Build: #7 was successful Manual run by daryl herzmann
Code commits
Openfire (master)
-
daryl herzmann 1bcb80f9f23d70fbd7ee8a833abe02b2305f848e
Merge pull request #1951 from guusdk/release_4.5.5
Denote Openfire 4.5.5 release -
Guus der Kinderen c24b118dbebe0618522315d05a0c28fd1416e90f
Denote Openfire 4.5.5 release
- distribution/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- i18n/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- plugins/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- starter/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- xmppserver/changelog.html (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- xmppserver/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version c24b118dbebe0618522315d05a0c28fd1416e90f)
-
Guus der Kinderen 5e297ed4de793342e53f33cbc54694e0d48f979b
OF-2353: Upgrade log4j2 from 2.11.2 to 2.16.0
- pom.xml (version 5e297ed4de793342e53f33cbc54694e0d48f979b)
-
Guus der Kinderen 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d
OF-2353: Add log4j2.formatMsgNoLookups system property to startup scripts
As another mitigation for CVE-2021-4428, add the log4j2.formatMsgNoLookups system property to all Openfire start scripts that we provide.- build/debian/openfire.init.d (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/bin/extra/openfire-launchd-wrapper.sh (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/bin/extra/redhat/openfire (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/bin/openfire.bat (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/bin/openfire.sh (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/bin/openfirectl (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
- distribution/src/installer/openfire.install4j (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
-
Guus der Kinderen e764a0dfa65a95a4906c6d4f43e940b96c2c881f
OF-2353: Disable lookups in log4j2 message converter
This adds the {nolookups} directive to the log4j message directive, which disables lookups on another level (CVE-2021-44228).
Note that after upgrading to log4j2 2.16.0, this directive will be ignored by log4j2, as the lookup functionality has been removed completely in that version. A message might be logged to that effect when starting up.- distribution/src/resources/log4j2.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
- xmppserver/src/test/resources/log4j2-test-mvn.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
- xmppserver/src/test/resources/log4j2-test.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
-
daryl herzmann 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9
march 4.5 branch toward 4.5.5-SNAPSHOT
- distribution/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- i18n/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- plugins/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- starter/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- xmppserver/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)