Code commits

Openfire (master)

Dave Cridland <dave@cridland.net> 16 Nov 2017 922931473f8ce4659084c0599e3f44e2e548ace9

Fix client route removal (#930)
Cut/paste error in removeClientRoute() caused old sessions to be
kept around.

In order to help debug this, I also added some detailing to
session-details.jsp which turned out not to be needed. But it
might prove useful/interesting.
- src/i18n/openfire_i18n_en.properties (version 922931473f8ce4659084c0599e3f44e2e548ace9)
- src/java/org/jivesoftware/openfire/spi/RoutingTableImpl.java (version 922931473f8ce4659084c0599e3f44e2e548ace9)
- src/web/session-details.jsp (version 922931473f8ce4659084c0599e3f44e2e548ace9)
Dave Cridland <dave@cridland.net> 16 Nov 2017 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e

Fix several security issues in 4.2 (#929)
* OF-1417 CVE-2017-15911 Fix XSS issues in host setup

* OF-1329 Prevent session fixation attack

* OF-1403 Escape group name in MUC admin

* OF-1393 Make randomString more random

* OF-1400 Escape servername field

* OF-1401 Validate SMS host and escape error message
- src/i18n/openfire_i18n_en.properties (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/java/org/jivesoftware/util/StringUtils.java (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/java/org/jivesoftware/util/WebManager.java (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/index.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/login.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/muc-sysadmins.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/server-props.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/setup/setup-host-settings.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/system-sms.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
- src/web/system-smstest.jsp (version 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e)
Dmitry Deshevoy <mityada@gmail.com> 16 Nov 2017 56ac5211782bcbf5feb3853e64b1698bcea550fb

Set correct sequence number in the <resumed/> element
According to XEP-0198 'h' attribute should be set to the sequence number
of the last handled stanza sent over the former stream from the client to the server
- src/java/org/jivesoftware/openfire/streammanagement/StreamManager.java (version 56ac5211782bcbf5feb3853e64b1698bcea550fb)
Paweł Ścibiorski <Alameyo@users.noreply.github.com> 16 Nov 2017 04628004dda8ab5549b51cf796bd512fe2765dea

Test was looking trying to assure that English names for time units are the same as foreignin. That was causing problems while I was building Openfire and units were named in Polish (e.g. second - sekunda). (#925)
- src/test/java/org/jivesoftware/util/StringUtilsTest.java (version 04628004dda8ab5549b51cf796bd512fe2765dea)

Build: #182 was successful Scheduled with changes by 3 people

Stages & jobs

Build and Package

Deploy

Code commits

Openfire (master)

Dave Cridland <dave@cridland.net> 16 Nov 2017 922931473f8ce4659084c0599e3f44e2e548ace9

Dave Cridland <dave@cridland.net> 16 Nov 2017 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e

Dmitry Deshevoy <mityada@gmail.com> 16 Nov 2017 56ac5211782bcbf5feb3853e64b1698bcea550fb

Paweł Ścibiorski <Alameyo@users.noreply.github.com> 16 Nov 2017 04628004dda8ab5549b51cf796bd512fe2765dea

Build #182

Build: #182 was successful Scheduled with changes by 3 people

Stages & jobs

Build and Package

Deploy

Code commits

Openfire (master)

Dave Cridland <dave@cridland.net> 16 Nov 2017 922931473f8ce4659084c0599e3f44e2e548ace9

Dave Cridland <dave@cridland.net> 16 Nov 2017 7ff1f73077cca1b3ec25d5897f31f15340c8fa4e

Dmitry Deshevoy <mityada@gmail.com> 16 Nov 2017 56ac5211782bcbf5feb3853e64b1698bcea550fb

Paweł Ścibiorski <Alameyo@users.noreply.github.com> 16 Nov 2017 04628004dda8ab5549b51cf796bd512fe2765dea