[jadmin] jabberd-2.2.14 release

Tomasz Sterna tomek at xiaoka.com
Tue May 31 22:22:56 UTC 2011


Next jabberd2 release is available.

Get 2.2.14 release as usual at:
http://codex.xiaoka.com/pub/jabberd2/releases/jabberd-2.2.14.tar.gz
http://codex.xiaoka.com/pub/jabberd2/releases/jabberd-2.2.14.tar.bz2

and read: http://codex.xiaoka.com/svn/jabberd2/trunk/UPGRADE


This is a security release dealing with “billion laughs” attack
possibility discovered in many XMPP servers. CVE-2011-1755 
There are also few bugfixes and enchancements included.

ChangeLog:
      * Prevent the “billion laughs” attack against expat by disabling
        internal entity expansion. 
      * Shortcut DNS resolution failure in cases when given domain name
        is invalid 
      * Explicitly link libcrypt to authreg_mysql 
      * Removed xconfig - it's not used anywhere 
      * Added Upstart service configuration files


For a full ChangeLog see:
http://codex.xiaoka.com/svn/jabberd2/tags/jabberd-2.2.14/ChangeLog




-- 
Tomasz Sterna
Instant Messaging Consultant : Open Source Developer
http://tomasz.sterna.tv/  http://www.xiaoka.com/portfolio



More information about the JAdmin mailing list