Build: #4 was successful Manual run by daryl herzmann
Code commits
Openfire (master)
-
akrherz <akrherz@iastate.edu> 7eb69419e4fa4a9c6efa0759e0ae0c5808e7dc8f
bump bundled search plugin to v1.7.3
- distribution/pom.xml (version 7eb69419e4fa4a9c6efa0759e0ae0c5808e7dc8f)
-
Guus der Kinderen b66ff24df487f2d3e4d14b3213e8951276e94dbb
OF-1877: Upgrade BouncyCastle from 1.61 to 1.63.
- pom.xml (version b66ff24df487f2d3e4d14b3213e8951276e94dbb)
-
Guus der Kinderen 3b7fab0692ab64300b01355a0af8d835acc199f5
OF-1873: Don't disclose LDAP adminPassword
This commit intends to prevent disclosure of a previously configured password for LDAP. Now, the LDAP configuration page will only show a password value if that was provided in the same HTTP session. Likewise, a password value that might already have been stored is not updated, unless explicitly changed.- xmppserver/src/main/webapp/setup/ldap-server.jspf (version 3b7fab0692ab64300b01355a0af8d835acc199f5)
- xmppserver/src/main/webapp/setup/setup-ldap-server_test.jsp (version 3b7fab0692ab64300b01355a0af8d835acc199f5)
-
Guus der Kinderen d0ea3a3ecf12f7608fde1487a4cd5771839f2bff
OF-1874: Apply JSTL to profile-settings page, to avoid XSS.
- xmppserver/src/main/webapp/profile-settings.jsp (version d0ea3a3ecf12f7608fde1487a4cd5771839f2bff)
-
Guus der Kinderen f6bb65f4b76452c0c668ebbd96887e557910cebb
OF-1876: Upgrade Mysql Connector/J to 8.0.17
- xmppserver/pom.xml (version f6bb65f4b76452c0c668ebbd96887e557910cebb)
-
Guus der Kinderen 82b04a4d94c3c5ebcf8b650f22a1f0012cc0d6f5
OF-1251: Expose time elapsed formatting as taglib function.
This allows for the formatting function to be used with JSTL.- xmppserver/src/main/resources/META-INF/admin.tld (version 82b04a4d94c3c5ebcf8b650f22a1f0012cc0d6f5)
- xmppserver/src/main/webapp/META-INF/admin.tld (version 82b04a4d94c3c5ebcf8b650f22a1f0012cc0d6f5)
- xmppserver/src/main/webapp/WEB-INF/admin.tld (version 82b04a4d94c3c5ebcf8b650f22a1f0012cc0d6f5)
-
Guus der Kinderen 2b9505784fa7dd309193093317854b1994160f3f
OF-1860: Check plugin archive structure.
Openfire should verify that the structure of the plugin archive does not include files that are expanded outside of the target directory.- xmppserver/src/main/java/org/jivesoftware/openfire/container/PluginMonitor.java (version 2b9505784fa7dd309193093317854b1994160f3f)
-
Guus der Kinderen 2ed3ae4016d5705cd26f55ad926ebb9370d43c1c
OF-1860: Don't stop processing all plugins if one fails to unzip.
- xmppserver/src/main/java/org/jivesoftware/openfire/container/PluginMonitor.java (version 2ed3ae4016d5705cd26f55ad926ebb9370d43c1c)
-
Guus der Kinderen 3781f082cb2ff114b36557f9dcec5e583ab5149f
OF-1859: SessionData modifications should return previous values.
If the operations that modify content of `LocalSession#sessionData` would return previous values (as the `Map` interface does) then there's less need for outside synchronization to keep certain modifications thread-safe.- xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalSession.java (version 3781f082cb2ff114b36557f9dcec5e583ab5149f)