[jdev] jabberd 2.0s9 release

justin-news at openaether.org justin-news at openaether.org
Tue Jul 26 04:24:09 CDT 2005

The jabberd project team is pleased to announce the release of jabberd 2.0s9. 
This is a security release. There is a buffer overflow that could be used to 
perform a DoS attack and possible code execution. It is *HIGHLY* recommended 
that you upgrade!  

See bug#99 for more details.

Downloads are available here:

Bug reports and feature requests should be submitted using the tools on 
http://j2.openaether.org/. General support requests should go to 
jadmin at jabber.org. Anything else should be sent to jabberd at jabberstudio.org.

Outstanding Bugs:

* fixed only one user is loaded correctly for each router acl, bug#60
* fixed s2s segfault under particular connection timeout conditions, bug#66
* fixed id is being case sensitive, bug#68
* fixed Users cannot login after a long period of server inactivity, bug#69
* fixed handling of stream errors, bug#79
* fixed version attribute reply in stream, bug#94
* fixed c2s glibc abort and mysql option flags, bug#82
* fixed sx io mem leak, bug#90
* fixed Incorrect SASL error message defined in sx/sasl.c, bug#98
* fixed 3 buffer overflows in jid.c, bug#99
* fixed second log-in in with similar resource breaks routing for first login

Thanks to:
Stephen Marquard
Luis Peralta
YS Kwong
Roeland Jansen
Daniel Fischer
Norman Rasmussen

Justin Kirby

More information about the JDev mailing list