File prosody.changes of Package prosody.openSUSE_Leap_42.3_Update

Overview Repositories Revisions Requests Users Attributes Meta

File prosody.changes of Package prosody.openSUSE_Leap_42.3_Update

-------------------------------------------------------------------
Tue May 29 14:56:34 UTC 2018 - mvetter@suse.com

- bsc#1094890 - CVE-2018-10847: insufficient stream header validation
- Add prosody-issue1147-v09x.patch

-------------------------------------------------------------------
Mon May 14 09:17:04 UTC 2018 - mvetter@suse.com

- bsc#1093088 Update to 0.9.13:
  Security:
  * Fix for compatibility with LuaSocket 3.0rc1 (fixes denial of service from remote)
  * mod_register: Require encryption before registration if c2s_require_encryption is set (fixes #595[1])
  * MUC: Ensure that elements which match our from are stripped (fixes #1055[2])
  Fixes and improvements:
  * Compatibility fix with newer LuaSec 0.6 (fixes #781[3])
  * mod_presence: Send probe once subscribed (fixes #794[4])
  * mod_net_multiplex: Enable SSL on the SSL port (fixes #803[5])
  Minor changes:
  * core.rostermanager: Add method for checking if the user is subscribed to a contact
  * mod_saslauth: Log SASL failure reason
  * mod_disco: Correctly set the 'node' attr (fixes #449)
  * mod_bosh: Update session.conn to point to the current connection (fixes #890)
  * net.dns: Simplify expiry calculation (fixes #919)
  * mod_watchregistrations: Return the pointer to the root of the stanza, fixes #922.
  * mod_disco: Add an account/registered identity on subscribed accounts, fixes #826.
  * mod_welcome: Return the pointer to the root of the stanza, fixes a bug similar to #922.
  * net.dns: Prevent answers from immediately expiring even if TTL=0 (see #919)
  * mod_saslauth: Use correct varible name (thanks Roi)
  * mod_c2s: Iterate over child tags instead of child nodes in stream error (fixes traceback from #987)
  * mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9)
  * MUC: Always send subject message, even if it is empty (fixes #1053)
  * MUC: fix the @from on in history replay (fixes #1054)
  * MUC: Rename variable to make it clearer that it is the room JID and not the MUC host

-------------------------------------------------------------------

Wed Jan 11 22:10:06 UTC 2017 - Mathias.Homann@opensuse.org

- added patch: prosody-lua51coexist.patch
  * makes prosody work on systems that have lua 5.1 and lua 5.2 installed.

-------------------------------------------------------------------
Wed Jan 11 09:02:59 UTC 2017 - mvetter@suse.com

- Update to 0.9.12:
    * Dependencies: Fix certificate verification failures when using LuaSec 0.6 (fixes #781)
    * mod_s2s: Lower log message to 'warn' level, standard for remotely-triggered protocol issues
    * certs/Makefile: Remove -c flag from chmod call (a GNU extension)
    * Networking: Prevent writes after a handler is closed (fixes #783)

-------------------------------------------------------------------
Fri Nov  4 16:08:21 UTC 2016 - mvetter@suse.com

- Update to 0.9.11:
    * HTTP parser: Improve buffering of incoming HTTP data and add size
limits (#603)
    * Sessionmanager: Fix for an issue which caused people to be kicked from conferences if mod_smacks was enabled (#648)
    * Dependencies: Workaround for compatibility with LuaSec 0.6 (#749)
    * MUC: Accept missing form as "instant room" request (#377)
    * C2S: Fix issues with destroying disconnected connections (#590), (#641)
    * mod_privacy: Fix selection of the top resource(s) #694
    * mod_presence: Make sure both users get each others presence after adding each other (#673)
    * mod_http_files: Fix traceback when serving a non-wildcard path (#611)
    * mod_http_files: Preserve a trailing slash in paths (#639)
    * util.datamanager: Fix error handling (#632)
    * net.server_event: Fix internal socket API to allow writing from socket.ondrain callback (#661)
    * net.server_event: Fix timeout (commit 1909bde0e79f)
    * net.server_event: Fix traceback due to write during TLS handshake (commit c774622ad9db)
    * net.server_event: Fix buffer length check (commit 206f9b0485ad)
- Remove prosody-upstream-0.9-branch-fixes.patch: included in update

-------------------------------------------------------------------
Tue Oct 11 15:12:33 UTC 2016 - mvetter@suse.com

- Change license to MIT

-------------------------------------------------------------------
Thu Sep 15 09:28:56 UTC 2016 - mvetter@suse.com

- Add prosody-upstream-0.9-branch-fixes.patch:
  Upstream pushes all fixes for a certain release to its own branch.
  See: https://prosody.im/files/branches_explained.png
  After some time, mostly when a security bug is found, they do a
  new minor release.
  The fixes however are often needed to make prosody run smoothly
  with its community modules. Thus I monitor them and add the patch
  set. It's only fixes no new features.

-------------------------------------------------------------------
Fri Jun 17 15:09:29 UTC 2016 - mvetter@suse.com

- Remove prosody-rpmlintrc: Not needed since last cleanup

-------------------------------------------------------------------
Mon May 23 10:52:48 UTC 2016 - mvetter@suse.com

- Add: 
  * prosody-0.9.10.tar.gz.asc
  * prosody.keyring containing Matthew and Zashs keys
- Enable source verification

-------------------------------------------------------------------
Mon May 23 09:57:24 UTC 2016 - mvetter@suse.com

- Move rcprosody into systemd section until we have proper sysvinit support

-------------------------------------------------------------------
Fri May 20 14:55:28 UTC 2016 - mvetter@suse.com

- Pass optflags to configure
- Install service file and create directories if needed in one run
- Dont strip debug symbols
- Dont need to verify permissions since we set them
- Create systemd tempfile properly
- Install config files with file glob
- Remove sysvinit stuff
- Cleanup systemd conditionals

-------------------------------------------------------------------
Tue Apr 26 10:46:53 UTC 2016 - mvetter@suse.com

- Use less rights

-------------------------------------------------------------------
Thu Feb 11 10:01:32 UTC 2016 - mvetter@suse.com

- Update to 0.9.10
  Security:
  * mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756)
  Fixes and improvements:
  * Startup: Open /dev/urandom read-only, to fix a failure to start on some systems
  * Networking: Improve handling of the 'select' network backend running out of file descriptors
  Minor changes:
  * Networking: Increase default internal read size to prevent connections stalling with LuaEvent
  * DNS: Discard queries that failed to send due to connection errors
  * c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users

-------------------------------------------------------------------
Thu Feb 11 09:46:11 UTC 2016 - mvetter@suse.com

- Update to 0.9.9
  Security fixes:
  * Fix path traversal vulnerability in mod_http_files (CVE-2016-1231)
  * Fix use of weak PRNG in generation of dialback secrets (CVE-2016-1232)
  Bugs:
  * Improve handling of CNAME records in DNS
  * Fix traceback when deleting a user in some configurations (issue #496)
  * MUC: restrict_room_creation could prevent users from joining rooms (issue #458)
  * MUC: fix occasional dropping of iq stanzas sent privately between occupants
  * Fix a potential memory leak in mod_pep
  Additions:
  * Add http:list() command to telnet to view active HTTP services
  * IPv4/v6 address selection code for outgoing s2s
  * Add support for importing SCRAM hashes from ejabberd

-------------------------------------------------------------------
Sat May  2 07:56:00 UTC 2015 - nekolayer@yandex.ru

- fix broken prosody-makefile.patch for correct lib path [bnc#926932]

-------------------------------------------------------------------
Tue Apr  7 09:46:33 UTC 2015 - g.bluehut@gmail.com

- Clean up spec file
- Update to 0.9.8
    * Ensure only valid UTF-8 is passed to libidn
    * Fix traceback caused when DNS server IP is unroutable
    * HTTP client: More robust handling of chunked encoding across packet boundaries
    * Stanza router: Fix handling of 'error' <iq>'s with multiple children
    * c2s: Fix error reply when clients try to bind multiple resources on the same stream
    * s2s: Ensure to/from attributes are always present on stream headers, even if empty
    * Build scripts: Add –libdir option to ./configure to simplify building on some platforms
    * Fix traceback in datamanager when used outside of Prosody
    * mod_admin_telnet: Fix potential traceback in server:memory() command
    * util.stanza: Don't XML-escape whitespace
    * prosodyctl: Fix traceback in 'about' command with LuaRocks 2.2.0

-------------------------------------------------------------------
Mon Oct 20 13:22:39 UTC 2014 - i@marguerite.su

- update version 0.9.6
  * certmanager, net.http: Disable SSLv3 by default
  * net.http.parser: Support status code 101 and allow handling 
    of the received data by plugins
  * util.filters: Ignore filters being added twice (fixes issues
    on removal, i.e. when some plugins are reloaded/unloaded)
  * mod_s2s: Close offending s2s streams missing an 'id' attribute
    with a stream error instead of throwing an unhandled error
  * Networking API: Add 'ondetach' callback for listener objects,
    to prevent leaks when connections have their listener changed
  * core.stanza_router: Stricter validation of stanzas
  * mod_admin_adhoc: Mark 'accountjids' field as required in 'end
    user sessions' command
  * mod_admin_adhoc: Add required to field in user deletion form 
    too
  * net.dns: Avoid duplicate cache entries
  * util.stanza: Escape newlines and tabs (\r\n\t) when serializing
    stanzas.
  * util/dataforms: Make sure we iterate over field tags only
  * mod_s2s: Capitalize log message
  * mod_pubsub: Fix error type of 'forbidden' (change from 'cancel'
    to 'auth')

-------------------------------------------------------------------
Wed Aug 20 17:42:14 UTC 2014 - i@marguerite.su

- install pid to %%{_piddir}, fix for factory

-------------------------------------------------------------------
Wed Aug 20 16:12:29 UTC 2014 - i@marguerite.su

- update version 0.9.4
  * Compression: Disallow compression on unauthenticated streams
  * Core: Limit default read size and maximum stanza size
  * Core: Enable SASL EXTERNAL by default for component s2s
  * S2S: Warn if `s2s_secure_auth` and `s2s_require_encryption` 
    have been set in conflicting ways
  * S2S: Warn if no local network addresses were found, 
    preventing successful s2s
  * MUC: Fix traceback when a non-occupant tried to change an 
    occupant's role
  * MUC: API: Fire an event when temporary rooms are destroyed 
    after the last person leaves
  * Telnet: Fixed traceback when listing users
  * Telnet: Apply normalization to JIDs in user management 
    commands
  * HTTP: Fix directory detection in file server on Windows
  * Plugins: Fix paths on Windows
  * MOTD: Don't strip blank lines from the message provided in 
    the config
  * prosodyctl: Better error reporting when generating 
    certificates
  * Makefile: Improve FreeBSD compatibility
  * Multiple fixes to our migration tools, and support for 
    importing MUCs from ejabberd

-------------------------------------------------------------------
Fri Feb 28 10:00:42 UTC 2014 - i@marguerite.su

- fix bnc#865781
  * /var/lib/prosody should be owned by prosody:prosody.

-------------------------------------------------------------------
Wed Feb 26 12:55:07 UTC 2014 - i@marguerite.su

- update version 0.9.3
  * A config file passed as command line argument is no longer 
    forgotten when config is reloaded
  * MUC: Allow admins to always bypass restrict_room_creation
  * Strip trailing '.' when normalizing hostnames
  * HTTP: Prevent silent connection failures
  * Components: Alow easier overriding of component authentication 
    by plugins
  * Components: Enable TCP keepalives
  * Migrator: Better error reporting and improved robustness
  * S2S: Include IP in log messages, if hostname is unavailable
  * TLS: Log error when initialization fails

-------------------------------------------------------------------
Tue Feb  4 07:55:28 UTC 2014 - i@marguerite.su

- "After" mysql.service, as if it starts before mysql, prosody
  can read account infos.

-------------------------------------------------------------------
Thu Jan 23 09:38:56 UTC 2014 - i@marguerite.su

- update to 0.8.2
  * IPv6 support for c2s, s2s and all other services (e.g. HTTP)
  * Server-to-server authentication using certificates (SASL EXTERNAL)
  * A new HTTP subsystem, supporting virtual hosts, and fully 
    reloadable modules
  * Client and server connections are now handled by modules: 
    mod_c2s, mod_s2s
  * mod_pubsub: Basic pubsub service (some features not yet implemented)
  * prosodyctl about - show information about a Prosody installation
  * prosodyctl cert - command to generate XMPP certificates and CSRs
  * Many very nice enhancements to our module API
  * MUC: Configurable per-room history length
  * MUC: Plugins can now extend the room configuration form
- if you're upgrading from 0.8.x or older, please read:
  * http://prosody.im/doc/release/0.9.0#upgrading

-------------------------------------------------------------------
Fri Jun 28 16:57:52 UTC 2013 - i@marguerite.su

- add systemd service
- fix CFG_SOURCEDIR in /usr/bin/{prosody,prosodyctl}
- create prosody:prosody.

-------------------------------------------------------------------
Sat Oct  1 13:08:32 UTC 2011 - t1locs@gmail.com

- prosody 0.8.2 has been released and fixes a small handful of bugs

-------------------------------------------------------------------
Tue Jun 14 15:37:47 CEST 2011 - florian.leparoux@gmail.com

- update to 0.8.1

-------------------------------------------------------------------
Mon Apr 26 12:19:27 CEST 2011 - florian.leparoux@gmail.com

- update to 0.8.0

-------------------------------------------------------------------
Wed Apr 7 17:09:24 CEST 2010 - stepan@coresystems.de

- update to 0.7.0rc1

-------------------------------------------------------------------
Wed Mar 17 00:00:00 UTC 2010 - florian.leparoux@gmail.com

- Fix dependencies

-------------------------------------------------------------------
Wed Feb 10 00:00:00 UTC 2010 - florian.leparoux@gmail.com

- Fix dependencies

-------------------------------------------------------------------
Sun Jan 24 00:00:00 UTC 2010 - florian.leparoux@gmail.com

- rebuild correctly prosody on openSUSE 11.2

-------------------------------------------------------------------
Wed Dec 29 00:00:00 UTC 2009 - florian.leparoux@gmail.com

- build prosody on openSUSE 11.2

Places

File prosody.changes of Package prosody.openSUSE_Leap_42.3_Update

Places