Path to this page:
Subject: CVS commit: pkgsrc/chat/prosody
From: Filip Hajny
Date: 2016-01-25 14:01:39
Message id: 20160125130139.85BF3FBB7@cvs.NetBSD.org
Log Message:
Update chat/prosody to 0.9.9.
Security fixes:
- Fix path traversal vulnerability in mod_http_files (CVE-2016-1231)
- Fix use of weak PRNG in generation of dialback secrets (CVE-2016-1232)
Bugs:
- Improve handling of CNAME records in DNS
- Fix traceback when deleting a user in some configurations
- MUC: restrict_room_creation could prevent users from joining rooms
- MUC: fix occasional dropping of iq stanzas sent privately between
occupants
- Fix a potential memory leak in mod_pep
Additions:
- Add http:list() command to telnet to view active HTTP services
- Simplify IPv4/v6 address selection code for outgoing s2s
- Add support for importing SCRAM hashes from ejabberd
Files: