Openfire v4.6.0 Release Notes

Release Date: 2020-10-16 // almost 2 years ago
  • sha1sum's

    3747eb30a9c301cb4e169ea58682bffaec928d45 openfire-4.6.0-1.i686.rpm
    446dd40b68e89311f4e7de62af4cb1dfe44cff2d openfire-4.6.0-1.noarch.rpm
    74023de1be0211bbc6879173bc9a5875605cd375 openfire-4.6.0-1.x86_64.rpm
    0db33511ff833dc904ea7845d6eb3294cf418782 openfire_4.6.0_all.deb
    fe7684d7ddf12896d138af64adb2d79f62874c29 openfire_4_6_0_bundledJRE.exe
    cb490c5762c2f2f4ccd70a5a09b5faab59dc5e99 openfire_4_6_0_bundledJRE_x64.exe
    fb915d112f522860fdd419c8bc0371f7a4a2105a openfire_4_6_0.dmg
    a5fada882ace449df9056205618e86312a08ec6e openfire_4_6_0.exe
    43a5b890e52b4baa7e8096410a7b398c89ad4d33 openfire_4_6_0.tar.gz
    d11cfed06901fef69fcac1c3c4e28f60256baf62 openfire_4_6_0_x64.exe
    86e150c2cb9b74c63b3907e3c036cc046c78c5ba openfire_4_6_0.zip
    436f9833fe8d7185c800daf3d35c2d5d11d1f6ea openfire_src_4_6_0.tar.gz
    a3a274b2f12d4cf9f15cb981e6c2b18c78ca07c6 openfire_src_4_6_0.zip
    

    ๐Ÿ”„ Changelog

    ๐Ÿ› Bug

    • [OF-872] - Openfire violates RFC 6120 ยง 10.3.
    • ๐Ÿ‘ป [OF-1696] - Personal Eventing menu shows exception on a first try
    • [OF-1789] - HTTP-Bind failure
    • [OF-1836] - Properly handle s2s timeouts
    • [OF-1888] - Faulty assumption in RoutingTableImpl leads to NPE
    • [OF-1975] - Do not trigger offlinemessagelisteners when no message is stored
    • [OF-1992] - IQPEPHandler does not consistently identify "addressed to server" stanzas
    • [OF-1993] - Prepared Statement should always close on method exit
    • [OF-1995] - It should be possible to query anonymous users for service discovery
    • [OF-1998] - HTTP Bind session listeners are never invoked
    • [OF-2012] - Should not add client route when client becomes unavailable.
    • [OF-2016] - Do not depend on existing PEP service when creating PEP service
    • [OF-2038] - Shared groups should not be looked up in LDAP
    • [OF-2042] - MUC does not adhere to XEP-0045 Order of Events
    • [OF-2046] - Comments in sidebar-admin.xml
    • [OF-2049] - Ensure room isn't deleted before leave presences are sent
    • [OF-2050] - Stream management concurrency
    • [OF-2054] - Dataforms of type result should include form field types
    • [OF-2057] - All resources PEP service owner should receive notification
    • [OF-2058] - LDAP group with non-existing user not loaded
    • [OF-2060] - Cluster nodes leaving break component routing
    • [OF-2080] - NPE when retrieving empty pubsub node
    • [OF-2084] - PubSubModule incorrectly disregards empty strings as parent IDs
    • [OF-2085] - Pubsub: Do not require items to persist cache content
    • [OF-2086] - Persist cached pubsub data prior to shutdown
    • [OF-2092] - PEP service memory leak
    • [OF-2093] - JDK11: java.lang.NoSuchMethodError: java.nio.CharBuffer.flip()
    • [OF-2100] - Admin Console error when editing group with non-local members
    • [OF-2102] - Incorrect Pubsub Service shutdown logic
    • [OF-2105] - PEPService removal should occur when not loaded in memory.
    • [OF-2106] - Incorrect usage of UserManager.isRegisteredUser()
    • [OF-2107] - Server message broadcast doesn't do as advertised

    ๐Ÿ†• New Feature

    • ๐Ÿ‘ [OF-1968] - Avatar support for MUC rooms.
    • ๐Ÿ”ง [OF-1978] - MUC: add configuration that allows join presence to be suppressed
    • [OF-1989] - Introduce in-memory only pubsub persistence provider
    • ๐Ÿ‘ [OF-2030] - Add support for XEP-0289: Federated MUC for Constrained Environments
    • [OF-2033] - Add automatic cleaning of outdated offline messages
    • [OF-2108] - Expose use privacy lists on admin console

    Task

    • [OF-1880] - Provide DOAP for Openfire
    • โšก๏ธ [OF-2031] - CVE-2020-10683 Update dom4j to 2.1.3 or later
    • โšก๏ธ [OF-2088] - Update MySQL Connector/J to version 8.0.21

    ๐Ÿ‘Œ Improvement

    • [OF-1837] - JDBC providers should have an option to escape data
    • ๐Ÿ‘ [OF-1869] - Announce PEP feature support for 'auto-subscribe' and 'filtered notifications'
    • [OF-1981] - Allow roster item 'ask' to be modified.
    • [OF-1982] - Add -Djdk.tls.ephemeralDHKeySize=matched and/or Djsse.SSLEngine.acceptLargeFragments=true to startup parameters
    • [OF-1983] - Provide start argument to run dev mode
    • [OF-1984] - Replace DummyExternalizableUtil
    • [OF-1985] - Decouple Pubsub implementation
    • [OF-1986] - Don't unconditionally auto-create PEPService.
    • [OF-1987] - Improve PubSub Caching
    • [OF-1988] - Introduce pluggable provider mechanism for PubSub persistency
    • [OF-1990] - pubsub: split cache from persistence
    • [OF-1994] - Properly deny anonymous users access to Private Storage
    • [OF-1996] - Improve shutdown sequence
    • ๐Ÿ”€ [OF-2000] - Don't use intern'ed strings to synchronize on
    • [OF-2001] - IQ Bind results should not have a 'from' value.
    • [OF-2002] - Do not offer private blocking to anonymous users.
    • [OF-2003] - Bump slf4j to version 1.7.30
    • [OF-2004] - Have an ad-hoc command accessible to everyone
    • [OF-2008] - Autosetup should allow for users to be provisioned
    • [OF-2024] - Fix favicons
    • [OF-2025] - PEP publishing should evaluate all recipient JIDs
    • [OF-2032] - Make connection type fallback for WEBADMIN c2s
    • [OF-2039] - Support on_sub_and_presence
    • [OF-2047] - When setting HTTP response headers, set instead of add them.
    • โšก๏ธ [OF-2048] - Update log4j dependency
    • [OF-2053] - XEP-0013 Return an <item-not-found/> error while retrieving specific offline message
    • 0๏ธโƒฃ [OF-2056] - DefaultPubSubPersistenceProvider#savePublishedItems is leaking database connections
    • 0๏ธโƒฃ [OF-2061] - Default value for pubsub#persist_items (in PEP) should be 'true'
    • ๐Ÿ›ฐ [OF-2062] - Pubsub item payload should allow for (much) larger size
    • [OF-2064] - Invoke IQResultListeners on other cluster nodes for domain-addressed stanzas
    • ๐Ÿ”’ [OF-2071] - 'Lock' should be locked in front of a 'try' block (instead of in to block).
    • [OF-2072] - Allow empty 'mechanisms' SASL tag to be excluded
    • โšก๏ธ [OF-2087] - Update Jetty to 9.4.31.v20200723
    • [OF-2089] - XEP-0045 7.2.13 - ofrom adresses in message stanza
    • โš  [OF-2091] - Decorate 'warning' text
    • [OF-2094] - Mitigate XXE attacks
    • [OF-2095] - Account for a PEP notification recipient to be the service owner
    • [OF-2096] - Prevent bypassing PEP notification logic
    • [OF-2097] - Allow CAPS to be reviewed in admin console
    • ๐Ÿ”ง [OF-2098] - Show pubsub node configuration on Admin Console
    • ๐Ÿ”จ [OF-2110] - Refactoring of fallback check inConnectionType

Previous changes from v4.6.0.beta

  • sha1sum for each binary:

    aa1c503808d54904456d9f41ba715f85eb1925d3 openfire-4.6.0-0.2.beta.i686.rpm
    1732df79b0fa8e5359df313e56314e728e8dd3e6 openfire-4.6.0-0.2.beta.noarch.rpm
    8e2ef7835da4d094099357ac7137fb848f30f376 openfire-4.6.0-0.2.beta.x86_64.rpm
    d7425999ae0d39362b1a11e60c7ec3215b0e6efc openfire_4.6.0_all.deb
    231601705ada84c465c1942c56fc8c49f7fb7239 openfire_4_6_0_beta_bundledJRE.exe
    0e326b6d6df89a3ccb9e09a199ed97eef40cd358 openfire_4_6_0_beta_bundledJRE_x64.exe
    b20c6fffff57b970c465e3d8ba010bac94e9df15 openfire_4_6_0_beta.dmg
    c244234d55d9e37907b2901e5c1dc22cad833221 openfire_4_6_0_beta.exe
    06ff956ba1f1faa7b889ab4be0fad80062475844 openfire_4_6_0_beta.tar.gz
    c66fa82bafcf8039b22e148fc95ef8938ece200a openfire-4.6.0beta.tar.gz
    71f2bd20ad41c317b760e8b07b4870c534dc6b6a openfire_4_6_0_beta_x64.exe
    dbda855fd20a23b7e66839349571ca3fa2826758 openfire_4_6_0_beta.zip
    cd72160b919510e6379b69900f8e7cfd2a9d76e8 openfire-4.6.0beta.zip