
[OF-666] - Pubsub items should be created using cluster time rather than local time
[OF-667] - Monitoring plugin bad SQL for upgrade
[OF-668] - Pubsub items (persistent) may be dropped in certain cases
[OF-671] - XSS in server2server.jsp
[OF-673] - Should include a \'to\' attribute in initiating s2s streams
Openfire New Features
[OF-651] - Monitoring plugin should have an option to purge and restrict

Wed Apr 3 14:00:00 2013 ecsosAATTopensuse.org
- update to 3.8.1
Openfire Improvements
[OF-597] - Increase performance of fetch last pubsub item for a node
[OF-614] - Add /usr/lib/jvm/default-java to the collection of default locations to look for a JRE
Openfire Bug Fixes
[OF-102] - Deleting user does not clear out ofUserFlag
[OF-415] - Group disappears from the Group Summary view after editing its details
[OF-596] - Last published item is not loaded when leaf node is loaded into memory.
[OF-610] - Restore shared group support for read-only GroupProviders (LDAP)
[OF-612] - Upgrade bundled JRE to last version...
[OF-613] - RPM build failure with
[OF-615] - Improve Robustness of loading MUC service at startup
[OF-616] - Can\'t see newly created groups in Admin Console after the upgrade to 3.8.0
[OF-617] - Fastpath plugin fails to build
[OF-618] - Error in Admin console, MUC
[OF-619] - GoJara plugin library has Java-6 code
[OF-620] - JustMarried plugin library has Java-6 code
[OF-621] - JustMarried plugin throws NullPointerException
[OF-623] - PubsubPersistenceManager does not load nodes properly if the hierarchy has more than two levels.
[OF-624] - Illegal JID when configuring a created MUC room
[OF-627] - Update rpm bundled JRE 1.6u41

Sun Feb 24 13:00:00 2013 ecsosAATTopensuse.org
- update to 3.8.0
Openfire New Features
[OF-204] - Add clustering support to Personal Eventing via Pubsub
[OF-205] - Add clustering support to pub-sub
[OF-240] - Show last history messages in room with a specified age
[OF-483] - JDBCUserProvider hardcodes searchSQL
[OF-543] - Support OpenJDK for Debian build
Openfire Improvements
[OF-197] - Make openfire\'s plugin unloading -> loading more robust
[OF-278] - Do not load all the system user to memory for shared groups
[OF-342] - Add CORS headers to HTTP-Binding/BOSH
[OF-448] - Add support for Ant 1.8
[OF-481] - Upgrade Jetty from 7.0.1 to 7.5.4
[OF-497] - Properly determine size of Collections to be cached
[OF-506] - Phase out JettyLog
[OF-507] - Improve logging of failed roster updates
[OF-517] - Openfire should ignore Othername formats it doesn\'t understand
[OF-524] - When closing a session as a result of a problem, send a stanza.
[OF-529] - Allow users to get their own presence via presence plugin
[OF-535] - Fixed Lithuanian translation for the Search plugin
[OF-537] - Update Russian translation
[OF-561] - Update Webchat for Jetty 7
[OF-566] - Add RPM noarch build capability
[OF-575] - Fix the installation guide (Custom Parameters)
[OF-579] - Allow configuration of hazelcast plugin from outside the plugin jar
[OF-581] - Improve startup script for RedHat
[OF-582] - Improve locking on user\'s properties
[OF-602] - Hazelcast clustering plugin improvements
[OF-607] - When serializing JID instances in a cluster, do not use the (expensive) JID constructor
Openfire Bug Fixes
[OF-39] - The storage of items in memory in a persistent LeafNode is a memory leak
[OF-191] - store offline messages with empty body for pubsub
[OF-270] - Duplicate entry \'user xxx\' for key 1 -- Exposed during load testing.
[OF-271] - fix \"duplicate key violates unique constraint \"ofpresence_pk\"\"
[OF-419] - FastPath Web Authentication Bug
[OF-439] - Memory leak in PEP service
[OF-443] - S2S doesn\'t work (dialback broken)
[OF-480] - Logs directory is not created in the correct location on some systems
[OF-498] - \"Supplied key (null) is not a RSAPrivateKey instance\" error in the Server Settings / Server Certificates screen
[OF-510] - Buildfile fails if ran using Java 1.7
[OF-514] - BOSH terminate stanza needs terminate attribute
[OF-516] - user-roster-add.jsp has wrong name for groups textfield
[OF-518] - Admin Console saving \'CHOOSE\' for a STUN address, which causes annoying traceback
[OF-522] - Upgrade bundled JRE to 1.6u30
[OF-525] - Creating chatroom on console yields \"room_already_exists\" error when it does not
[OF-526] - Deleting room and specifying invalid alternate room JID causes trouble
[OF-527] - muc-create-permission.jsp displays an immediate error without adding users
[OF-533] - TLS filter applied to non-SSL connections does not use configurable algorithm
[OF-539] - HybridUserProvider does not load tertiaryClass due to typo
[OF-540] - Prevent NPE in LdapVcardProvider.java
[OF-542] - Fix Deprecated use in Log.java
[OF-558] - Improve BOSH robustness when connections drop for unknown reasons
[OF-564] - User import/export plugin concatenates group names in export
[OF-567] - zlib inflate synchronization issue
[OF-572] - The node configuration form does not contain the parent, children or type on a configured node.
[OF-573] - Thread synchronization issues with HttpSession/BOSH
[OF-584] - Fix DNS SRV support
[OF-586] - Deliver event notifications to all subscribed JIDs
[OF-588] - PEPService fails to be added to a clustered Cache
[OF-589] - improve JAVA_HOME detection in openfire.sh
[OF-590] - Console error in session view when a cluster member goes offline
[OF-591] - NullPointer exception thrown when deleting rooms via the Webinterface
[OF-598] - database.defaultProvider.testAfterUse/testBeforeUse should default to false
[OF-600] - Let a client to ask for the history messages of a specific date (XEP-0045)
[OF-601] - NPE with Privacy Lists while in cluster mode
[OF-605] - PEPHandler tries to cache presence for the entire world
[OF-606] - MUC room destroy can fail when no alternate JID is supplied
[OF-608] - ClassCastException: org.jivesoftware.openfire.component.InternalComponentManager$RoutableComponents cannot be cast to org.jivesoftware.openfire.session.OutgoingServerSession
Openfire Completed Tasks
[OF-352] - Change license to Apache
[OF-467] - Update build.xml to check for Java 7
[OF-511] - Upgrade BouncyCastle from 1.45 to 1.46
[OF-534] - Make the STUN implementation a plugin
[OF-98] - Bug in xmlns for grantowner and grantadmin / not in sync with JEP-0045
[OF-495] - A RosterItem could only be in one group
[OF-499] - Update org/jivesoftware/util/log/util/JettyLog to the Jetty 7.6.0/8.0 API
[OF-603] - Transport sends subscribe-Presence that can be denied

Sun Nov 25 13:00:00 2012 ecsosAATTopensuse.org
-
* change so openfire can use openjdk-1.7

* some other patches

Tue Jan 26 13:00:00 2010 nixAATTopensuse.org
- Dont enable fdupes (on resources/security/) as it breaks the crypto store
See: http://www.igniterealtime.org/issues/browse/OF-30
For now disabled completely..

Tue Jan 19 13:00:00 2010 nixAATTopensuse.org
- Add openfire-3.6.4-self_signed_certificate.patch from to fix SSL
cert problem: http://www.igniterealtime.org/issues/browse/OF-30

Fri Oct 23 14:00:00 2009 nixAATTopensuse.org
- Change java dependency to \"java-sun >=1.6.0\" so that SLES 11 works properly

Fri Jun 19 14:00:00 2009 claes.backstromAATTfsfe.org
- New upstrean 3.6.4
Openfire New Features

* Use stronger RSA encryption algorithm for certificates
creation.
Openfire Bug Fixes

* Prevent users from changing other users passwords.

* LdapGroups assumed all members never in AltBaseDN.

* Stacktrace of exception while initializing SSLConfig are
now logged.

* DefaultAdminProvider was not including default admin account
when there were no admins specified.

Wed Apr 29 14:00:00 2009 claes.backstromAATTfsfe.org
- New upstream 3.6.3
- Handle sysconfig file correctly
- Created rcopenfire symlink
- Moved to /usr/share for openSUSE 11.1 and later

Thu Apr 23 14:00:00 2009 mawAATTpobox.com
- Replace openfirect.patch with openfire-sysvinit.patch, which
patches the file necessary to allow openfire to build on
openSUSE 11.1.
Wed Jan 07 22:18:00 UTC 2008 - Peter Nixon
- Patch init script to add LSB compliant headers (to build on openSUSE 11.1+)
- Add rpm prereq line to silence rpmlint


  
ICM