Skip to content

Releases: igniterealtime/Openfire

Openfire 4.8.1 Release

02 Mar 17:58
@akrherz akrherz
v4.8.1
6f4eb4c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.1 Release Latest
Latest

Improvement

  • [OF-2651] - Give explict names to Netty's threads
  • [OF-2788] - Have distinct thread pools for each type of connection
  • [OF-2791] - Announce support for PubSub delete-item
  • [OF-2798] - Admin Console should warn end-user if plugin installation failed
  • [OF-2800] - Guard against a surplus of database connection errors being logged
  • [OF-2802] - Upgrade postgresql database driver for CVE-2024-1597

New Feature

  • [OF-284] - Add service administration support

Bug

  • [OF-2166] - When deleting a user, remove it from transient MUC rooms
  • [OF-2310] - Cache data inconsistency: MUC
  • [OF-2758] - Deleting an admin user does not remove the name from \`admin.authorizedJIDs\`
  • [OF-2768] - Do not use default value for user's creation / last modified date
  • [OF-2774] - 4.8.0 not counting "whitespace ping" as session activity
  • [OF-2775] - RSS News Feed appears empty
  • [OF-2777] - Misbehaving Shared-With-Group option for Contact List sharing
  • [OF-2778] - Duplicate \(group\)chat messages are received
  • [OF-2781] - SerializableCache appears to be unusable \(ClassCastException on creation\)
  • [OF-2782] - SerializableCache instances do not get recreated on cluster switch
  • [OF-2792] - Cache-summary page shows wrong stats when using Clustering
  • [OF-2795] - Delete MUC-based authorization when deleting user
  • [OF-2799] - OccupantManager doesn't remove all items when clustering
  • [OF-2805] - Session details shows 'resource' column, but does not show resources
  • [OF-2806] - Routing Servers cache inconsistency doesn't list the missing items
  • [OF-2807] - Contact List \(Roster\) Sharing changes are not immediately applied
  • [OF-2808] - Stream Management Resume fails
  • [OF-2809] - Disabling client idle time breaks websockets
  • [OF-2810] - Resumed stream is no longer resumable

sha256sum values

2ff28c5d7ff97305b2d6572e60b02f3708e86750d959459d7c5d6e17d4f9f932  openfire-4.8.1-1.noarch.rpm
f622719e4dbd43aadc9434ba4ebc0d8c65ec30dd25a7d2e99c7de33006a24f56  openfire_4.8.1_all.deb
3507b5d64c961daf526a52a73baaac7c84af12eb0115b961c2f95039255aec57  openfire_4_8_1.dmg
141f6eaf374dfb7c4cca345e1b598fed5ce3af9c70062a8cc0d9571e15c29c7d  openfire_4_8_1.exe
c6f0cf25a2d10acd6c02239ad59ab5954da5a4b541bc19949bd381fefb856da1  openfire_4_8_1.tar.gz
bec5b03ed56146fec2f84593c7e7b269ee5c32b3a0d5f9e175bd41f28a853abe  openfire_4_8_1_x64.exe
7403113b701aaf8a37dcd2d7e22fbb133161d322ad74505c95e54eaf6533f183  openfire_4_8_1.zip
Assets 9

Openfire 4.8.0 Release

12 Jan 16:58
@akrherz akrherz
v4.8.0
89722b7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' (required for SASL EXTERNAL) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove (unused?) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString() in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration (and newline) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8+ variant of Bouncy Castle
  • [OF-2724] - Resolve (non-breaking) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4
  • [OF-2746] - Add Content Security Policy (CSP) headers to web endpoints

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

Read more
Assets 9

Openfire 4.8.0 Beta Release

17 Nov 15:10
@akrherz akrherz
v4.8.0beta
01625be
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Beta Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' \(required for SASL EXTERNAL\) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove \(unused?\) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString\(\) in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration \(and newline\) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8\+ variant of Bouncy Castle
  • [OF-2724] - Resolve \(non-breaking\) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

  • [OF-1574] - Add support for XEP-0352: Client State Indication
  • [OF-2474] - Allow IP-based access control to the admin console
  • [OF...
Read more
Assets 9

Openfire 4.7.5 Release

23 May 15:11
@akrherz akrherz
v4.7.5
ee4395e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.5 Release

4.7.5 -- May 23, 2023

Improvement

  • [OF-2459] - Admin console CSS tweaks
  • [OF-2461] - Validate JIDs that are sent by remote servers
  • [OF-2462] - Apply nodeprep on S2S stanza addresses
  • [OF-2464] - Do not default to Chinese locale
  • [OF-2539] - Name threads
  • [OF-2541] - Plugins should have updated SCM references

Task

  • [OF-2508] - Ensure that MUC Room names are nodeprepped
  • [OF-2584] - Update dependency-check to 8.1.2
  • [OF-2585] - Update commons-fileupload to 1.5
  • [OF-2586] - Update mysql-connector from 8.0.28 to 8.0.32
  • [OF-2587] - Update twelvemonkeys imageio-core from 3.5 to 3.7.1 or higher
  • [OF-2588] - Update SQL Server JDBC driver from 7.4.1 to 9.4.1
  • [OF-2589] - Remove protobuf-java from mysql-connector-j

Story

  • [OF-2493] - Update postgresql to 42.4.1

Sub-task

  • [OF-2596] - Improve detection of path traversal
  • [OF-2597] - Add config option for using wildcards in AuthCheckFilter
  • [OF-2598] - Remove wildcard usage in AuthCheckFilter
  • [OF-2599] - Avoid having setup-specific auth-excludes after install

Bug

  • [OF-2538] - Overzealous deletion of child properties
  • [OF-2543] - pubsub should always deliver payloads when items are retrieved.
  • [OF-2561] - Fallback of verifyCertificateValidity for connection listener uses incorrect setting
  • [OF-2575] - Text formatting error in registration settings
  • [OF-2578] - Fix failing aioxmpp tests
  • [OF-2595] - CVE-2023-32315 Admin Console Auth Bypass

sha256sum values

f70faf11b4798fefb26a20f7d60288d275a6d568db78faf79a4194cbae72eab4  openfire-4.7.5-1.noarch.rpm
d1283d417dacb74d67334c06420679aae62d088bd3439c8135ccfc272fd5b95b  openfire_4.7.5_all.deb
60d8efb96a1891cda2deac2cda9808cf6adec259f090d3a7fb2b7ca21484d75b  openfire_4_7_5.exe
98d36c2318706c545345274234e2f5ccbf0f72f7801133effea342e2776b8bb0  openfire_4_7_5.tar.gz
e95348be890aff64a7447295ab18eebb29db4bdc346b802df0c878ebbbf1d18e  openfire_4_7_5_x64.exe
a5bb8c9b944b915bdf7ecf92cd2a689d0cf09e88bfc2df960f38000f6b788194  openfire_4_7_5.zip
Assets 9

Openfire 4.6.8 Release

23 May 14:36
@akrherz akrherz
v4.6.8
db7e786
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.6.8 Release

Bug

  • [OF-2595] - CVE-2023-32315 Admin Console Auth Bypass.
  • [OF-2596] - OF-2596 Improve detection of path traversal.
  • [OF-2597] - OF-2597 Add config option for using wildcards in AuthCheckFilter.
  • [OF-2598] - OF-2598 Remove wildcard usage in AuthCheckFilter.
  • [OF-2599] - OF-2599 Avoid having setup-specific auth-excludes after install.

sha256sum values

aa1947097895a6d41bc8d1ac29f6ea60507bce69caadc497b4794a2a4110dc20  openfire-4.6.8-1.i686.rpm
346871c71eff8e3b085fecd2f8dce5bfbf387885cfa7aff2076d42bd7273f70b  openfire-4.6.8-1.noarch.rpm
37e4cc510cc2a59de50288c0e3baa53dcc702631433a01873a9270eeb7c789db  openfire-4.6.8-1.x86_64.rpm
e92c5a0b76da5964b2e3fa43686ad63db29ef891ec7266ab16fe3a93b06c9e01  openfire_4.6.8_all.deb
c6e0e40c55a81276881e93469ce88a862226ce33e58c8811e760427b878ebed4  openfire_4_6_8_bundledJRE.exe
1b4c209453fffb6a6310354b425995bb92c1f09944eed35a1fd61a30201355bc  openfire_4_6_8_bundledJRE_x64.exe
6b19394dc3f275ca039f85af59ca4f2fc5f628e2505cb39e59f5cfa55d605788  openfire_4_6_8.exe
b22fce993bce4930346183d5edc1e9e38827a47ed8f64c41486a105f574cc116  openfire_4_6_8.tar.gz
7c5769c7c8869ce2dfbb93fbbf1ec97a4e8509d61f8c14ba3f6be20abd05e90e  openfire_4_6_8_x64.exe
72f27d063446479e1d4ceb2a46ac838f5462dfca53032cfa068eb96ef08d0697  openfire_4_6_8.zip
Assets 12

Openfire 4.7.4 Release

09 Nov 15:55
@akrherz akrherz
v4.7.4
51b9db9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.4 Release

Improvement

  • [OF-2498] - Improve performance of MUC, based on stress test profiling
  • [OF-2499] - MUC Room history shouldn't be serialized as part of a MUC Room
  • [OF-2502] - Reduce resource usage of MUC stats collection
  • [OF-2504] - Re-instate MINA JMX monitoring
  • [OF-2511] -Prevent retrieving more MUC messages from DB than needed
  • [OF-2516] - Add TX/RX, Remove Priority from session summary page
  • [OF-2518] - Try loading favicons over HTTPS and HTTP
  • [OF-2524] - Improve MUC history load time for single rooms
  • [OF-2525] - Deprecate XMLProperties constructors that can't write back
  • [OF-2531] - Remove unneeded JID-based lock in MUC
  • [OF-2537] - Advertise support for pubsub's "multi-item" feature.

Story

  • [OF-2528] - Migrate usages of set-output in Github Actions
  • [OF-2529] - Upgrade Apache Commons Text from 1.6 to 1.10

Bug

  • [OF-2415] - Openfire Docker image fails to start if an empty plugins directory exists
  • [OF-2495] - Websocket onError handler prevents earlier data to be processed
  • [OF-2509] - openfirectl does not store PID
  • [OF-2512] - User lock-out with custom value does not take effect
  • [OF-2517] - "Packet sent" session stat remains 0 for BOSH sessions
  • [OF-2519] - Group JIDs in MUC rooms without preloading causes issues

sha256sum values

a6a98540e3ab6da65916f630b7b22d04e7ec125be9d09ae98121f6075ef2ef77  openfire-4.7.4-1.noarch.rpm
5f4bd4e6390bdfe99a63e4e72b25200461854348a9f6039368cffe1c509782fa  openfire_4.7.4_all.deb
6bebb52b4828d9564b1e22f3d0aebaeec6eefb1e5c7899549747b48bc8d6e30d  openfire_4_7_4.dmg
142d923f0b17e4dff65b01f69d9d5885494798011157a64cfef8847063f503ee  openfire_4_7_4.exe
9ebcb9c15d38d4f8fb528a79f0f53440179d64c214176c2d9e578b11762258dd  openfire_4_7_4.tar.gz
ef233db999c8a18ac43edb7fd17657c7677c0ce2e29f09c9ccb53185c451ded3  openfire_4_7_4_x64.exe
ba0fb1d992c5169da466107e7752f5eee588d79987dcf052e5b68abc101f7173  openfire_4_7_4.zip
Assets 9

Openfire 4.7.3 Release

02 Aug 12:00
@akrherz akrherz
v4.7.3
ac717b3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.3 Release

Bug

  • [OF-2486] - MUC mediated invite MUST have a invite-from
  • [OF-2484] - UpdateManager - Error: update service check did not save correctly. Stopping update service.
  • [OF-2482] - Error when opening keystore admin console page
  • [OF-2480] - Admin console is unavailable ~30 seconds after setup finishes
  • [OF-2473] - Deadlock Websocket
  • [OF-2470] - NPE in MultiUserChatServiceImpl
  • [OF-2469] - NPE in Pubsub admin console page
  • [OF-2423] - Too many sessions removed when one session logs out
  • [OF-2181] - "click here" HTTP server restart link on certificate store admin console page is same color as info message
  • [OF-1396] - PubSub Admin Console - 'Cancel' takes user to 'Node Summary'

Improvement

  • [OF-2490] - Reduce log level when anonymous user tries to use PEP
  • [OF-2489] - Reduce log level severity of SOCKS5 error
  • [OF-2488] - Reduce log level severity of failure to do a DNS lookup
  • [OF-2487] - Make replacement of XML file more atomic
  • [OF-2483] - Delay restart of admin console when truststore content is changed
  • [OF-2481] - Software version not visible in admin console in S2S Overview
  • [OF-2472] - Pubsub node summary search/order functionality
  • [OF-2471] - Audit log should show friendly name for groupJID and not base32hex encoded one
  • [OF-2467] - Groups are deselected when changing role within Room Permissions
  • [OF-2466] - Groups should be sorted within Room Permissions area

New Feature

  • [OF-2479] - Allow Tsung to test with websockets

sha256sum values

f05df8e68b8d52ef2941d80884484e62dcface5069868d3f51d2bfe17a72ea5a  openfire-4.7.3-1.noarch.rpm
8ba71bbf0b1abb5c2cd0e18dc20ade77ca2714d58a8ad5313f64614bdc7dac44  openfire_4.7.3_all.deb
d2b1ffa24b3d86858e4d5451a094193c839bceae0a73773fa5ae0e114d0732ff  openfire_4_7_3.dmg
41056744e15e3a9b384b852f5e2c1d1ebb4bfd1d79bb10b54526a1fd9a7fee07  openfire_4_7_3.exe
3ced4613c3cef61068fb89eed723e49b5845e960c6eec194961f75bc65042832  openfire_4_7_3.tar.gz
9c8ebcb930f2373713c1eb53a4b70d9f76a8577b95cbefd41e1ae284c2ff28aa  openfire_4_7_3_x64.exe
670db7574e6b528145c002f22f58789f949d5d5c03fbe372204816db07bd01e7  openfire_4_7_3.zip
Assets 9

Openfire 4.7.2 Release

13 Jul 12:56
@akrherz akrherz
v4.7.2
c0f2614
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.2 Release

Bug

  • [OF-2465] - Prevent using a collection function with itself as an argument
  • [OF-2458] - ConcurrentModificationException in MUC cache size calculation
  • [OF-2456] - MUC nickname changes are not properly propagated in cluster
  • [OF-2450] - When pausing a BOSH connection, wrong connection could get answered to
  • [OF-2448] - Do not close replacement BOSH connection
  • [OF-2444] - Deadlock in BOSH
  • [OF-2431] - Incorrect restriction on retrieving member-list of MUC room
  • [OF-2421] - OccupantManager should be thread-safe
  • [OF-2401] - Pubsub node should not change parent without changing parentIdentifier

Improvement

  • [OF-2460] - Bumps mysql-connector-java from 8.0.27 to 8.0.28.
  • [OF-2446] - Use more appropriate data type for org.jivesoftware.openfire.http.HttpSession#sentElements
  • [OF-2445] - BOSH: prevent pendingElements to be added to if HttpSession is closed
  • [OF-2432] - Expose member-only MUCs member list to all occupants
  • [OF-2428] - Allow MUC occupants to ask each-other's VCards
  • [OF-2424] - LocalSession.toString should not log an error
  • [OF-2416] - Allow PEP to be enabled/disabled without restarting Openfire
  • [OF-2405] - Enhance log info of loaded plugin by version
  • [OF-2398] - Show 'locked' room status in admin console

sha256sum values

998e469fad00452004c9f9d6c309c6749fa48d53af48c1501407f0f77870edca  openfire-4.7.2-1.noarch.rpm
72ee5a31685f6010fc14a992d87d2d1f9c49b79b4e718c239520911ec7167340  openfire_4.7.2_all.deb
674bab49908ff4de14f54dab1fdf7a6a29904b32f00669289b793d8dc19189c8  openfire_4_7_2.dmg
66571c760776d02a28d00ed3c0ca085c327a1874f9d75f8b2037b347ec99decb  openfire_4_7_2.exe
707ede6cc6d8d8bcce257c7f30d8a79fc7ed52576fb217a8220b800f2d52be64  openfire_4_7_2.tar.gz
8eeaf4f07948d10b6b77b3e1e8b8d1f65a6ad3ffd85e5353a2d8055503d724fc  openfire_4_7_2_x64.exe
ad07c991a3812a45250b303e95129a37242de01a591cce438057437d4f5a30d9  openfire_4_7_2.zip
Assets 9

Openfire 4.7.1 Release

16 Feb 15:53
@akrherz akrherz
v4.7.1
d7dfd04
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.1 Release

Bug

  • [OF-2392] - Logging fails when Openfire started with Install4j 'openfire' launcher
  • [OF-2381] - MUC idle user handling
  • [OF-2379] - In-memory pubsub representation should guarantee order of items
  • [OF-2375] - Fix references to openfire.log

Improvement

  • [OF-2394] - Bump postgresql from 42.2.25 to 42.3.3
  • [OF-2393] - Update SLF4J to 1.7.36
  • [OF-2390] - Increase MUC idle kick default value to allow for SM
  • [OF-2387] - Update Postgres driver

Sub Task

  • [OF-113] - Openfires admin gui allows to enter long group names while the database supports only 50 characters.

Tasks

  • [OF-2384] - Enable Openfire debugging for Docker
  • [OF-2376] - Update mysql-connector from 8.0.27 to 8.0.28

sha256sum values

ec8e0a8a52cb28b50afea8060664d2c28a66b99f529e1c79a80e44d3dd14322d  openfire-4.7.1-1.noarch.rpm
be5fd37af0d45f5b22a56b617154615ac8ed0d8424744d8cfb0b94c34b182cbb  openfire_4.7.1_all.deb
2a5db207e92482147082157ea7c0b308865cbf5efc414be244fb29d14a87c0d3  openfire_4_7_1.dmg
5632e794bc13cb00556d1fa80a3262837049e21a6c9a40ea6dce06b4411d8608  openfire_4_7_1.exe
c8007ca87780b349db2c42e013fd129c7f24a189ce34c4595fe2a55fcb8ac404  openfire_4_7_1.tar.gz
ece0e0adaa907710779633427be96b0c72b00bf61d335a28f18a04e0d32fd683  openfire_4_7_1_x64.exe
112b0ef0604e6d3a3ee5eaac9fc604d468c679fa453825164fb51ea16149348b  openfire_4_7_1.zip
Assets 9

Openfire 4.7.0 Release

19 Jan 15:50
@akrherz akrherz
v4.7.0
e020f58
Compare
Choose a tag to compare
Openfire 4.7.0 Release

Release notes - Openfire - Version 4.7.0

Bug

OF-2368 Ghost detection shouldn't kick non-ghost occupants

OF-2367 (TCP) clients are suddenly unable to log into the server

OF-2365 Parent node subscribers shouldn't always get pubsub node notifications

OF-2358 When a room is destroyed, the room instance might be non-existent

OF-2350 DefaultExternalizableUtil ignores provided ClassLoader instances

OF-2348 Plugin JAR can't unload on Windows with newer versions of Java

OF-2346 XMPPServer#matchesComponent shouldn't require full-JID match

OF-2345 component-based address incorrectly identified as remote

OF-2343 Inconsistent leave presence sending to leaving occupant

OF-2341 Apparent thread lock (deadlock?) in MUC after clustering reimplementation

OF-2339 Incomplete room list following a cluster split

OF-2338 NullPointerException on MUC search if name is empty

OF-2337 PEP publishing fails after reboot

OF-2336 DefaultCache put returns wrong value when to big value is added

OF-2329 XML parsing bug when tag-name is not followed by space or '>'

OF-2328 Error when standalone Openfire checks for timed out users

OF-2325 100% CPU from never-ending Dialback

OF-2324 NullPointerException in client sessions page on admin console

OF-2322 Outbound S2S stanzas can be delivered out-of-order

OF-2321 Concurrency issue with sending/establishing outbound S2S connection.

OF-2315 NPE when setting up S2S

OF-2314 Cache data inconsistency: outgoing server sessions

OF-2313 Cache data inconsistency: incoming server sessions

OF-2312 Not all admins are warned when cache inconsistencies occur

OF-2311 Cache data inconsistency: Sessions

OF-2308 MUC should disallow nickname change to reserved nickname

OF-2305 MUC nickname change processed as new join

OF-2304 MUC nickname changes should not be possible for non-occupants

OF-2300 Clustered caches can loose 'local' data upon cluster breakage.

OF-2299 NullPointerException when cleaning up directed presences in 3-node cluster

OF-2297 Cluster leave can result in lost data MUC

OF-2296 Cluster join/leave events are processed twice in MUC

OF-2294 MUC consistency check failure

OF-2293 Duplicate occupant in MUC

OF-2292 ConcurrentModificationException in new MUC cluster code

OF-2291 ConcurrentModificationException in new MUC cluster code

OF-2290 Cache locking with Strings has problems equal to using a String as a mutex

OF-2289 String-based Interners still can cause deadlocks

OF-2282 Log4j config is ignored at boot time.

OF-2281 Admin console error when using In-Memory datastore for pubsub

OF-2278 Cache locking does not always work with primitive types

OF-2250 Multiplexer backup deliverer should be used

OF-2249 Backup delivery for BOSH should be 'offline'

OF-2245 Prevent needlessly scheduled tasks after Http Session closure

OF-2244 Offline presence subscription loses details

OF-2213 Update dependencies identified by Snyk

OF-2206 BOSH session disconnect through server should inform client

OF-2167 Federated users should be able to query a MUC room in a cluster

OF-2165 Prevent potential nickname clashes when occupants of clustered MUC room are merged.

OF-2164 Updating A MUC service should propagate in the cluster

OF-2156 BOSH Concurrency issue

Improvement

OF-2371 Outbound S2S stanza queue should be larger

OF-2370 RemoteServerManager's canAccess should evaluate both Direct and nonDirect TLS

OF-2369 Do not establish S2S when not accepting S2S of the same type

OF-2363 Improve LGTM score for xmppserver/webapp/javascript

OF-2362 JDBCAdminProvider LGTM synchronising on a string

OF-2361 GroupManager LGTM String Synchronisation Changes

OF-2360 Create API to check for availability of plugins/versions on each cluster node

OF-2357 Update SLF4J to 1.7.32

OF-2356 Update Bouncy Castle to 1.70

OF-2355 Update Log4j to 2.17.1

OF-2354 String-based SystemProperty lists should allow for whitespace comma separation

OF-2353 Update Log4j dependency to 2.16.0 to address Log4Shell/LogJam

OF-2352 Use plugin-provided servlet context

OF-2351 Update Log4j dependency to 2.15.0 to address Log4Shell/LogJam

OF-2349 Admin console should show (full) default value for system property

OF-2340 send stanzas that are 'responses' through PacketRouter, not RoutingTable

OF-2320 MUC room avatars fail

OF-2319 muc#roomconfig_allowpm should only affect Message stanzas

OF-2317 Prevent NPE when admin page obtained without session

OF-2316 Make S2S fast-discard timeout configurable

OF-2307 Changing MUC nickname to one that's already used by your other resource

OF-2303 Remove unused UserManager field from SessionManager

OF-2298 Use status code 333 when MUC occupants leave due to clustering error

OF-2287 Add MUCEventDelegate to interface

OF-2283 Show distinct servers when looking at remote S2S details

OF-2276 Broadcast status codes when privacy settings of a MUC room change

OF-2275 When joining a MUC room that has logging enabled, status 170 should be returned.

OF-2256 Add CORS headers to websockets

OF-2254 Distinguish between property values that are set to the default value, or are just defaults.

OF-2252 Reduce log level for BOSH request that time out

OF-2251 Threadpool for BOSH network-IO should be configurable

OF-2248 BOSH...

Read more
Assets 9