Skip to content

Releases: igniterealtime/Openfire

Openfire 5.0.0 Alpha Release

06 Jan 15:51
@akrherz akrherz
v5.0.0alpha
7fbd751
Compare
Choose a tag to compare
Openfire 5.0.0 Alpha Release Latest
Latest

To support an upcoming beta release of Openfire 5.0.0, we have created an alpha release to support some plugin development needs. API changes may still happen before a beta, so please use this release with caution / only for testing usage.

Improvement

OF-2132 Use CRL as provided by CA

OF-2134 Restore and improve Certificate Revocation support

OF-2785 Add IPv6 support when evaluating Client Session IP addresses

OF-2786 IPv6/IPv4 fallback

OF-2787 Add IPv6-specific documentation

OF-2789 Expose Netty executor pools

OF-2859 Rename MUCRole

OF-2862 Refactor 'role' and 'affiliation' related privileges

OF-2871 Allow optional password for alternate venue when destroying room

OF-2876 Rise minimal required JRE to 17

OF-2877 Reproducible builds

OF-2892 Available Plugins page: redesign to make Documentation easier to see

OF-2902 Update commons-fileupload for transitive CVE

OF-2903 Upgrade Sitemesh

OF-2914 Reduce verbosity of TLS issues

OF-2919 Don't let XMPP-decoder decode TLS's End-of-Transmission

OF-2922 FMUC compatibility with M-Link

OF-2924 Reduce duplicate code in Multi-providers

OF-2926 Add documented configuration options for LdapAuthProvider's cache

OF-2927 Allow LDAP alternateBaseDN to be configured in admin console

OF-2928 Improve parallel execution of multi-providers

OF-2939 Show plugin warning on index page

OF-2942 S2S outbound can give up faster when encryption and/or auth mechanisms are exhausted

New Feature

OF-2760 Add option to tombstone/retire a MUC upon deletion, preventing the name from use in the future

OF-2885 TaskEngine jobs to support Future

OF-2916 Add option to delete history on room deletion

OF-2917 Add option to preserve room history on room deletion

OF-2918 Add option to clear history for a given MUC

OF-2923 Use more than one AD/LDAP server

OF-2925 Have multi-providers for groups

Task

OF-2717 Migrate to Jetty 12

OF-2722 Phase out commons-fileupload

OF-2729 Setup IPv6 tests

OF-2905 Update Maven Wrapper to 3.3.2

OF-2943 Update database used by unit tests

Sub-task

OF-2861 Rename MUCRole, breaking changes

Bug

OF-2397 Subscription change requests for shared contacts are partially processed

OF-2631 Access model of leaf nodes is ignored

OF-2784 IPv6 addresses should be usable in Registration&Login settings

OF-2865 A moderator SHOULD NOT be allowed to revoke moderation privileges from someone with a higher affiliation than themselves

OF-2904 Invalid OtherName parsing of TLS certificates

OF-2911 NPE: Cannot invoke "java.lang.StringBuilder.length()" because "this.buffer" is null

OF-2912 Admin Console reports DNS Issue while dns-check.jsp reporting no issue

OF-2915 Database statistics don't observe end-time

OF-2930 Vulnerability discovered in netty-common- 4.1.108.Final.jar CVE-2024-47535

OF-2935 Unable to set the 'Retire room names on deletion..' check box in a clustered environment

OF-2938 Missing warnings for incompatible plugins

OF-2941 Incorrect detection of plugin update with SNAPSHOTs

sha256sum values

303cf1f37b48b50e9819ae19608eaca4c69317405188fab62748add1b75b42b9  openfire_5_0_0-alpha.exe
55b50617ce8029ad785f945d100d0a247a95a4ccf81615b2a3c63ed16451bfe2  openfire_5_0_0-alpha.tar.gz
5f7d074c2bb9fa9969b67c8f2776fa38b2cc57f6056cce1db7b6dc84aeff2b95  openfire_5_0_0-alpha_x64.exe
8e43b4f62c9d6b2362fa4f22d629c97e651deb5066f8162cad4fa49252bdf1d3  openfire_5_0_0-alpha.zip
2ae99276a48c2c7d21519a9a4ab3368e535e3f53a7f87fa3b670585e9e19e83c openfire_5.0.0_all.deb
9ce132179d0a0bb0902e1bde103e40f1b5f740e461c8173597ac38338b008f6d  openfire-5.0.0-1.noarch.rpm
Assets 8
Loading

Openfire 4.9.2 Release

11 Nov 21:18
@akrherz akrherz
v4.9.2
dd3cca6
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.9.2 Release

Bug

  • [OF-2900] - LocalIncomingServerSessionTest.incomingTest failures on Rocky Linux 9 / openjdk 11
  • [OF-2901] - Reduce noisy logging of insecure LDAP
  • [OF-2906] - Cannot proceed with setup error

sha256sum values

56b172229ff355c54caaba01f2d93ede05c636ccf113502ae512a6a9be9f4ebc  openfire-4.9.2-1.noarch.rpm
2d81b8ed858146c135b862c200c81c48d67101b0d7108c0aa96346dbec45e559  openfire_4.9.2_all.deb
fd3b4d9a6bae21033396aef014a2d7e98979312289e6c193baa7517906af0cb9  openfire_4_9_2.dmg
4576e361daa48e7f25356a2a2ddf1a75fec8fac09290a96b83f106219288567b  openfire_4_9_2.exe
029858da4cd82165b059f21787ae41d2ca327aca22fdadbc087b8eb12c48284c  openfire_4_9_2.tar.gz
8c993828e58c7f0277e817783411121b653b2e73df42bfa6b9ebb03466a5b1db  openfire_4_9_2_x64.exe
4eb6bcc89aca3dd1cd81363e453de22c354f2df22442ff639685d55aa2fe0742  openfire_4_9_2.zip

Please note that the openfire RPM artefact was refreshed after inital upload to correct compatibility level.

Assets 9
Loading

Openfire 4.9.1 Release

01 Nov 16:14
@akrherz akrherz
v4.9.1
5ac6f7d
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.9.1 Release

Improvement

  • [OF-2880] - Disable directory listing of admin console
  • [OF-2893] - Make it clearer when a plugin exposes HTTP wildcard routes

Bug

  • [OF-2868] - NullPointerException while configuration encryption algorithms
  • [OF-2873] - Improvements to debian build
  • [OF-2874] - RPM build script fails when date locale non-english
  • [OF-2884] - Making a group member a group admin removes the user from the group
  • [OF-2890] - CSRF bug prevents AD admin test
  • [OF-2891] - Misaligned button in directory service admin setup
  • [OF-2896] - Memory Leak PreAuthSessions
  • [OF-2897] - No-such-user detection misses anonymous users
  • [OF-2898] - Session Destroyed event no longer published
  • [OF-2899] - Handle null SASL mechanisms

sha256sum values

8c489503f24e35003e2930873037950a4a08bc276be1338b6a0928db0f0eb37d  openfire-4.9.1-1.noarch.rpm
1e80a119c4e1d0b57d79aa83cbdbccf138a1dc8a4086ac10ae851dec4f78742d  openfire_4.9.1_all.deb
69a946dacd5e4f515aa4d935c05978b5a60279119379bcfe0df477023e7a6f05  openfire_4_9_1.dmg
c4d7b15ab6814086ce5e8a1d6b243a442b8743a21282a1a4c5b7d615f9e52638  openfire_4_9_1.exe
d9f0dd50600ee726802bba8bc8415bf9f0f427be54933e6c987cef7cca012bb4  openfire_4_9_1.tar.gz
de45aaf1ad01235f2b812db5127af7d3dc4bc63984a9e4852f1f3d5332df7659  openfire_4_9_1_x64.exe
89b61cbdab265981fad4ab4562066222a2c3a9a68f83b6597ab2cb5609b2b1d7  openfire_4_9_1.zip
Assets 9
Loading

Openfire 4.9.0 Release

17 Sep 18:08
@akrherz akrherz
v4.9.0
6958b32
Compare
Choose a tag to compare
Openfire 4.9.0 Release

Improvement

  • [OF-2854] - Do not build a distribution.jar
  • [OF-2855] - Avoid non-cross platform filesystem references in Maven assembly
  • [OF-2856] - Do not attempt to attach basic-distribution directory as a Maven artifact
  • [OF-2857] - Replace bundled install4j runtime with a Maven dependency
  • [OF-2864] - Deprecate custom Base64 class
  • [OF-2869] - Add support for Persian/Farsi

Task

  • [OF-2867] - Remove code marked for deprecation in 4.9.0 or later

Sub-task

  • [OF-2860] - Rename MUCRole, non-breaking changes

Bug

  • [OF-2830] - Plugin servlet mapping not precise
  • [OF-2848] - Presence sent after room destruction sometimes doesn't include required element
  • [OF-2853] - Admin console cluster overview bars are wrong
  • [OF-2872] - Unexpected disconnects (possibly involving cyrillic character usage)

sha256sum values

7973cc2faef01cb2f03d3f2ec59aff9b2001d16b2755b4cc0da48cc92b74d18a  openfire-4.9.0-1.noarch.rpm
a0cd627c629b00bb65b6080e06b8d13376ec0a4170fd27e863af0573e3b4f791  openfire_4.9.0_all.deb
bf62c02b0efe1d37fc505f6942a9cf058975746453d6d0218007b75b908a5c3c  openfire_4_9_0.dmg
1082d9864df897befa47230c251d91ec0780930900b2ab2768aaabd96d7b5dd9  openfire_4_9_0.exe
12a4a5e5794ecb64a7da718646208390d0eb593c02a33a630f968eec6e5a93a0  openfire_4_9_0.tar.gz
c86bdb1c6afd4e2e013c4909a980cbac088fc51401db6e9792d43e532963df72  openfire_4_9_0_x64.exe
97efe5bfe8a7ab3ea73a01391af436096a040d202f3d06f599bc4af1cd7bccf0  openfire_4_9_0.zip
Assets 9
Loading

Openfire 4.8.3 Release

11 Jul 14:59
@akrherz akrherz
v4.8.3
4abc5cc
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.3 Release

Improvement

  • [OF-2846] - Update zh_CN translation

Bug

  • [OF-2843] - When admin attempts to ban owner, incorrect error condition is returned
  • [OF-2844] - Admins and owners must not be able to ban themselves
  • [OF-2845] - Failing close listener can severely delay closure of connection

sha256sum values

b86bf8c01ede9cb2ae4f43dfd2f49239d9af2d73f650c7c2d52e5a936035e520  openfire-4.8.3-1.noarch.rpm
3f6da6c89ce701d974f6a1afe5ac0245f7112c5d165934eb1a85a749a1f040e2  openfire_4.8.3_all.deb
4fce60210033216556881fd9c988bea3ce30c0ed845f4dec3d4284ee835e8208  openfire_4_8_3.dmg
28b64c144001b0f6fb6eb4705d0bb1a92581774369378196182b8d35237b83be  openfire_4_8_3.exe
43d3b042357a5c975785f3f223490e3dd18b1f499c206be6cd0857172cc005fc  openfire_4_8_3.tar.gz
a09752fbe1226724d466028036fc65d31fe88e60a0efb27a87f1e10ab100fbb1  openfire_4_8_3_x64.exe
5c0638f150ccb61471b4b5152743b6d18cbe008473f454ed0091a13d7b80cb85  openfire_4_8_3.zip
Assets 9
Loading

Openfire 4.8.2 Release

03 Jul 15:10
@akrherz akrherz
v4.8.2
4da89ed
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.2 Release

Improvement

  • [OF-2818] - Websocket buffers should not be 5MB
  • [OF-2825] - Implement XEP-0030's security considerations
  • [OF-2827] - Make handling of 'username' consistent between JdbcAuth- and JdbcUserProvider
  • [OF-2834] - Update Bouncy Castle to 1.78.1
  • [OF-2835] - Advertise XEP-0115 support
  • [OF-2840] - XMPPDateTimeFormat parsing improvements

Task

  • [OF-2819] - Update Netty to 4.1.108

Bug

  • [OF-2824] - RoutingTable cache inconsistency
  • [OF-2832] - Cannot set MUC avatar with LdapVCardProvider
  • [OF-2833] - Cannot serialize User instances
  • [OF-2836] - CapsManager ignores provided hash identifier
  • [OF-2838] - MUST return error when user updates someone else's vcard
  • [OF-2839] - MUST return error when requesting VCard from someone that doesn't have one
  • [OF-2841] - Capabilities offered by stream feature doesn't include features for registered users

sha256sum values

4c2674fbf00768cf7ca9ccc9a6ef7e4aa693c19d9885ca469771677934634a40  openfire-4.8.2-1.noarch.rpm
76665dc80607516d12f1c8b7b323417e7993d2f87de2e82deeef43dd6a7d9761  openfire_4.8.2_all.deb
75c513db3c7e50fc5c28a7131aecc0c60ad2f858d7f04a9fe5d58a5de118afec  openfire_4_8_2.dmg
d5af1c2012d092c7c1cd9247db4e4d8039f2617adc9f212d75e549eeca0a389a  openfire_4_8_2.exe
4634e5be6314a5348e5e01413864a8ec6a7b3bbe6e2db1c051512c9bd72a199a  openfire_4_8_2.tar.gz
82c5abdf917b8958311f5813960f3b545266d99d0f646eac9dddbaf0ef52c905  openfire_4_8_2_x64.exe
3327bc610af606a2df28a7077f225a68cf2d04d30a4c37592a5d17f5c22e8c07  openfire_4_8_2.zip
Assets 9
Loading

Openfire 4.8.1 Release

02 Mar 17:58
@akrherz akrherz
v4.8.1
6f4eb4c
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.1 Release

Improvement

  • [OF-2651] - Give explict names to Netty's threads
  • [OF-2788] - Have distinct thread pools for each type of connection
  • [OF-2791] - Announce support for PubSub delete-item
  • [OF-2798] - Admin Console should warn end-user if plugin installation failed
  • [OF-2800] - Guard against a surplus of database connection errors being logged
  • [OF-2802] - Upgrade postgresql database driver for CVE-2024-1597

New Feature

  • [OF-284] - Add service administration support

Bug

  • [OF-2166] - When deleting a user, remove it from transient MUC rooms
  • [OF-2310] - Cache data inconsistency: MUC
  • [OF-2758] - Deleting an admin user does not remove the name from \`admin.authorizedJIDs\`
  • [OF-2768] - Do not use default value for user's creation / last modified date
  • [OF-2774] - 4.8.0 not counting "whitespace ping" as session activity
  • [OF-2775] - RSS News Feed appears empty
  • [OF-2777] - Misbehaving Shared-With-Group option for Contact List sharing
  • [OF-2778] - Duplicate \(group\)chat messages are received
  • [OF-2781] - SerializableCache appears to be unusable \(ClassCastException on creation\)
  • [OF-2782] - SerializableCache instances do not get recreated on cluster switch
  • [OF-2792] - Cache-summary page shows wrong stats when using Clustering
  • [OF-2795] - Delete MUC-based authorization when deleting user
  • [OF-2799] - OccupantManager doesn't remove all items when clustering
  • [OF-2805] - Session details shows 'resource' column, but does not show resources
  • [OF-2806] - Routing Servers cache inconsistency doesn't list the missing items
  • [OF-2807] - Contact List \(Roster\) Sharing changes are not immediately applied
  • [OF-2808] - Stream Management Resume fails
  • [OF-2809] - Disabling client idle time breaks websockets
  • [OF-2810] - Resumed stream is no longer resumable

sha256sum values

2ff28c5d7ff97305b2d6572e60b02f3708e86750d959459d7c5d6e17d4f9f932  openfire-4.8.1-1.noarch.rpm
f622719e4dbd43aadc9434ba4ebc0d8c65ec30dd25a7d2e99c7de33006a24f56  openfire_4.8.1_all.deb
3507b5d64c961daf526a52a73baaac7c84af12eb0115b961c2f95039255aec57  openfire_4_8_1.dmg
141f6eaf374dfb7c4cca345e1b598fed5ce3af9c70062a8cc0d9571e15c29c7d  openfire_4_8_1.exe
c6f0cf25a2d10acd6c02239ad59ab5954da5a4b541bc19949bd381fefb856da1  openfire_4_8_1.tar.gz
bec5b03ed56146fec2f84593c7e7b269ee5c32b3a0d5f9e175bd41f28a853abe  openfire_4_8_1_x64.exe
7403113b701aaf8a37dcd2d7e22fbb133161d322ad74505c95e54eaf6533f183  openfire_4_8_1.zip
Assets 9
Loading

Openfire 4.8.0 Release

12 Jan 16:58
@akrherz akrherz
v4.8.0
89722b7
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' (required for SASL EXTERNAL) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove (unused?) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString() in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration (and newline) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8+ variant of Bouncy Castle
  • [OF-2724] - Resolve (non-breaking) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4
  • [OF-2746] - Add Content Security Policy (CSP) headers to web endpoints

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

Read more
Assets 9
Loading

Openfire 4.8.0 Beta Release

17 Nov 15:10
@akrherz akrherz
v4.8.0beta
01625be
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Beta Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' \(required for SASL EXTERNAL\) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove \(unused?\) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString\(\) in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration \(and newline\) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8\+ variant of Bouncy Castle
  • [OF-2724] - Resolve \(non-breaking\) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

  • [OF-1574] - Add support for XEP-0352: Client State Indication
  • [OF-2474] - Allow IP-based access control to the admin console
  • [OF...
Read more
Assets 9
Loading

Openfire 4.7.5 Release

23 May 15:11
@akrherz akrherz
v4.7.5
ee4395e
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.5 Release

4.7.5 -- May 23, 2023

Improvement

  • [OF-2459] - Admin console CSS tweaks
  • [OF-2461] - Validate JIDs that are sent by remote servers
  • [OF-2462] - Apply nodeprep on S2S stanza addresses
  • [OF-2464] - Do not default to Chinese locale
  • [OF-2539] - Name threads
  • [OF-2541] - Plugins should have updated SCM references

Task

  • [OF-2508] - Ensure that MUC Room names are nodeprepped
  • [OF-2584] - Update dependency-check to 8.1.2
  • [OF-2585] - Update commons-fileupload to 1.5
  • [OF-2586] - Update mysql-connector from 8.0.28 to 8.0.32
  • [OF-2587] - Update twelvemonkeys imageio-core from 3.5 to 3.7.1 or higher
  • [OF-2588] - Update SQL Server JDBC driver from 7.4.1 to 9.4.1
  • [OF-2589] - Remove protobuf-java from mysql-connector-j

Story

  • [OF-2493] - Update postgresql to 42.4.1

Sub-task

  • [OF-2596] - Improve detection of path traversal
  • [OF-2597] - Add config option for using wildcards in AuthCheckFilter
  • [OF-2598] - Remove wildcard usage in AuthCheckFilter
  • [OF-2599] - Avoid having setup-specific auth-excludes after install

Bug

  • [OF-2538] - Overzealous deletion of child properties
  • [OF-2543] - pubsub should always deliver payloads when items are retrieved.
  • [OF-2561] - Fallback of verifyCertificateValidity for connection listener uses incorrect setting
  • [OF-2575] - Text formatting error in registration settings
  • [OF-2578] - Fix failing aioxmpp tests
  • [OF-2595] - CVE-2023-32315 Admin Console Auth Bypass

sha256sum values

f70faf11b4798fefb26a20f7d60288d275a6d568db78faf79a4194cbae72eab4  openfire-4.7.5-1.noarch.rpm
d1283d417dacb74d67334c06420679aae62d088bd3439c8135ccfc272fd5b95b  openfire_4.7.5_all.deb
60d8efb96a1891cda2deac2cda9808cf6adec259f090d3a7fb2b7ca21484d75b  openfire_4_7_5.exe
98d36c2318706c545345274234e2f5ccbf0f72f7801133effea342e2776b8bb0  openfire_4_7_5.tar.gz
e95348be890aff64a7447295ab18eebb29db4bdc346b802df0c878ebbbf1d18e  openfire_4_7_5_x64.exe
a5bb8c9b944b915bdf7ecf92cd2a689d0cf09e88bfc2df960f38000f6b788194  openfire_4_7_5.zip
Assets 9
Loading