pkgsrc.se | The NetBSD package collection

./chat/prosody, Flexible communications server for Jabber/XMPP written in Lua

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2011Q1, Version: 0.8.1, Package name: prosody-0.8.1, Maintainer: filip

Prosody is a flexible communications server for Jabber/XMPP written in Lua.
It aims to be easy to use, and light on resources. For developers it aims
to be easy to extend and give a flexible system on which to rapidly develop
added functionality, or prototype new protocols.

Required to run:
[textproc/lua-expat] [lang/lua] [net/lua-socket] [security/lua-sec] [devel/lua-filesystem] [devel/libidn]

Required to build:
[devel/gmake]

Master sites:

http://prosody.im/downloads/source/ (Download)

SHA1: 7de714c019eca35346300c61d609ad2ce999b692
RMD160: d0b357fb0a9e8ba77b0f45f6342172e262ec018b
Filesize: 207.002 KB

Version history: (Expand)

(2011-06-07) Updated to version: prosody-0.8.1
(2011-04-04) Package added to pkgsrc.se, version prosody-0.7.0 (created)

CVS history: (Expand)

2011-06-06 21:49:00 by Matthias Scheler | Files touched by this commit (9) | Package updated

Log message:
Pullup ticket #3448 - requested by schnoebe
textproc/lua-expat: security update
chat/prosody: security update

Revisions pulled up:
- chat/prosody/Makefile                                         1.3 via patch
- chat/prosody/PLIST                                            1.2
- chat/prosody/distinfo                                         1.2
- chat/prosody/patches/patch-aa                                 1.2
- chat/prosody/patches/patch-ab                                 1.2
- chat/prosody/patches/patch-ac                                 deleted
- chat/prosody/patches/patch-ad                                 1.2
- textproc/lua-expat/Makefile                                   1.16
- textproc/lua-expat/distinfo                                   1.5

---
   Module Name:	pkgsrc
   Committed By:	schnoebe
   Date:		Sat Jun  4 23:13:40 UTC 2011

   Modified Files:
   	pkgsrc/textproc/lua-expat: Makefile distinfo

   Log message:
   Update textproc/lua-expat to 1.2.0.

   Required for updating chat/prosody to 0.8.1, which helps handle the
   "billion laughs" exploits on XML parsers and XMPP servers.

   Change log as recorded in the README:

   Version 1.2.0 [02/Jun/2011]

           * support for the StartDoctypeDecl handler
   	* add parser:stop() to abort parsing inside a callback

---
   Module Name:	pkgsrc
   Committed By:	schnoebe
   Date:		Mon Jun  6 14:41:48 UTC 2011

   Modified Files:
   	pkgsrc/chat/prosody: Makefile PLIST distinfo
   	pkgsrc/chat/prosody/patches: patch-aa patch-ab patch-ad
   Removed Files:
   	pkgsrc/chat/prosody/patches: patch-ac

   Log message:
   Update to prosody 0.8.1.

   A security and bug fix release.  The security aspect is to mitigate the
   "billion laughs" denial-of-service attack against XML parsers and XMPP
   servers.

   Other changes:

   - Reject XML DTDs, comments and processing instructions, preventing
     the "billion laughs" attack
   - Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
     large data (such as large avatars)
     Prosody automatically upgrades the table in-place if possible, see:
     http://prosody.im/doc/mysql
   - Fix for endless loop when parsing certain invalid JSON
   - Fix PostgreSQL compatibility in prosody-migrator
   - Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
   - mod_legacyauth now correctly disabled for unencrypted connections by default
   - Components properly inherit SSL settings and certificates from their
     'parent' hosts
   - Prevent startup with no VirtualHost entries in the config file