Build #7

Plan branch:
Run manually for releases

Build: #7 was successful Manual run by daryl herzmann

Code commits

Openfire (master)

  • daryl herzmann <akrherz@iastate.edu>

    daryl herzmann <akrherz@iastate.edu> 1bcb80f9f23d70fbd7ee8a833abe02b2305f848e

    Merge pull request #1951 from guusdk/release_4.5.5
    Denote Openfire 4.5.5 release

  • Guus der Kinderen

    Guus der Kinderen c24b118dbebe0618522315d05a0c28fd1416e90f

    Denote Openfire 4.5.5 release

    • distribution/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • i18n/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • plugins/openfire-plugin-assembly-descriptor/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • plugins/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • starter/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • xmppserver/changelog.html (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • xmppserver/pom.xml (version c24b118dbebe0618522315d05a0c28fd1416e90f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version c24b118dbebe0618522315d05a0c28fd1416e90f)
  • Guus der Kinderen

    Guus der Kinderen 5e297ed4de793342e53f33cbc54694e0d48f979b

    OF-2353: Upgrade log4j2 from 2.11.2 to 2.16.0

    • pom.xml (version 5e297ed4de793342e53f33cbc54694e0d48f979b)
  • Guus der Kinderen

    Guus der Kinderen 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d

    OF-2353: Add log4j2.formatMsgNoLookups system property to startup scripts
    As another mitigation for CVE-2021-4428, add the log4j2.formatMsgNoLookups system property to all Openfire start scripts that we provide.

    • build/debian/openfire.init.d (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/bin/extra/openfire-launchd-wrapper.sh (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/bin/extra/redhat/openfire (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/bin/openfire.bat (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/bin/openfire.sh (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/bin/openfirectl (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
    • distribution/src/installer/openfire.install4j (version 15d3f6fe890655d4aea69bed3e16dc4ba0df7d6d)
  • Guus der Kinderen

    Guus der Kinderen e764a0dfa65a95a4906c6d4f43e940b96c2c881f

    OF-2353: Disable lookups in log4j2 message converter
    This adds the {nolookups} directive to the log4j message directive, which disables lookups on another level (CVE-2021-44228).

    Note that after upgrading to log4j2 2.16.0, this directive will be ignored by log4j2, as the lookup functionality has been removed completely in that version. A message might be logged to that effect when starting up.

    • distribution/src/resources/log4j2.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
    • xmppserver/src/test/resources/log4j2-test-mvn.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
    • xmppserver/src/test/resources/log4j2-test.xml (version e764a0dfa65a95a4906c6d4f43e940b96c2c881f)
  • akrherz <akrherz@iastate.edu>

    akrherz <akrherz@iastate.edu> 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9

    march 4.5 branch toward 4.5.5-SNAPSHOT

    • distribution/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • i18n/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • plugins/openfire-plugin-assembly-descriptor/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • plugins/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • starter/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • xmppserver/pom.xml (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version 28a2f45d6d9a57d46eb9c9ae44406fa62b7db6d9)