[jadmin] jabberd-2.2.14 release
tomek at xiaoka.com
Tue May 31 22:22:56 UTC 2011
Next jabberd2 release is available.
Get 2.2.14 release as usual at:
and read: http://codex.xiaoka.com/svn/jabberd2/trunk/UPGRADE
This is a security release dealing with “billion laughs” attack
possibility discovered in many XMPP servers. CVE-2011-1755
There are also few bugfixes and enchancements included.
* Prevent the “billion laughs” attack against expat by disabling
internal entity expansion.
* Shortcut DNS resolution failure in cases when given domain name
* Explicitly link libcrypt to authreg_mysql
* Removed xconfig - it's not used anywhere
* Added Upstart service configuration files
For a full ChangeLog see:
Instant Messaging Consultant : Open Source Developer
More information about the JAdmin