Overview Repositories Revisions Requests Users Attributes Meta

prosody

Edit Package prosody

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible
system on which to rapidly develop added functionality, or prototype new protocols.

  • Developed at devel:languages:lua
  • Sources inherited from project openSUSE:Factory
  • 3 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:SLECandidates/prosody && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
prosody-0.11.9.tar.gz 0000431647 422 KB
prosody-0.11.9.tar.gz.asc 0000000833 833 Bytes
prosody-cfg.patch 0000001055 1.03 KB
prosody-configure.patch 0000000702 702 Bytes
prosody-lua51coexist.patch 0000000706 706 Bytes
prosody.changes 0000035493 34.7 KB
prosody.keyring 0000030936 30.2 KB
prosody.service 0000000271 271 Bytes
prosody.spec 0000004266 4.17 KB
prosody.tmpfile 0000000074 74 Bytes
Revision 23 (latest revision is 38)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 893045 from Michael Vetter's avatar Michael Vetter (jubalh) (revision 23) 
- Update to 0.11.9:
  Security: 
  * mod_limits, prosody.cfg.lua: Enable rate limits by default
  * certmanager: Disable renegotiation by default
  * mod_proxy65: Restrict access to local c2s connections by default
  * util.startup: Set more aggressive defaults for GC
  * mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default stanza size limits
  * mod_authinternal{plain,hashed}: Use constant-time string comparison for secrets
  * mod_dialback: Remove dialback-without-dialback feature
  * mod_dialback: Use constant-time comparison with hmac
  Minor changes
  * util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp)
  * mod_c2s: Don’t throw errors in async code when connections are gone
  * mod_c2s: Fix traceback in session close when conn is nil
  * core.certmanager: Improve detection of LuaSec/OpenSSL capabilities
  * mod_saslauth: Use a defined SASL error
  * MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#info
  * mod_saslauth: Don’t throw errors in async code when connections are gone
  * mod_pep: Advertise base pubsub feature (fixes #1632: mod_pep missing pubsub feature in disco)
  * prosodyctl check config: Add ‘gc’ to list of global options
  * prosodyctl about: Report libexpat version if known
  * util.xmppstream: Add API to dynamically configure the stanza size limit for a stream
  * util.set: Add is_set() to test if an object is a set
  * mod_http: Skip IP resolution in non-proxied case
  * mod_c2s: Log about missing conn on async state changes
  * util.xmppstream: Reduce internal default xmppstream limit to 1MB
- Relevant: https://prosody.im/security/advisory_20210512
  * boo#1186027: Prosody XMPP server advisory 2021-05-12
  * CVE-2021-32919
  * CVE-2021-32917
Comments 0
openSUSE Build Service is sponsored by
Places