Build: #1706 was successful Scheduled with changes by Dan Caseley <> and Guus der Kinderen

Code commits

Openfire (master)

  • Guus der Kinderen

    Guus der Kinderen 18367c25d148ac57dd8792146159d6fb683c89c1

    OF-2572: Detect thread obtaining more than one database connection
    Logs a warning (and stack traces) when one thread obtains more than one database connection from the database connection pool. This intends to flag inefficient code.

    This feature is enabled only when ProfiledConnections are used, which is not the case by default.

    • xmppserver/src/main/java/org/jivesoftware/database/ (version 18367c25d148ac57dd8792146159d6fb683c89c1)
  • Dan Caseley <>

    Dan Caseley <> 478d46ee8039f79d668f315a459df2f6b8d5c786

    OF-2584 Suppress new/old Guava vulnerability
    Guava has vulnerability related to permissions on a temp directory ( but we don't use that method. This wasn't flagged by the previous version of dependency-check-maven, as it'd been assumed fixed in Guava.

    • .dependency-check-suppressions.xml (version 478d46ee8039f79d668f315a459df2f6b8d5c786)
  • Dan Caseley <>

    Dan Caseley <> 5e92f3da774a07abc8fbb7609b9e1127fe29ff4c

    OF-2585 Bump commons-fileupload from 1.4 to 1.5

    • xmppserver/pom.xml (version 5e92f3da774a07abc8fbb7609b9e1127fe29ff4c)
  • Dan Caseley <>

    Dan Caseley <> ca4c5723f812f33261f3283900c12e0360b11508

    OF-2587 Upgrade TwelveMonkeys image-io extensions from 3.5 to 3.9.4

    • xmppserver/pom.xml (version ca4c5723f812f33261f3283900c12e0360b11508)
  • Dan Caseley <>

    Dan Caseley <> e29d504d824085bb7b8cc57c50c89fe9a02bb5e0

    OF-2589 Exclude protobuf-java from mysql-connector-j
    Since we don't need X DevAPI features

    • build/ci/updater/pom.xml (version e29d504d824085bb7b8cc57c50c89fe9a02bb5e0)
    • xmppserver/pom.xml (version e29d504d824085bb7b8cc57c50c89fe9a02bb5e0)
  • Dan Caseley <>

    Dan Caseley <> 37b5874ee7c92e74be40ee12ef7c9c6d59b363ae

    OF-2494 Bump hsqldb from 2.4.1 to 2.7.1

    • build/ci/updater/pom.xml (version 37b5874ee7c92e74be40ee12ef7c9c6d59b363ae)
    • xmppserver/pom.xml (version 37b5874ee7c92e74be40ee12ef7c9c6d59b363ae)
  • Dan Caseley <>

    Dan Caseley <> 39d0852294a58c965f1866264b597037af8432ab

    OF-2585 Add safety limit for uploading plugin files
    Recommended mitigation for CVE-2023-24998

    • xmppserver/src/main/webapp/plugin-admin.jsp (version 39d0852294a58c965f1866264b597037af8432ab)
  • Dan Caseley <>

    Dan Caseley <> 4ce07d24292f249a70c6eae200ae700815fddccb

    OF-2588 Upgrade mssql-jdbc from 7.4.1-java8 to 9.4.1-java11

    • build/ci/updater/pom.xml (version 4ce07d24292f249a70c6eae200ae700815fddccb)
    • xmppserver/pom.xml (version 4ce07d24292f249a70c6eae200ae700815fddccb)
  • Dan Caseley <>

    Dan Caseley <> a4d0687b6c136d8e95ae7533f61c45154e56d7d0

    OF-2586 Update mysql-connector from 8.0.28 to 8.0.32

    • build/ci/updater/pom.xml (version a4d0687b6c136d8e95ae7533f61c45154e56d7d0)
    • xmppserver/pom.xml (version a4d0687b6c136d8e95ae7533f61c45154e56d7d0)
  • Dan Caseley <>

    Dan Caseley <> 47ec200cd1f5c4b233cd3c495c99efd2fbfe7f22

    OF-2584 Update dependency-check-maven from 6.2.2 to 8.1.2

    • pom.xml (version 47ec200cd1f5c4b233cd3c495c99efd2fbfe7f22)
  • Dan Caseley <>

    Dan Caseley <> 7fcde9ff0c1a2605f411a121384fbebaddde83e4

    OF-2494 Update docs to match hsqldb changes

    • documentation/database.html (version 7fcde9ff0c1a2605f411a121384fbebaddde83e4)