Recent Releases

0.12.411 Jan 2024 03:13 minor bugfix: We are pleased to announce a new minor release from our stable branch. We re relieved to announce this overdue maintenance release containing a number of bug fixes and also some improvements from the last few months. Especially the prosodyctl check tool which gained some new diagnostic checks as well as handling of configuration option types the same way Prosody itself does. A summary of changes in this release: Minor changes core.certmanager: Update Mozilla TLS config to version 5.7 util.error: Fix error on conversion of invalid error stanza #1805 util.array: Fix new() library function util.array: Expose new() on module table prosodyctl: Fix output of error messages containing util.prosodyctl.check: Correct suggested replacement for disallow_s2s util.prosodyctl.check: Allow same config syntax variants as in Prosody for some options #896 util.prosodyctl.check: Fix error where hostname can t be turned into A label util.prosodyctl.check: Hint about the external_addresses config option util.prosodyctl.check: Suggest http_cors_override instead of older CORS settings util.prosodyctl.check: Validate format of module list options mod_websocket: Add a pre-session-close event #1800 mod_smacks: Fix stray watchdog closing sessions mod_csi_simple: Disable revert-to-inactive timer when going to active mode mod_csi_simple: Clear delayed active mode timer on disable mod_admin_shell: Fix display of remote cert status when expired etc mod_smacks: Replace existing watchdog when starting hibernation mod_http: Fix error if access_control_allow_origins is set mod_pubsub: Send correct jid attribute in disco#items mod_http: Unhook CORS handlers only if active to fix an error #1801 mod_s2s: Add event where resolver for s2sout can be tweaked
0.11.1004 Aug 2021 21:19 security: MUC: Fix logic for access to affiliation lists CVE-2021-37601: https://prosody.im/security/advisory_20210722/. prosodyctl: Add limits to known globals to warn about misplacing it. util.ip: Fix netmask for link-local address range. mod_pep: Remove obsolete node restoration code. util.pubsub: Fix traceback if node data not initialized.
0.11.903 Aug 2021 21:45 security: mod_limits, prosody.cfg.lua: Enable rate limits by default. certmanager: Disable renegotiation by default. mod_proxy65: Restrict access to local c2s connections by default. util.startup: Set more aggressive defaults for GC. mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default stanza size limits. mod_authinternal plain,hashed : Use constant-time string comparison for secrets. mod_dialback: Remove dialback-without-dialback feature. mod_dialback: Use constant-time comparison with hmac. util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp). mod_c2s: Don t throw errors in async code when connections are gone. mod_c2s: Fix traceback in session close when conn is nil. core.certmanager: Improve detection of LuaSec/OpenSSL capabilities. mod_saslauth: Use a defined SASL error. MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#info. mod_saslauth: Don t throw errors in async code when connections are gone. mod_pep: Advertise base pubsub feature (fixes #1632: mod_pep missing pubsub feature in disco). prosodyctl check config: Add gc to list of global options. prosodyctl about: Report libexpat version if known. util.xmppstream: Add API to dynamically configure the stanza size limit for a stream. util.set: Add is_set() to test if an object is a set. mod_http: Skip IP resolution in non-proxied case. mod_c2s: Log about missing conn on async state changes. util.xmppstream: Reduce internal default xmppstream limit to 1MB.
0.11.021 Nov 2018 23:16 major feature: Chatroom improvements, improved configuration, message archiving, nickname reservation, new Pubsub/PEP implementation, new vCard format, mobile battery life optimizations, asynchronous APIs, automated tests, native epoll support, Lua 5.2 support