Build: #1300 was successful Scheduled with changes by Guus der Kinderen

Code commits

Openfire (master)

  • Guus der Kinderen

    Guus der Kinderen c9912c91ecfdb2771bff59c2177b9bbeac0fa730

    Fix typo

    • distribution/src/installer/openfire.install4j (version c9912c91ecfdb2771bff59c2177b9bbeac0fa730)
  • Guus der Kinderen

    Guus der Kinderen 5be6e08630e61a7b41d118721b79f0b668c0c0f9

    OF-2353: Add log4j2.formatMsgNoLookups system property to startup scripts
    As another mitigation for CVE-2021-4428, add the log4j2.formatMsgNoLookups system property to all Openfire start scripts that we provide.

    • build/debian/openfire.init.d (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/bin/extra/openfire-launchd-wrapper.sh (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/bin/extra/redhat/openfire (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/bin/openfire.bat (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/bin/openfire.sh (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/bin/openfirectl (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
    • distribution/src/installer/openfire.install4j (version 5be6e08630e61a7b41d118721b79f0b668c0c0f9)
  • Guus der Kinderen

    Guus der Kinderen 5896d329f06c66c5b1f5eea49faa14c31a3d90a9

    OF-2353: Disable lookups in log4j2 message converter
    This adds the {nolookups} directive to the log4j message directive, which disables lookups on another level (CVE-2021-44228).

    Note that after upgrading to log4j2 2.16.0, this directive will be ignored by log4j2, as the lookup functionality has been removed completely in that version. A message might be logged to that effect when starting up.

    • distribution/src/resources/log4j2.xml (version 5896d329f06c66c5b1f5eea49faa14c31a3d90a9)
    • xmppserver/src/test/resources/log4j2-test-mvn.xml (version 5896d329f06c66c5b1f5eea49faa14c31a3d90a9)
    • xmppserver/src/test/resources/log4j2-test.xml (version 5896d329f06c66c5b1f5eea49faa14c31a3d90a9)
  • Guus der Kinderen

    Guus der Kinderen 80e593fb520189ded188e9e8a95f9a3462cd9678

    OF-2353: Upgrade log4j2 from 2.15.0 to 2.16.0

    • pom.xml (version 80e593fb520189ded188e9e8a95f9a3462cd9678)