Build: #21 was successful Manual run by daryl herzmann
Code commits
Openfire (master)
-
daryl herzmann <akrherz@iastate.edu> 5b6b732fda44fbc3c38a7036b1ed7522d9f8b129
Merge pull request #1950 from akrherz/466
Denote Openfire 4.6.6 Release -
akrherz <akrherz@iastate.edu> 45c979a0986c457e0e73531b7bf4e048cfbf0b12
Denote Openfire 4.6.6 Release
- distribution/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- i18n/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- plugins/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- starter/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- xmppserver/changelog.html (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- xmppserver/pom.xml (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version 45c979a0986c457e0e73531b7bf4e048cfbf0b12)
-
Guus der Kinderen f9b650c7c93b541b1a0ffd5ecbd5ddee0a6334aa
OF-2353: Upgrade log4j2 from 2.15.0 to 2.16.0
- pom.xml (version f9b650c7c93b541b1a0ffd5ecbd5ddee0a6334aa)
-
Guus der Kinderen 6caa5226b3b4fbf472462719df138d97fc6c8e14
OF-2353: Add log4j2.formatMsgNoLookups system property to startup scripts
As another mitigation for CVE-2021-4428, add the log4j2.formatMsgNoLookups system property to all Openfire start scripts that we provide.- build/debian/openfire.init.d (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/bin/extra/openfire-launchd-wrapper.sh (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/bin/extra/redhat/openfire (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/bin/openfire.bat (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/bin/openfire.sh (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/bin/openfirectl (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
- distribution/src/installer/openfire.install4j (version 6caa5226b3b4fbf472462719df138d97fc6c8e14)
-
Guus der Kinderen 9e3ade637f66e357cfa7e4061d7e8eb93024fee1
OF-2353: Disable lookups in log4j2 message converter
This adds the {nolookups} directive to the log4j message directive, which disables lookups on another level (CVE-2021-44228).
Note that after upgrading to log4j2 2.16.0, this directive will be ignored by log4j2, as the lookup functionality has been removed completely in that version. A message might be logged to that effect when starting up.- distribution/src/resources/log4j2.xml (version 9e3ade637f66e357cfa7e4061d7e8eb93024fee1)
- xmppserver/src/test/resources/log4j2-test-mvn.xml (version 9e3ade637f66e357cfa7e4061d7e8eb93024fee1)
- xmppserver/src/test/resources/log4j2-test.xml (version 9e3ade637f66e357cfa7e4061d7e8eb93024fee1)
-
akrherz <akrherz@iastate.edu> fd222b06d16150e918f56dc78f5c53197cecc870
march branch to version 4.6.6-SNAPSHOT
- distribution/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- i18n/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- plugins/openfire-plugin-assembly-descriptor/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- plugins/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- starter/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- xmppserver/pom.xml (version fd222b06d16150e918f56dc78f5c53197cecc870)
- xmppserver/src/main/java/org/jivesoftware/openfire/spi/XMPPServerInfoImpl.java (version fd222b06d16150e918f56dc78f5c53197cecc870)