Skip to content

Releases: igniterealtime/Openfire

Openfire 4.9.1 Release

01 Nov 16:14
@akrherz akrherz
v4.9.1
5ac6f7d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.9.1 Release Latest
Latest

Improvement

  • [OF-2880] - Disable directory listing of admin console
  • [OF-2893] - Make it clearer when a plugin exposes HTTP wildcard routes

Bug

  • [OF-2868] - NullPointerException while configuration encryption algorithms
  • [OF-2873] - Improvements to debian build
  • [OF-2874] - RPM build script fails when date locale non-english
  • [OF-2884] - Making a group member a group admin removes the user from the group
  • [OF-2890] - CSRF bug prevents AD admin test
  • [OF-2891] - Misaligned button in directory service admin setup
  • [OF-2896] - Memory Leak PreAuthSessions
  • [OF-2897] - No-such-user detection misses anonymous users
  • [OF-2898] - Session Destroyed event no longer published
  • [OF-2899] - Handle null SASL mechanisms

sha256sum values

8c489503f24e35003e2930873037950a4a08bc276be1338b6a0928db0f0eb37d  openfire-4.9.1-1.noarch.rpm
1e80a119c4e1d0b57d79aa83cbdbccf138a1dc8a4086ac10ae851dec4f78742d  openfire_4.9.1_all.deb
69a946dacd5e4f515aa4d935c05978b5a60279119379bcfe0df477023e7a6f05  openfire_4_9_1.dmg
c4d7b15ab6814086ce5e8a1d6b243a442b8743a21282a1a4c5b7d615f9e52638  openfire_4_9_1.exe
d9f0dd50600ee726802bba8bc8415bf9f0f427be54933e6c987cef7cca012bb4  openfire_4_9_1.tar.gz
de45aaf1ad01235f2b812db5127af7d3dc4bc63984a9e4852f1f3d5332df7659  openfire_4_9_1_x64.exe
89b61cbdab265981fad4ab4562066222a2c3a9a68f83b6597ab2cb5609b2b1d7  openfire_4_9_1.zip
Assets 9
Loading

Openfire 4.9.0 Release

17 Sep 18:08
@akrherz akrherz
v4.9.0
6958b32
Compare
Choose a tag to compare
Openfire 4.9.0 Release

Improvement

  • [OF-2854] - Do not build a distribution.jar
  • [OF-2855] - Avoid non-cross platform filesystem references in Maven assembly
  • [OF-2856] - Do not attempt to attach basic-distribution directory as a Maven artifact
  • [OF-2857] - Replace bundled install4j runtime with a Maven dependency
  • [OF-2864] - Deprecate custom Base64 class
  • [OF-2869] - Add support for Persian/Farsi

Task

  • [OF-2867] - Remove code marked for deprecation in 4.9.0 or later

Sub-task

  • [OF-2860] - Rename MUCRole, non-breaking changes

Bug

  • [OF-2830] - Plugin servlet mapping not precise
  • [OF-2848] - Presence sent after room destruction sometimes doesn't include required element
  • [OF-2853] - Admin console cluster overview bars are wrong
  • [OF-2872] - Unexpected disconnects (possibly involving cyrillic character usage)

sha256sum values

7973cc2faef01cb2f03d3f2ec59aff9b2001d16b2755b4cc0da48cc92b74d18a  openfire-4.9.0-1.noarch.rpm
a0cd627c629b00bb65b6080e06b8d13376ec0a4170fd27e863af0573e3b4f791  openfire_4.9.0_all.deb
bf62c02b0efe1d37fc505f6942a9cf058975746453d6d0218007b75b908a5c3c  openfire_4_9_0.dmg
1082d9864df897befa47230c251d91ec0780930900b2ab2768aaabd96d7b5dd9  openfire_4_9_0.exe
12a4a5e5794ecb64a7da718646208390d0eb593c02a33a630f968eec6e5a93a0  openfire_4_9_0.tar.gz
c86bdb1c6afd4e2e013c4909a980cbac088fc51401db6e9792d43e532963df72  openfire_4_9_0_x64.exe
97efe5bfe8a7ab3ea73a01391af436096a040d202f3d06f599bc4af1cd7bccf0  openfire_4_9_0.zip
Assets 9
Loading

Openfire 4.8.3 Release

11 Jul 14:59
@akrherz akrherz
v4.8.3
4abc5cc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.3 Release

Improvement

  • [OF-2846] - Update zh_CN translation

Bug

  • [OF-2843] - When admin attempts to ban owner, incorrect error condition is returned
  • [OF-2844] - Admins and owners must not be able to ban themselves
  • [OF-2845] - Failing close listener can severely delay closure of connection

sha256sum values

b86bf8c01ede9cb2ae4f43dfd2f49239d9af2d73f650c7c2d52e5a936035e520  openfire-4.8.3-1.noarch.rpm
3f6da6c89ce701d974f6a1afe5ac0245f7112c5d165934eb1a85a749a1f040e2  openfire_4.8.3_all.deb
4fce60210033216556881fd9c988bea3ce30c0ed845f4dec3d4284ee835e8208  openfire_4_8_3.dmg
28b64c144001b0f6fb6eb4705d0bb1a92581774369378196182b8d35237b83be  openfire_4_8_3.exe
43d3b042357a5c975785f3f223490e3dd18b1f499c206be6cd0857172cc005fc  openfire_4_8_3.tar.gz
a09752fbe1226724d466028036fc65d31fe88e60a0efb27a87f1e10ab100fbb1  openfire_4_8_3_x64.exe
5c0638f150ccb61471b4b5152743b6d18cbe008473f454ed0091a13d7b80cb85  openfire_4_8_3.zip
Assets 9
Loading

Openfire 4.8.2 Release

03 Jul 15:10
@akrherz akrherz
v4.8.2
4da89ed
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.2 Release

Improvement

  • [OF-2818] - Websocket buffers should not be 5MB
  • [OF-2825] - Implement XEP-0030's security considerations
  • [OF-2827] - Make handling of 'username' consistent between JdbcAuth- and JdbcUserProvider
  • [OF-2834] - Update Bouncy Castle to 1.78.1
  • [OF-2835] - Advertise XEP-0115 support
  • [OF-2840] - XMPPDateTimeFormat parsing improvements

Task

  • [OF-2819] - Update Netty to 4.1.108

Bug

  • [OF-2824] - RoutingTable cache inconsistency
  • [OF-2832] - Cannot set MUC avatar with LdapVCardProvider
  • [OF-2833] - Cannot serialize User instances
  • [OF-2836] - CapsManager ignores provided hash identifier
  • [OF-2838] - MUST return error when user updates someone else's vcard
  • [OF-2839] - MUST return error when requesting VCard from someone that doesn't have one
  • [OF-2841] - Capabilities offered by stream feature doesn't include features for registered users

sha256sum values

4c2674fbf00768cf7ca9ccc9a6ef7e4aa693c19d9885ca469771677934634a40  openfire-4.8.2-1.noarch.rpm
76665dc80607516d12f1c8b7b323417e7993d2f87de2e82deeef43dd6a7d9761  openfire_4.8.2_all.deb
75c513db3c7e50fc5c28a7131aecc0c60ad2f858d7f04a9fe5d58a5de118afec  openfire_4_8_2.dmg
d5af1c2012d092c7c1cd9247db4e4d8039f2617adc9f212d75e549eeca0a389a  openfire_4_8_2.exe
4634e5be6314a5348e5e01413864a8ec6a7b3bbe6e2db1c051512c9bd72a199a  openfire_4_8_2.tar.gz
82c5abdf917b8958311f5813960f3b545266d99d0f646eac9dddbaf0ef52c905  openfire_4_8_2_x64.exe
3327bc610af606a2df28a7077f225a68cf2d04d30a4c37592a5d17f5c22e8c07  openfire_4_8_2.zip
Assets 9
Loading

Openfire 4.8.1 Release

02 Mar 17:58
@akrherz akrherz
v4.8.1
6f4eb4c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.1 Release

Improvement

  • [OF-2651] - Give explict names to Netty's threads
  • [OF-2788] - Have distinct thread pools for each type of connection
  • [OF-2791] - Announce support for PubSub delete-item
  • [OF-2798] - Admin Console should warn end-user if plugin installation failed
  • [OF-2800] - Guard against a surplus of database connection errors being logged
  • [OF-2802] - Upgrade postgresql database driver for CVE-2024-1597

New Feature

  • [OF-284] - Add service administration support

Bug

  • [OF-2166] - When deleting a user, remove it from transient MUC rooms
  • [OF-2310] - Cache data inconsistency: MUC
  • [OF-2758] - Deleting an admin user does not remove the name from \`admin.authorizedJIDs\`
  • [OF-2768] - Do not use default value for user's creation / last modified date
  • [OF-2774] - 4.8.0 not counting "whitespace ping" as session activity
  • [OF-2775] - RSS News Feed appears empty
  • [OF-2777] - Misbehaving Shared-With-Group option for Contact List sharing
  • [OF-2778] - Duplicate \(group\)chat messages are received
  • [OF-2781] - SerializableCache appears to be unusable \(ClassCastException on creation\)
  • [OF-2782] - SerializableCache instances do not get recreated on cluster switch
  • [OF-2792] - Cache-summary page shows wrong stats when using Clustering
  • [OF-2795] - Delete MUC-based authorization when deleting user
  • [OF-2799] - OccupantManager doesn't remove all items when clustering
  • [OF-2805] - Session details shows 'resource' column, but does not show resources
  • [OF-2806] - Routing Servers cache inconsistency doesn't list the missing items
  • [OF-2807] - Contact List \(Roster\) Sharing changes are not immediately applied
  • [OF-2808] - Stream Management Resume fails
  • [OF-2809] - Disabling client idle time breaks websockets
  • [OF-2810] - Resumed stream is no longer resumable

sha256sum values

2ff28c5d7ff97305b2d6572e60b02f3708e86750d959459d7c5d6e17d4f9f932  openfire-4.8.1-1.noarch.rpm
f622719e4dbd43aadc9434ba4ebc0d8c65ec30dd25a7d2e99c7de33006a24f56  openfire_4.8.1_all.deb
3507b5d64c961daf526a52a73baaac7c84af12eb0115b961c2f95039255aec57  openfire_4_8_1.dmg
141f6eaf374dfb7c4cca345e1b598fed5ce3af9c70062a8cc0d9571e15c29c7d  openfire_4_8_1.exe
c6f0cf25a2d10acd6c02239ad59ab5954da5a4b541bc19949bd381fefb856da1  openfire_4_8_1.tar.gz
bec5b03ed56146fec2f84593c7e7b269ee5c32b3a0d5f9e175bd41f28a853abe  openfire_4_8_1_x64.exe
7403113b701aaf8a37dcd2d7e22fbb133161d322ad74505c95e54eaf6533f183  openfire_4_8_1.zip
Assets 9
Loading

Openfire 4.8.0 Release

12 Jan 16:58
@akrherz akrherz
v4.8.0
89722b7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' (required for SASL EXTERNAL) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove (unused?) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString() in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration (and newline) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8+ variant of Bouncy Castle
  • [OF-2724] - Resolve (non-breaking) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4
  • [OF-2746] - Add Content Security Policy (CSP) headers to web endpoints

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

Read more
Assets 9
Loading

Openfire 4.8.0 Beta Release

17 Nov 15:10
@akrherz akrherz
v4.8.0beta
01625be
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.8.0 Beta Release

Improvement

  • [OF-1378] - Rename "Legacy SSL" into "Direct TLS"
  • [OF-1861] - Support for TLS 1.2 / 1.3
  • [OF-2116] - Using range retrieval for LDAP groups
  • [OF-2372] - Add support for proxied connections to Admin Console
  • [OF-2377] - Reduce potential thread contention in XMLProperties
  • [OF-2380] - Reduce thread contention in In-Memory pubsub persistence provider
  • [OF-2385] - Shouldn't attempt to load shared groups when feature is unsupported.
  • [OF-2403] - Improve Admin Console's memory usage reporting
  • [OF-2408] - Address static analysis warnings in Crowd package
  • [OF-2409] - Remove obsolete 'type' and 'language' attributes on HTML elements. Use HTML5.
  • [OF-2413] - Include a stream error when closing a stream due to a problem.
  • [OF-2440] - Increase default cache sizes
  • [OF-2449] - Return error when a BOSH pause is requested that is higher than the maximum allowable pause.
  • [OF-2455] - Explicitly promote websockets in admin console
  • [OF-2494] - Upgrade HSQLDB to a more recent version.
  • [OF-2513] - Do not require authzid on SASL EXTERNAL for S2S
  • [OF-2514] - Differentiate between missing and empty initial SASL response
  • [OF-2521] - S2S: Allow 'client auth' \(required for SASL EXTERNAL\) by default
  • [OF-2523] - Use less predictable resource value
  • [OF-2540] - Update SLF4j to 2.x
  • [OF-2542] - Drop Java 8 support
  • [OF-2547] - Update Mockito to 3.4.0 or later
  • [OF-2556] - Support additional namespaces when parsing streams
  • [OF-2557] - Show TLS config on each session/connection
  • [OF-2560] - Improve Admin Console load time when RSS can't be reached
  • [OF-2563] - Replace Session status constants with enums
  • [OF-2564] - ServerSession's state should be set to 'authenticated' after authentication
  • [OF-2565] - Openfire should close stream if client is sending a stanza in violation of RFC 6120, section 7.1
  • [OF-2566] - Enable Websocket Stream Management resumption
  • [OF-2581] - Invite people to improve translations in admin console
  • [OF-2594] - When locating Openfire Home, consider 'tmp' file
  • [OF-2608] - Do not wait for timeout when Dialback connection is closed
  • [OF-2611] - Improve automated tests for S2S functionality
  • [OF-2612] - Upgrade JUnit from 4 to 5
  • [OF-2613] - Upgrade unit test database to version 34
  • [OF-2615] - Use ConnectionManager interface where possible
  • [OF-2616] - Bump Guava to latest release
  • [OF-2623] - Migrate LoginLimitManager's properties to SystemProperties
  • [OF-2624] - When providing Forms, use client's language
  • [OF-2633] - When S2S TLS is required, announce that
  • [OF-2638] - Update Installation guide to suggest it is not okay to open-admin-console-to-internet
  • [OF-2639] - Server-to-Server SASL EXTERNAL should not require authz
  • [OF-2642] - Remove \(unused?\) PEP restriction for XEP-0084
  • [OF-2644] - Do not use getters in Session#toString
  • [OF-2650] - Failed S2S due to peer's certificate being invalid should be less verbose
  • [OF-2653] - hostname validation should not try to resolve host
  • [OF-2654] - Implement toString\(\) in various Netty classes
  • [OF-2663] - Don't overly verbose log receiving IQ responses addressed to the server
  • [OF-2669] - Update postgresql driver to 42.6.0
  • [OF-2670] - Netty debug should log remote address when available
  • [OF-2671] - S2S tester can stop waiting after a bounce
  • [OF-2673] - Prevent double-closure of outbound s2s session
  • [OF-2678] - Prefer XML data type usage over String manipulation
  • [OF-2693] - Make XML declaration \(and newline\) configurable
  • [OF-2697] - Set up multiple S2S connections concurrently
  • [OF-2699] - PacketRejection should allow for PacketError to be defined
  • [OF-2703] - Websocket 'open' should be a collapsed element
  • [OF-2706] - Restructure session details page
  • [OF-2707] - When closing session on admin console, kill its stream management
  • [OF-2708] - Ensure that Groups operate on bare JIDs
  • [OF-2713] - Update Bouncy Castle to 1.76
  • [OF-2714] - Switch to Java 1.8\+ variant of Bouncy Castle
  • [OF-2724] - Resolve \(non-breaking\) errors while compiling plugin JSP pages against Openfire 4.8
  • [OF-2731] - Update support for XEP-0280: Message Carbons
  • [OF-2732] - Update bundled search plugin to 1.7.4

Story

  • [OF-2527] - Include milliseconds in default log4j configuration
  • [OF-2573] - Add Name to Client Version column in Session Summary

New Feature

  • [OF-1574] - Add support for XEP-0352: Client State Indication
  • [OF-2474] - Allow IP-based access control to the admin console
  • [OF...
Read more
Assets 9
Loading

Openfire 4.7.5 Release

23 May 15:11
@akrherz akrherz
v4.7.5
ee4395e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.5 Release

4.7.5 -- May 23, 2023

Improvement

  • [OF-2459] - Admin console CSS tweaks
  • [OF-2461] - Validate JIDs that are sent by remote servers
  • [OF-2462] - Apply nodeprep on S2S stanza addresses
  • [OF-2464] - Do not default to Chinese locale
  • [OF-2539] - Name threads
  • [OF-2541] - Plugins should have updated SCM references

Task

  • [OF-2508] - Ensure that MUC Room names are nodeprepped
  • [OF-2584] - Update dependency-check to 8.1.2
  • [OF-2585] - Update commons-fileupload to 1.5
  • [OF-2586] - Update mysql-connector from 8.0.28 to 8.0.32
  • [OF-2587] - Update twelvemonkeys imageio-core from 3.5 to 3.7.1 or higher
  • [OF-2588] - Update SQL Server JDBC driver from 7.4.1 to 9.4.1
  • [OF-2589] - Remove protobuf-java from mysql-connector-j

Story

  • [OF-2493] - Update postgresql to 42.4.1

Sub-task

  • [OF-2596] - Improve detection of path traversal
  • [OF-2597] - Add config option for using wildcards in AuthCheckFilter
  • [OF-2598] - Remove wildcard usage in AuthCheckFilter
  • [OF-2599] - Avoid having setup-specific auth-excludes after install

Bug

  • [OF-2538] - Overzealous deletion of child properties
  • [OF-2543] - pubsub should always deliver payloads when items are retrieved.
  • [OF-2561] - Fallback of verifyCertificateValidity for connection listener uses incorrect setting
  • [OF-2575] - Text formatting error in registration settings
  • [OF-2578] - Fix failing aioxmpp tests
  • [OF-2595] - CVE-2023-32315 Admin Console Auth Bypass

sha256sum values

f70faf11b4798fefb26a20f7d60288d275a6d568db78faf79a4194cbae72eab4  openfire-4.7.5-1.noarch.rpm
d1283d417dacb74d67334c06420679aae62d088bd3439c8135ccfc272fd5b95b  openfire_4.7.5_all.deb
60d8efb96a1891cda2deac2cda9808cf6adec259f090d3a7fb2b7ca21484d75b  openfire_4_7_5.exe
98d36c2318706c545345274234e2f5ccbf0f72f7801133effea342e2776b8bb0  openfire_4_7_5.tar.gz
e95348be890aff64a7447295ab18eebb29db4bdc346b802df0c878ebbbf1d18e  openfire_4_7_5_x64.exe
a5bb8c9b944b915bdf7ecf92cd2a689d0cf09e88bfc2df960f38000f6b788194  openfire_4_7_5.zip
Assets 9
Loading

Openfire 4.6.8 Release

23 May 14:36
@akrherz akrherz
v4.6.8
db7e786
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.6.8 Release

Bug

  • [OF-2595] - CVE-2023-32315 Admin Console Auth Bypass.
  • [OF-2596] - OF-2596 Improve detection of path traversal.
  • [OF-2597] - OF-2597 Add config option for using wildcards in AuthCheckFilter.
  • [OF-2598] - OF-2598 Remove wildcard usage in AuthCheckFilter.
  • [OF-2599] - OF-2599 Avoid having setup-specific auth-excludes after install.

sha256sum values

aa1947097895a6d41bc8d1ac29f6ea60507bce69caadc497b4794a2a4110dc20  openfire-4.6.8-1.i686.rpm
346871c71eff8e3b085fecd2f8dce5bfbf387885cfa7aff2076d42bd7273f70b  openfire-4.6.8-1.noarch.rpm
37e4cc510cc2a59de50288c0e3baa53dcc702631433a01873a9270eeb7c789db  openfire-4.6.8-1.x86_64.rpm
e92c5a0b76da5964b2e3fa43686ad63db29ef891ec7266ab16fe3a93b06c9e01  openfire_4.6.8_all.deb
c6e0e40c55a81276881e93469ce88a862226ce33e58c8811e760427b878ebed4  openfire_4_6_8_bundledJRE.exe
1b4c209453fffb6a6310354b425995bb92c1f09944eed35a1fd61a30201355bc  openfire_4_6_8_bundledJRE_x64.exe
6b19394dc3f275ca039f85af59ca4f2fc5f628e2505cb39e59f5cfa55d605788  openfire_4_6_8.exe
b22fce993bce4930346183d5edc1e9e38827a47ed8f64c41486a105f574cc116  openfire_4_6_8.tar.gz
7c5769c7c8869ce2dfbb93fbbf1ec97a4e8509d61f8c14ba3f6be20abd05e90e  openfire_4_6_8_x64.exe
72f27d063446479e1d4ceb2a46ac838f5462dfca53032cfa068eb96ef08d0697  openfire_4_6_8.zip
Assets 12
Loading

Openfire 4.7.4 Release

09 Nov 15:55
@akrherz akrherz
v4.7.4
51b9db9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Openfire 4.7.4 Release

Improvement

  • [OF-2498] - Improve performance of MUC, based on stress test profiling
  • [OF-2499] - MUC Room history shouldn't be serialized as part of a MUC Room
  • [OF-2502] - Reduce resource usage of MUC stats collection
  • [OF-2504] - Re-instate MINA JMX monitoring
  • [OF-2511] -Prevent retrieving more MUC messages from DB than needed
  • [OF-2516] - Add TX/RX, Remove Priority from session summary page
  • [OF-2518] - Try loading favicons over HTTPS and HTTP
  • [OF-2524] - Improve MUC history load time for single rooms
  • [OF-2525] - Deprecate XMLProperties constructors that can't write back
  • [OF-2531] - Remove unneeded JID-based lock in MUC
  • [OF-2537] - Advertise support for pubsub's "multi-item" feature.

Story

  • [OF-2528] - Migrate usages of set-output in Github Actions
  • [OF-2529] - Upgrade Apache Commons Text from 1.6 to 1.10

Bug

  • [OF-2415] - Openfire Docker image fails to start if an empty plugins directory exists
  • [OF-2495] - Websocket onError handler prevents earlier data to be processed
  • [OF-2509] - openfirectl does not store PID
  • [OF-2512] - User lock-out with custom value does not take effect
  • [OF-2517] - "Packet sent" session stat remains 0 for BOSH sessions
  • [OF-2519] - Group JIDs in MUC rooms without preloading causes issues

sha256sum values

a6a98540e3ab6da65916f630b7b22d04e7ec125be9d09ae98121f6075ef2ef77  openfire-4.7.4-1.noarch.rpm
5f4bd4e6390bdfe99a63e4e72b25200461854348a9f6039368cffe1c509782fa  openfire_4.7.4_all.deb
6bebb52b4828d9564b1e22f3d0aebaeec6eefb1e5c7899549747b48bc8d6e30d  openfire_4_7_4.dmg
142d923f0b17e4dff65b01f69d9d5885494798011157a64cfef8847063f503ee  openfire_4_7_4.exe
9ebcb9c15d38d4f8fb528a79f0f53440179d64c214176c2d9e578b11762258dd  openfire_4_7_4.tar.gz
ef233db999c8a18ac43edb7fd17657c7677c0ce2e29f09c9ccb53185c451ded3  openfire_4_7_4_x64.exe
ba0fb1d992c5169da466107e7752f5eee588d79987dcf052e5b68abc101f7173  openfire_4_7_4.zip
Assets 9
Loading