The jabberd project team is pleased to announce the release of jabberd 2.0s9. This is a security release. There is a buffer overflow that could be used to perform a DoS attack and possible code execution. It is *HIGHLY* recommended that you upgrade!
See bug#99 for more details. http://j2.openaether.org/bugzilla/show_bug.cgi?id=99 Downloads are available here: http://jabberstudio.org/projects/jabberd2/releases/ md5sum:64905ccbbe5c6fe1f583401802a3e303 Bug reports and feature requests should be submitted using the tools on http://j2.openaether.org/. General support requests should go to [EMAIL PROTECTED] Anything else should be sent to [EMAIL PROTECTED] Outstanding Bugs: http://tinyurl.com/djzks ChangeLog: * fixed only one user is loaded correctly for each router acl, bug#60 * fixed s2s segfault under particular connection timeout conditions, bug#66 * fixed id is being case sensitive, bug#68 * fixed Users cannot login after a long period of server inactivity, bug#69 * fixed handling of stream errors, bug#79 * fixed version attribute reply in stream, bug#94 * fixed c2s glibc abort and mysql option flags, bug#82 * fixed sx io mem leak, bug#90 * fixed Incorrect SASL error message defined in sx/sasl.c, bug#98 * fixed 3 buffer overflows in jid.c, bug#99 * fixed second log-in in with similar resource breaks routing for first login Thanks to: Stephen Marquard Luis Peralta YS Kwong Roeland Jansen Daniel Fischer Norman Rasmussen Justin Kirby _______________________________________________ jdev mailing list [email protected] http://mail.jabber.org/mailman/listinfo/jdev
