pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/chat/prosody
Module Name: pkgsrc
Committed By: schnoebe
Date: Mon Jun 6 14:41:48 UTC 2011
Modified Files:
pkgsrc/chat/prosody: Makefile PLIST distinfo
pkgsrc/chat/prosody/patches: patch-aa patch-ab patch-ad
Removed Files:
pkgsrc/chat/prosody/patches: patch-ac
Log Message:
Update to prosody 0.8.1.
A security and bug fix release. The security aspect is to mitigate the
"billion laughs" denial-of-service attack against XML parsers and XMPP
servers.
Other changes:
- Reject XML DTDs, comments and processing instructions, preventing
the "billion laughs" attack
- Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
large data (such as large avatars)
Prosody automatically upgrades the table in-place if possible, see:
http://prosody.im/doc/mysql
- Fix for endless loop when parsing certain invalid JSON
- Fix PostgreSQL compatibility in prosody-migrator
- Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
- mod_legacyauth now correctly disabled for unencrypted connections by default
- Components properly inherit SSL settings and certificates from their
'parent' hosts
- Prevent startup with no VirtualHost entries in the config file
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/chat/prosody/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/chat/prosody/PLIST \
pkgsrc/chat/prosody/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/chat/prosody/patches/patch-aa \
pkgsrc/chat/prosody/patches/patch-ab pkgsrc/chat/prosody/patches/patch-ad
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/chat/prosody/patches/patch-ac
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index