SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for prosody-0.10.3-lp150.3.9.1.x86_64.rpm :

* Thu Nov 29 2018 Michael Vetter - bsc#1117774 - Update to 0.10.3: Security:
* Don’t list room occupants in service discovery (fixes #1162) Fixes and improvements:
* mod_component: Fix a wrongly-placed closing parenthesis, fixes #1164.
* net.dns: Cache all records from the ‘answer’ and ‘additional’ sections (fixes #487)
* net.dns: Don’t attempt to cache unparsed data (fixes #1056)
* mod_mam: Handle edge-case of max=0 so that complete attr is set (fixes #1128)
* mod_s2s: Close sockets held by resolver (#1170)
* mod_admin_telnet: Add debug:events() and debug:logevents()
* Logging: Improvements to balance logging of stanzas during routing (#776)
* util.pposix: Fix building on OS X (#1202)
* mod_http: Make sure path from http_external_url always ends with a slash (fixes #1183) Minor changes:
* prosodyctl: Make log level configurable through PROSODYCTL_LOG_LEVEL (useful for debugging)
* prosodyctl: Allow cert dir to not be owned by root (fixes #1075)
* prosodyctl: Change ownership of certs to same as the cert base dir when running from a source checkout
* prosodyctl: Warn if attempting to run an unknown check (fixes #1161)
* mod_s2s: Fix DNS timeout setting for per-session resolvers (fixes #1167)
* mod_groups: Log a warning about invalid JIDs (#1180)
* mod_proxy65: Return an error if no port is open (fixes #1240)
* API: Add stanza method for removing all children with a specific name, xmlns
* Sat Jun 02 2018 mvetterAATTsuse.com- bsc#1094890 - (CVE-2018-10847): Submit 0.10.2 containing the fix to Leap 15.0
* Thu May 31 2018 benediktAATTg5r.eu- Update to 0.10.2: Security:
* mod_c2s: Do not allow the stream ‘to’ to change across stream restarts (fixes #1147) Minor changes:
* mod_websocket: Store the request object on the session for use by other modules (fixes #1153)
* mod_c2s: Avoid concatenating potential nil value (fixes #753)
* core.certmanager: Allow all non-whitespace in service name (fixes #1019)
* mod_disco: Skip code specific to disco on user accounts (avoids invoking usermanager, fixes #1150)
* mod_bosh: Store the normalized hostname on session (fixes #1151)
* MUC: Fix error logged when no persistent rooms present (fixes #1154)- change /usr/bin/env lua5.1 to /usr/bin/lua5.1 to fix the env-script-interpreter rpmlint error
* Wed May 16 2018 mvetterAATTsuse.com- Update to 0.10.1: Security:
* SQL: Ensure user archives are purged when a user account is deleted (fixes #1009[1]) Fixes and improvements:
* Core: More robust signal handling (fixes #1047[2], #1029[3])
* MUC: Ensure that elements which match our from are stripped (fixes #1055[4])
* MUC: More robust handling of storage failures (fixes #1091[5], #1091[5])
* mod_mam: Ensure a user\'s archiving preferences apply even when they are offline (fixes #1024[6])
* Compatibility improvements with LuaSec 0.7, improving curve support
* mod_stanza_debug: New module that logs full stanzas sent and received for debugging purposes
* mod_mam: Implement option to enable MAM implicitly when client support is detected (#867[7])
* mod_mam: Add an option for whether to include \'total\' counts by default in queries (for performance)
* MUC: send muc#stanza_id feature as per XEP-0045 v1.31 (fixes #1097[8]) Minor changes:
* SQL: Suppress error log if a transaction failed but was retried ok
* core.stanza_router: Verify that xmlns exists for firing stanza/iq/xmlns/name events (fixes #1022[9]) (thanks SamWhited)
* mod_carbons: Synthesize a \'to\' attribute for carbons of stanzas to \"self\" (fixes #956[10])
* Core: Re-enable timestamps by default when logging to files (fixes #1004[11])
* HTTP: Report HTML Content-Type on error pages (fixes #1030[12])
* mod_c2s: Set a default value for c2s_timeout (fixes #1036[13])
* prosodyctl: Fix traceback with lfs < 1.6.2 and show warning
* Fix incorrect \'::\' compression of a single 0-group which broke some IPv6 address matching
* mod_dialback: Copy function from mod_s2s instead of depending on it, which made it harder to disable s2s (fixes #1050[14])
* mod_storage_sql: Add an index to SQL archive stores to improve performance of some queries
* MUC: Don\'t attempt to reply to errors with more errors (fixes #1122[15])
* Module API: Fix parameter order to http client callbacks
* mod_blocklist: Allow mod_presence to handle subscription stanzas before bouncing outgoing presence (fixes #575[16])
* mod_http_files: Fix directory listing cache entries not expiring (fixes #1130[17])
* Fri Dec 15 2017 mvetterAATTsuse.com- Add pid file location to default config Seems this got lost with the update to 0.10.0- enable mod_posix
* Sat Dec 09 2017 sleep_walkerAATTopensuse.org- add lua51-BitOp as dependency for mod_websocket https://prosody.im/doc/packagers#section010
* Tue Oct 03 2017 mvetterAATTsuse.com- Update to 0.10.0: See https://blog.prosody.im/prosody-0-10-0-released/ for details- Remove because contained in new upstream:
* prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch
* prosody-backport-555.patch
* prosody-local-socket.patch- Update:
* prosody-configure.patch
* prosody-makefile.patch
* prosody-cfg.patch
* Fri Sep 15 2017 mvetterAATTsuse.com- Update prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch:
* mod_c2s: Iterate over child tags instead of child nodes in stream error (fixes traceback from #987)
* mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9)
* Sun Sep 10 2017 benediktAATTg5r.eu- Add prosody-backport-555.patch to backport the fix of issue #555:
* net.dns: Use new IPv4-specific socket factory if available (fixes dns on libevent with latest development version of luasocket)
* Thu Aug 03 2017 mvetterAATTsuse.com- Add prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch to get the following bugfixes:
* core.rostermanager: Add method for checking if the user is subscribed to a contact
* mod_presence: Send probe once subscribed (fixes #794)
* mod_net_multiplex: Enable SSL on the SSL port (fixes #803)
* mod_register: Require encryption before registration if c2s_require_encryption is set (fixes #595)
* mod_saslauth: Log SASL failure reason
* mod_disco: Correctly set the \'node\' attr (fixes #449)
* mod_bosh: Update session.conn to point to the current connection (fixes #890)
* net.dns: Simplify expiry calculation (fixes #919)
* mod_watchregistrations: Return the pointer to the root of the stanza, fixes #922.
* mod_disco: Add an account/registered identity on subscribed accounts, fixes #826.
* mod_welcome: Return the pointer to the root of the stanza, fixes a bug similar to #922.
* net.dns: Prevent answers from immediately expiring even if TTL=0 (see #919)
* mod_saslauth: Use correct varible name (thanks Roi)
* util.dependencies: Add compatibility code for LuaSocket no longer exporting as a global
* util.dependencies: Add comment about LuaSec compat
* Mon Jul 24 2017 jengelhAATTinai.de- Replace filler wording in description with content.
* Thu Jul 20 2017 tchvatalAATTsuse.com- Add patch to fix crash \"attempt to index global \'socket\'\":
* prosody-local-socket.patch
* Thu Jul 20 2017 tchvatalAATTsuse.com- Drop the systemd conditional as all systems have systemd now for our purposes.- Switch back to lua5.1 as 0.9 prosody works only with that
* Fri Jul 14 2017 tchvatalAATTsuse.com- Build against lua5.3 instead of lua5.1
* Tue Jul 11 2017 tchvatalAATTsuse.com- Fix build with namespaced lua
* Wed Jan 11 2017 Mathias.HomannAATTopensuse.org- added patch: prosody-lua51coexist.patch
* makes prosody work on systems that have lua 5.1 and lua 5.2 installed.
* Wed Jan 11 2017 mvetterAATTsuse.com- Update to 0.9.12:
* Dependencies: Fix certificate verification failures when using LuaSec 0.6 (fixes #781)
* mod_s2s: Lower log message to \'warn\' level, standard for remotely-triggered protocol issues
* certs/Makefile: Remove -c flag from chmod call (a GNU extension)
* Networking: Prevent writes after a handler is closed (fixes #783)
* Fri Nov 04 2016 mvetterAATTsuse.com- Update to 0.9.11:
* HTTP parser: Improve buffering of incoming HTTP data and add size limits (#603)
* Sessionmanager: Fix for an issue which caused people to be kicked from conferences if mod_smacks was enabled (#648)
* Dependencies: Workaround for compatibility with LuaSec 0.6 (#749)
* MUC: Accept missing form as \"instant room\" request (#377)
* C2S: Fix issues with destroying disconnected connections (#590), (#641)
* mod_privacy: Fix selection of the top resource(s) #694
* mod_presence: Make sure both users get each others presence after adding each other (#673)
* mod_http_files: Fix traceback when serving a non-wildcard path (#611)
* mod_http_files: Preserve a trailing slash in paths (#639)
* util.datamanager: Fix error handling (#632)
* net.server_event: Fix internal socket API to allow writing from socket.ondrain callback (#661)
* net.server_event: Fix timeout (commit 1909bde0e79f)
* net.server_event: Fix traceback due to write during TLS handshake (commit c774622ad9db)
* net.server_event: Fix buffer length check (commit 206f9b0485ad)- Remove prosody-upstream-0.9-branch-fixes.patch: included in update
* Tue Oct 11 2016 mvetterAATTsuse.com- Change license to MIT
* Thu Sep 15 2016 mvetterAATTsuse.com- Add prosody-upstream-0.9-branch-fixes.patch: Upstream pushes all fixes for a certain release to its own branch. See: https://prosody.im/files/branches_explained.png After some time, mostly when a security bug is found, they do a new minor release. The fixes however are often needed to make prosody run smoothly with its community modules. Thus I monitor them and add the patch set. It\'s only fixes no new features.
* Fri Jun 17 2016 mvetterAATTsuse.com- Remove prosody-rpmlintrc: Not needed since last cleanup
* Mon May 23 2016 mvetterAATTsuse.com- Add:
* prosody-0.9.10.tar.gz.asc
* prosody.keyring containing Matthew and Zashs keys- Enable source verification
* Mon May 23 2016 mvetterAATTsuse.com- Move rcprosody into systemd section until we have proper sysvinit support
* Fri May 20 2016 mvetterAATTsuse.com- Pass optflags to configure- Install service file and create directories if needed in one run- Dont strip debug symbols- Dont need to verify permissions since we set them- Create systemd tempfile properly- Install config files with file glob- Remove sysvinit stuff- Cleanup systemd conditionals
* Tue Apr 26 2016 mvetterAATTsuse.com- Use less rights
* Thu Feb 11 2016 mvetterAATTsuse.com- Update to 0.9.10 Security:
* mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756) Fixes and improvements:
* Startup: Open /dev/urandom read-only, to fix a failure to start on some systems
* Networking: Improve handling of the \'select\' network backend running out of file descriptors Minor changes:
* Networking: Increase default internal read size to prevent connections stalling with LuaEvent
* DNS: Discard queries that failed to send due to connection errors
* c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users
* Thu Feb 11 2016 mvetterAATTsuse.com- Update to 0.9.9 Security fixes:
* Fix path traversal vulnerability in mod_http_files (CVE-2016-1231)
* Fix use of weak PRNG in generation of dialback secrets (CVE-2016-1232) Bugs:
* Improve handling of CNAME records in DNS
* Fix traceback when deleting a user in some configurations (issue #496)
* MUC: restrict_room_creation could prevent users from joining rooms (issue #458)
* MUC: fix occasional dropping of iq stanzas sent privately between occupants
* Fix a potential memory leak in mod_pep Additions:
* Add http:list() command to telnet to view active HTTP services
* IPv4/v6 address selection code for outgoing s2s
* Add support for importing SCRAM hashes from ejabberd
* Sat May 02 2015 nekolayerAATTyandex.ru- fix broken prosody-makefile.patch for correct lib path [bnc#926932]
* Tue Apr 07 2015 g.bluehutAATTgmail.com- Clean up spec file- Update to 0.9.8
* Ensure only valid UTF-8 is passed to libidn
* Fix traceback caused when DNS server IP is unroutable
* HTTP client: More robust handling of chunked encoding across packet boundaries
* Stanza router: Fix handling of \'error\' \'s with multiple children
* c2s: Fix error reply when clients try to bind multiple resources on the same stream
* s2s: Ensure to/from attributes are always present on stream headers, even if empty
* Build scripts: Add –libdir option to ./configure to simplify building on some platforms
* Fix traceback in datamanager when used outside of Prosody
* mod_admin_telnet: Fix potential traceback in server:memory() command
* util.stanza: Don\'t XML-escape whitespace
* prosodyctl: Fix traceback in \'about\' command with LuaRocks 2.2.0
* Mon Oct 20 2014 iAATTmarguerite.su- update version 0.9.6
* certmanager, net.http: Disable SSLv3 by default
* net.http.parser: Support status code 101 and allow handling of the received data by plugins
* util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded)
* mod_s2s: Close offending s2s streams missing an \'id\' attribute with a stream error instead of throwing an unhandled error
* Networking API: Add \'ondetach\' callback for listener objects, to prevent leaks when connections have their listener changed
* core.stanza_router: Stricter validation of stanzas
* mod_admin_adhoc: Mark \'accountjids\' field as required in \'end user sessions\' command
* mod_admin_adhoc: Add required to field in user deletion form too
* net.dns: Avoid duplicate cache entries
* util.stanza: Escape newlines and tabs (\\r\
\\t) when serializing stanzas.
* util/dataforms: Make sure we iterate over field tags only
* mod_s2s: Capitalize log message
* mod_pubsub: Fix error type of \'forbidden\' (change from \'cancel\' to \'auth\')
* Wed Aug 20 2014 iAATTmarguerite.su- install pid to %%{_piddir}, fix for factory
* Wed Aug 20 2014 iAATTmarguerite.su- update version 0.9.4
* Compression: Disallow compression on unauthenticated streams
* Core: Limit default read size and maximum stanza size
* Core: Enable SASL EXTERNAL by default for component s2s
* S2S: Warn if `s2s_secure_auth` and `s2s_require_encryption` have been set in conflicting ways
* S2S: Warn if no local network addresses were found, preventing successful s2s
* MUC: Fix traceback when a non-occupant tried to change an occupant\'s role
* MUC: API: Fire an event when temporary rooms are destroyed after the last person leaves
* Telnet: Fixed traceback when listing users
* Telnet: Apply normalization to JIDs in user management commands
* HTTP: Fix directory detection in file server on Windows
* Plugins: Fix paths on Windows
* MOTD: Don\'t strip blank lines from the message provided in the config
* prosodyctl: Better error reporting when generating certificates
* Makefile: Improve FreeBSD compatibility
* Multiple fixes to our migration tools, and support for importing MUCs from ejabberd
* Fri Feb 28 2014 iAATTmarguerite.su- fix bnc#865781
* /var/lib/prosody should be owned by prosody:prosody.
* Wed Feb 26 2014 iAATTmarguerite.su- update version 0.9.3
* A config file passed as command line argument is no longer forgotten when config is reloaded
* MUC: Allow admins to always bypass restrict_room_creation
* Strip trailing \'.\' when normalizing hostnames
* HTTP: Prevent silent connection failures
* Components: Alow easier overriding of component authentication by plugins
* Components: Enable TCP keepalives
* Migrator: Better error reporting and improved robustness
* S2S: Include IP in log messages, if hostname is unavailable
* TLS: Log error when initialization fails
* Tue Feb 04 2014 iAATTmarguerite.su- \"After\" mysql.service, as if it starts before mysql, prosody can read account infos.
* Thu Jan 23 2014 iAATTmarguerite.su- update to 0.8.2
* IPv6 support for c2s, s2s and all other services (e.g. HTTP)
* Server-to-server authentication using certificates (SASL EXTERNAL)
* A new HTTP subsystem, supporting virtual hosts, and fully reloadable modules
* Client and server connections are now handled by modules: mod_c2s, mod_s2s
* mod_pubsub: Basic pubsub service (some features not yet implemented)
* prosodyctl about - show information about a Prosody installation
* prosodyctl cert - command to generate XMPP certificates and CSRs
* Many very nice enhancements to our module API
* MUC: Configurable per-room history length
* MUC: Plugins can now extend the room configuration form- if you\'re upgrading from 0.8.x or older, please read:
* http://prosody.im/doc/release/0.9.0#upgrading
* Fri Jun 28 2013 iAATTmarguerite.su- add systemd service- fix CFG_SOURCEDIR in /usr/bin/{prosody,prosodyctl}- create prosody:prosody.
* Sat Oct 01 2011 t1locsAATTgmail.com- prosody 0.8.2 has been released and fixes a small handful of bugs
* Tue Jun 14 2011 florian.leparouxAATTgmail.com- update to 0.8.1
* Tue Apr 26 2011 florian.leparouxAATTgmail.com- update to 0.8.0
* Wed Apr 07 2010 stepanAATTcoresystems.de- update to 0.7.0rc1
* Wed Mar 17 2010 florian.leparouxAATTgmail.com- Fix dependencies
* Wed Feb 10 2010 florian.leparouxAATTgmail.com- Fix dependencies
* Sun Jan 24 2010 florian.leparouxAATTgmail.com- rebuild correctly prosody on openSUSE 11.2
* Tue Dec 29 2009 florian.leparouxAATTgmail.com- build prosody on openSUSE 11.2
  
ICM