pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/chat/prosody

Module Name:    pkgsrc
Committed By:   schnoebe
Date:           Mon Jun  6 14:41:48 UTC 2011

Modified Files:
        pkgsrc/chat/prosody: Makefile PLIST distinfo
        pkgsrc/chat/prosody/patches: patch-aa patch-ab patch-ad
Removed Files:
        pkgsrc/chat/prosody/patches: patch-ac

Log Message:
Update to prosody 0.8.1.

A security and bug fix release.  The security aspect is to mitigate the
"billion laughs" denial-of-service attack against XML parsers and XMPP

Other changes:

- Reject XML DTDs, comments and processing instructions, preventing
  the "billion laughs" attack
- Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
  large data (such as large avatars)
  Prosody automatically upgrades the table in-place if possible, see:
- Fix for endless loop when parsing certain invalid JSON
- Fix PostgreSQL compatibility in prosody-migrator
- Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
- mod_legacyauth now correctly disabled for unencrypted connections by default
- Components properly inherit SSL settings and certificates from their
  'parent' hosts
- Prevent startup with no VirtualHost entries in the config file

To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/chat/prosody/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/chat/prosody/PLIST \
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/chat/prosody/patches/patch-aa \
    pkgsrc/chat/prosody/patches/patch-ab pkgsrc/chat/prosody/patches/patch-ad
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/chat/prosody/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index