Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

prosody-0.12.2-2.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

Name: prosody Distribution: openSUSE:Factory:zSystems
Version: 0.12.2 Vendor: openSUSE
Release: 2.1 Build date: Thu Jan 26 14:01:09 2023
Group: Productivity/Networking/Other Build host: s390zl24
Size: 1843503 Source RPM: prosody-0.12.2-2.1.src.rpm
Summary: Communications server for Jabber/XMPP
Prosody is a communications server for Jabber/XMPP written in Lua.

Prosody can link up with other Prosody installations and other
XMPP-compatible services to form an open communication network,
whilst allowing control over who they connect to, and who they share
data with.






* Wed Jan 25 2023 Michal Suchanek <>
  - Opencode %make_build to prevent build failure when not defined.
* Wed Dec 14 2022 Michael Vetter <>
  - Update to 0.12.2:
    Fixes and improvements:
    * util.stanza: Allow U+7F when constructing stazas
    * net.unbound: Preserve built-in defaults and Prosodys settings for
      luaunbound (fixes #1763: luaunbound not reading resolv.conf)
    * mod_smacks: Disable not implemented resumption behavior on s2s
    * mod_http: Allow disabling CORS in the http_cors_override option and by default
    Minor changes:
    * util.json: Accept empty arrays with whitespace (fixes #1782: util.json
      fails to parse empty array with whitespace)
    * util.stanza: Adjust number of return values to handle change in
      dependency of test suite (fix test with luassert >=1.9)
    * util.startup: Ensure import() is available in prosodyctl
    * mod_storage_sql: Fix initialization when called from prosodyctl
    * mod_storage_sql: Fix the summary API with Postgres (#1766)
    * mod_admin_shell: Fixes for showing data related to disconnected sessions (fixes #1777)
    * core.s2smanager: Don’t remove unrelated session on close of bidi session
    * mod_smacks: Don’t send redundant requests for acknowledgement (#1761)
    * mod_admin_shell: Rename commands user:roles() to user:setroles()
      and user:showroles() to user:roles()
    * mod_smacks: Bounce unhandled stanzas from local origin (fix #1759)
    * mod_bookmarks: Reduce log level of message about not having any bookmarks
    * mod_s2s: Fix firing buffer drain events
    * mod_http_files: Log warning about legacy modules using mod_http_files
    * util.startup: Wait for last shutdown steps
    * util.datamapper: Improve handling of schemas with non-obvious “type”
    * util.jsonschema: Fix validation to not assume presence of “type” field
    * util.jsonschema: Use same integer/float logic on Lua 5.2 and 5.3
* Thu Jun 09 2022 Michael Vetter <>
  - Update to 0.12.1:
    Fixes and improvements:
    * mod_http (and dependent modules): Make CORS opt-in by default (#1731)
    * mod_http: Reintroduce support for disabling or limiting CORS (#1730)
    * net.unbound: Disable use of hosts file by default (fixes #1737)
    * MUC: Allow kicking users with the same affiliation as the kicker (fixes #1724 and improves Jitsi Meet compatibility)
    * mod_tombstones: Add caching to improve performance on busy servers (fixes #1728: mod_tombstone: inefficient I/O with internal storage)
    Minor changes:
    * prosodyctl check config: Report paths of loaded configuration files (#1729)
    * prosodyctl about: Report version of lua-readline
    * prosodyctl: check config: Skip bare JID components in orphan check
    * prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
    * prosodyctl: check turn: warn about external port mismatches behind NAT
    * mod_turn_external: Update status and friendlier handling of missing secret option (#1727)
    * prosodyctl: Pass server when listing (outdated) plugins (fix #1738: prosodyctl list --outdated does not handle multiple versions of a module)
    * util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus)
    * util.prosodyctl: check turn: Report lack of TURN services as a problem #1749
    * util.random: Ensure that native random number generator works before using it, falling back to /dev/urandom (#1734)
    * mod_storage_xep0227: Fix mapping of nodes without explicit configuration
    * mod_admin_shell: Fix error in ‘module:info()’ when statistics is not enabled (#1754)
    * mod_admin_socket: Compat for luasocket prior to unix datagram support
    * mod_admin_socket: Improve error reporting when socket can’t be created (#1719)
    * mod_cron: Record last time a task runs to ensure correct intervals (#1751)
    * core.moduleapi, core.modulemanager: Fix internal flag affecting logging in in some global modules, like mod_http (#1736, #1748)
    * core.certmanager: Expand debug messages about cert lookups in index
    * configmanager: Clearer errors when providing unexpected values after VirtualHost (#1735)
    * mod_storage_xep0227: Support basic listing of PEP nodes in absence of pubsub#admin data
    * mod_storage_xep0227: Handle missing {pubsub#owner}pubsub element (fixes #1740: mod_storage_xep0227 tracebacks reading non-existent PEP store)
    * mod_storage_xep0227: Fix conversion of SCRAM into internal format (#1741)
    * mod_external_services: Move error message to correct place (fix #1725: mod_external_services: Misplaced textual error message)
    * mod_smacks: Fix handling of unhandled stanzas on disconnect (#1759)
    * mod_smacks: Fix counting of handled stanzas
    * mod_smacks: Fix bounce of stanzas directed to full JID on unclean disconnect
    * mod_pubsub: Don’t attempt to use server actor as publisher (#1723)
    * mod_s2s: Improve robustness of outgoing s2s certificate verification
    * mod_invites_adhoc: Fall back to generic allow_user_invites for role-less users
    * mod_invites_register: Push invitee contact entry to inviter
    * util.startup: Show error for unrecognized command-line arguments passed to ‘prosody’ (#1722)
    * util.jsonpointer: Add tests, compat improvements and minor fixes
    * util.jsonschema: Lua version compat improvements
* Fri Mar 18 2022 Michael Vetter <>
  - Update to 0.12.0:
    * mod_mimicking: Prevent address spoofing
    * mod_s2s_bidi: Bi-directional server-to-server connections (XEP-0288)
    * mod_external_services: Generic XEP-0215 support
    * mod_turn_external: Easy setup of XEP-0215 for STUN/TURN for audio/video calls
    * mod_http_file_share: File sharing via HTTP (XEP-0363)
    * mod_http_openmetrics: Expose metrics to Prometheus and compatible monitoring systems
    * mod_smacks: Stream management and resumption (XEP-0198)
    * mod_auth_ldap: LDAP authentication
    * mod_cron: One module to rule all the periodic tasks
    * mod_admin_shell: New home of the Console admin interface
    * mod_admin_socket: Enable secure connections to the Console
    * mod_tombstones: Prevent re-registration of deleted accounts
    * mod_invites: Create and manage invites
    * mod_invites_register: Allow registering accounts using invites
    * mod_invites_adhoc: Create invites via ad-hoc command
    * mod_bookmarks: Synchronise open rooms between clients
    Security and authentication:
    * Unencrypted HTTP port (5280) restricted to loopback by default
    * require_encryption options default to ‘true’ if unspecified
    * Authentication module defaults to ‘internal_hashed’ if unspecified
    * SNI support (including automatic certificate selection)
    * ALPN support in mod_net_multiplex
    * DANE support in low-level network layer
    * Direct TLS support (c2s and s2s)
    * SCRAM-SHA-256
    * Direct TLS (including https) certificates are now updated on reload
    * Pluggable authorization providers (mod_authz_*)
    * Easy use of Mozilla TLS recommendations presets
    * CORS handling now provided by mod_http
    * Built-in HTTP server now handles HEAD requests
    * Uploads can be handled incrementally
    * Module statuses (API change)
    * util.error for encapsulating errors
    * Promise based API for sending queries
    * API for adding periodic tasks
    * More APIs supporting ES6 Promises
    * Async can be used during shutdown
    * Plugin installer
    * MUC presence broadcast controls
    * MUC: support for XEP-0421 occupant identifiers
    * prosodyctl check connectivity via
    * STUN/TURN server tests in prosodyctl check
    * libunbound for DNS queries
    * The POSIX poll() API used by server_epoll on *nix other than Linux
    Changed in this release:
    * Improved rules for mobile optimizations in mod_csi_simple
    * Improved rules for what messages should be archived in mod_mam
    * mod_limits: Support for exempt JIDs
    * mod_server_contact_info now loaded on components if enabled
    * Statistics now based on OpenMetrics
    * Statistics scheduling can be done by plugin
    * Offline messages aren’t sent to MAM clients
    * Archive quotas (maximum limit on items in an archive store)
    * Rewritten migrator with archive support
    * Improved automatic certificate locating and selecting
    * Logging to syslog no longer missing startup messages
    * Graceful shutdown sequence that closes ports first and waits for connections to close
    Removed in this release:
    * daemonize option deprecated
    * SASL DIGEST-MD5 removed
    * mod_auth_cyrus (older LDAP support)
    * Network backend server_select deprecated (not actually removed yet)
    Please see:
* Fri Feb 18 2022 Jan Engelhardt <>
  - Do not replace config file on every upgrade
* Fri Jan 28 2022 Michael Vetter <>
  - Update to 0.11.13:
    * util.xml: Break reference to help the GC (fixes #1711)
    * util.xml: Deduplicate handlers for restricted XML
* Thu Jan 13 2022 Michael Vetter <>
  - Update to 0.11.12:
    * util.xml: Do not allow doctypes, comments or processing
      instructions (CVE-2022-0217)
* Tue Jan 04 2022 Michael Vetter <>
  - Update to 0.11.11:
    Fixes and improvements:
    * net.server_epoll: Prioritize network events over timers to improve
      performance under heavy load
    * mod_pep: Add some memory usage limits
    * mod_pep: Prevent creation of services for non-existent users
    * mod_pep: Free resources on user deletion (needed a restart previously)
    Minor changes:
    * mod_pep: Free resources on reload
    * mod_c2s: Indicate stream secure state in error text when no stream features to offer
    * MUC: Fix logic for access to affiliation lists
    * net.server_epoll: Improvements to shutdown procedure #1670
    * net.server_epoll: Fix potential issue with rescheduling of timers
    * prosodyctl: Fix to ensure LuaFileSystem is loaded when needed
    * util.startup: Fix handling of unknown command line flags (e.g. -h)
    * Fix version number reported as ‘unknown’ on *BSD
* Wed Oct 20 2021 Johannes Segitz <>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * prosody.service
* Mon Aug 16 2021 Michael Vetter <>
  - Update to 0.11.10:
    * MUC: Fix logic for access to affiliation lists CVE-2021-37601
    Minor changes:
    * prosodyctl: Add ‘limits’ to known globals to warn about misplacing it
    * util.ip: Fix netmask for link-local address range
    * mod_pep: Remove obsolete node restoration code
    * util.pubsub: Fix traceback if node data not initialized
  - Update is related to: bsc#1188976 CVE-2021-37601
* Thu May 13 2021 Carsten Ziepke <>
  - Update to 0.11.9:
    * mod_limits, prosody.cfg.lua: Enable rate limits by default
    * certmanager: Disable renegotiation by default
    * mod_proxy65: Restrict access to local c2s connections by default
    * util.startup: Set more aggressive defaults for GC
    * mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default stanza size limits
    * mod_authinternal{plain,hashed}: Use constant-time string comparison for secrets
    * mod_dialback: Remove dialback-without-dialback feature
    * mod_dialback: Use constant-time comparison with hmac
    Minor changes
    * util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp)
    * mod_c2s: Don’t throw errors in async code when connections are gone
    * mod_c2s: Fix traceback in session close when conn is nil
    * core.certmanager: Improve detection of LuaSec/OpenSSL capabilities
    * mod_saslauth: Use a defined SASL error
    * MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#info
    * mod_saslauth: Don’t throw errors in async code when connections are gone
    * mod_pep: Advertise base pubsub feature (fixes #1632: mod_pep missing pubsub feature in disco)
    * prosodyctl check config: Add ‘gc’ to list of global options
    * prosodyctl about: Report libexpat version if known
    * util.xmppstream: Add API to dynamically configure the stanza size limit for a stream
    * util.set: Add is_set() to test if an object is a set
    * mod_http: Skip IP resolution in non-proxied case
    * mod_c2s: Log about missing conn on async state changes
    * util.xmppstream: Reduce internal default xmppstream limit to 1MB
  - Relevant:
    * boo#1186027: Prosody XMPP server advisory 2021-05-12
    * CVE-2021-32919
    * CVE-2021-32917
    * CVE-2021-32917
    * CVE-2021-32920
    * CVE-2021-32918
* Tue Feb 16 2021 Michael Vetter <>
  - Update to 0.11.8:
    * mod_saslauth: Disable ‘tls-unique’ channel binding with TLS 1.3 (#1542)
    Fixes and improvements:
    * net.websocket.frames: Improve websocket masking performance by using the new util.strbitop
    * util.strbitop: Library for efficient bitwise operations on strings
    Minor changes:
    * MUC: Correctly advertise whether the subject can be changed (#1155)
    * MUC: Preserve disco ‘node’ attribute (or lack thereof) in responses (#1595)
    * MUC: Fix logic bug causing unnecessary presence to be sent (#1615)
    * mod_bosh: Fix error if client tries to connect to component (#425)
    * mod_bosh: Pick out the ‘wait’ before checking it instead of earlier
    * mod_pep: Advertise base PubSub feature (#1632)
    * mod_pubsub: Fix notification stanza type setting (#1605)
    * mod_s2s: Prevent keepalives before client has established a stream
    * net.adns: Fix bug that sent empty DNS packets (#1619)
    * net.http.server: Don’t send Content-Length on 1xx/204 responses (#1596)
    * net.websocket.frames: Fix length calculation bug (#1598)
    * util.dbuffer: Make length API in line with Lua strings
    * util.dbuffer: Optimize substring operations
    * util.debug: Fix locals being reported under wrong stack frame in some cases
    * util.dependencies: Fix check for Lua bitwise operations library (#1594)
    * util.interpolation: Fix combination of filters and fallback values #1623
    * util.promise: Preserve tracebacks
    * util.stanza: Reject ASCII control characters (#1606)
    * timers: Ensure timers can’t block other processing (#1620)
* Fri Oct 02 2020 Michael Vetter <>
  - Update to 0.11.7:
    * mod_websocket: Enforce size limits on received frames (fixes #1593)
    Fixes and improvements:
    * mod_c2s, mod_s2s: Make stanza size limits configurable
    * Add configuration options to control Lua garbage collection parameters
    * net.http: Backport SNI support for outgoing HTTP requests (#409)
    * mod_websocket: Process all data in the buffer on close frame and connection errors (fixes #1474, #1234)
    * util.indexedbheap: Fix heap data structure corruption, causing some timers to fail after a reschedule (fixes #1572)
* Fri Sep 11 2020 Michael Vetter <>
  - Update to 0.11.6:
    Fixes and improvements:
    * mod_storage_internal: Fix error in time limited queries on items without ‘when’ field, fixes #1557
    * mod_carbons: Fix handling of incoming MUC PMs #1540
    * mod_csi_simple: Consider XEP-0353: Jingle Message Initiation important
    * mod_http_files: Avoid using inode in etag, fixes #1498: Fail to download file on FreeBSD
    * mod_admin_telnet: Create a DNS resolver per console session (fixes #1492: Telnet console DNS commands reduced usefulness)
    * core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixes #1513)
    * mod_s2s: Escape invalid XML in loggin (same way as mod_c2s) (fixes #1574: Invalid XML input on s2s connection is logged unescaped)
    * mod_muc: Allow control over the server-admins-are-room-owners feature (see #1174)
    * mod_muc_mam: Remove spoofed archive IDs before archiving (fixes #1552: MUC MAM may strip its own archive id)
    * mod_muc_mam: Fix stanza id filter event name, fixes #1546: mod_muc_mam does not strip spoofed stanza ids
    * mod_muc_mam: Fix missing advertising of XEP-0359, fixes #1547: mod_muc_mam does not advertise stanza-id
    Minor changes:
    * net.http API: Add request:cancel() method
    * net.http API: Fix traceback on invalid URL passed to request()
    * MUC: Persist affiliation_data in new MUC format
    * mod_websocket: Fire event on session creation (thanks Aaron van Meerten)
    * MUC: Always include ‘affiliation’/‘role’ attributes, defaulting to ‘none’ if nil
    * mod_tls: Log when certificates are (re)loaded
    * mod_vcard4: Report correct error condition (fixes #1521: mod_vcard4 reports wrong error)
    * net.http: Re-expose destroy_request() function (fixes unintentional API breakage)
    * net.http.server: Strip port from Host header in IPv6 friendly way (fix #1302)
    * util.prosodyctl: Tell prosody do daemonize via command line flag (fixes #1514)
    * SASL: Apply saslprep where necessary, fixes #1560: Login fails if password contains special chars
    * net.http.server: Fix reporting of missing Host header
    * util.datamanager API: Fix iterating over “users” (thanks marc0s)
    * net.resolvers.basic: Default conn_type to ‘tcp’ consistently if unspecified (thanks marc0s)
    * mod_storage_sql: Fix check for deletion limits (fixes #1494)
    * mod_admin_telnet: Handle unavailable cipher info (fixes #1510: mod_admin_telnet backtrace)
    * Log warning when using prosodyctl start/stop/restart
    * core.certmanager: Look for privkey.pem to go with fullchain.pem (fixes #1526)
    * mod_storage_sql: Add index covering sort_id to improve performance (fixes #1505)
    * mod_mam,mod_muc_mam: Allow other work to be performed during archive cleanup (fixes #1504)
    * mod_muc_mam: Don’t strip MUC tags, fix #1567: MUC tags stripped by mod_muc_mam
    * mod_pubsub, mod_pep: Ensure correct number of children of (fixes #1496)
    * mod_register_ibr: Add FORM_TYPE as required by XEP-0077 (fixes #1511)
    * mod_muc_mam: Fix traceback saving message from non-occupant (fixes #1497)
    * util.startup: Remove duplicated initialization of logging (fix #1527: startup: Logging initialized twice)
* Thu Mar 26 2020 Michael Vetter <>
  - Update to 0.11.5:
    Fixes and improvements:
    * prosody / mod_posix: Support for command-line flags to
      override ‘daemonize’ config option
    Minor changes:
    * mod_websocket: Clear mask bit when reflecting ping frames
      (fixes #1484: Websocket masks pong answer)
* Mon Jan 20 2020 Michael Vetter <>
  - Update to 0.11.4:
    Fixes and improvements:
    * core.rostermanager: Improve performance by caching rosters of offline #1233
    * mod_pep: Handling subscriptions more efficiently #1372
    Minor changes:
    * util.interpolation: Support unescaped variables with more modifiers #1452
    * MUC: Mark source of historic messages correctly #1416
    * mod_auth_internal_hashed: Pass on errors #1477
    * mod_mam, mod_muc_mam: Improve logging of failures #1478, #1480, #1481
    * mod_muc, mod_muc_mam: Reschedule message expiry in case of failure
    * mod_mam: Add flag to session when it performs a MAM query
    * prosodyctl check: Warn about conflict between mod_pep and mod_pep_simple
    * prosodyctl check: Warn about conflict between mod_vcard and mod_vcard_legacy #1469
    * core.modulemanager: Disable mod_vcard if mod_vcard_legacy is enabled to prevent conflict #1469
    * MUC: Strip tags with MUC-related namespaces from private messages #1427
    * MUC: Don’t advertise registration feature on host #1451
    * mod_vcard_legacy: Fix handling of empty photo elements #1432
    * mod_vcard_legacy: Advertise lack of avatar correctly #1431
    * prosodyctl: Handle if the setting proxy65_address has the wrong type
    * prosodyctl: Print a blank line to improve spacing and readability
    * MUC: Fix role loss in Nickname change #1466
    * util.pposix: Fix reporting of memory usage in 2-4GB range #1445
    * util.startup: Fix a regression concerning directory paths #1430
    * mod_websocket: Don’t mask WebSocket pong answers #1484
    * net.resolvers: Apply IDNA conversion to ascii for DNS lookups (affects only HTTP queries) #1426
    * net.resolvers.basic: Fix resolution of IPv6 literals (in brackets) #1459
* Mon Oct 07 2019
  - Update to 0.11.3:
    * MUC: Advertise XEP-0410 support
    * mod_muc_mam: Import cleanup mechanism from mod_mam (fixes #672: mod_muc_mam: Archive expiry)
    * mod_bosh: Handle missing wait attribute (fixes #1288: BOSH: Traceback on missing ‘wait’ attribute)
    * mod_storage_sql: Handle SQLite DELETE with LIMIT being optional (fixes #1359: Sqlite3 archive_store:delete error in prepared statement)
    * mod_c2s: Fixed #1313: attempt to call a field ‘data’ (a nil value))
    * net.server_epoll: Restore wantread flag after pause (fixes #1354: server_epoll: Race in chunked reads)
    * util.encodings: Allow unassigned code points in ICU mode to match libidn behavior (fixes #1348: Different treatment of unassigned code points between libidn and ICU )
    * util.ip: Add missing netmask for 192.168⁄16 range (fixes #1343)
    * util.hashes: Use HMAC function provided by OpenSSL (fixes #1345: util.hashes: HMAC-SHA-512 implementation broken)
    * net.dns: Close resolv.conf handle when done (fixes #1342)
    * mod_websocket: Clone stanza before mutating (fixes #1398: mod_websocket leaks explicit xmlns attr)
    * mod_announce: Check for admin on current virtualhost instead of global (fixes #1365: “host admins” should be able to use mod_announce as well as “global admins”) (thanks yc)
    * mod_blocklist: Trigger resend of presence when unblocking a contact (fixes #1380: Prosody does not send presence when unblocking (XEP-0191))
    * mod_vcard_legacy: Multiple improvements (fixes #1289: mod_vcard_legacy upgrade experience):
    - mod_vcard_legacy: Don’t overwrite existing PEP data
    - mod_vcard_legacy: Handle partial migration
    - mod_vcard_legacy: Allow disabling vcard conversion
    - mod_vcard_legacy: Adapt node defaults to number of avatars
    * mod_muc_mam: Strip the stanza ‘to’ attribute (fixes #1259: [muc_mam] forwarded stanza has a “to” attribute while spec says it MUST NOT)
    * util.pubsub: Validate node configuration on node creation (fixes #1328: Pubsub: Node configuration not validated on node creation)
    * mod_pep/mod_pubsub: Simplify configuration for storage of node data (fixes #1320)
    * MUC: Fix delay@from to be room JID (fixes #1416: MUC: Wrong delay@from on historic messages)
    * mod_mam/mod_muc_mam: Cache last date that archive owner has messages to reduce writes (fixes #1368: Archive cleanup doubles number of storage access)
    * mod_mam: Perform message expiry based on building an index by date (backport of 39ee70fbb009 from trunk)
  - For details see:
  - Remove prosody-0.11-upstream-fixes.patch
* Tue Jul 16 2019
  - bsc#1141599: Add upstream fixes on 0.11 branch since 0.11.2
    * Add prosody-0.11-upstream-fixes.patch: Up to 9712:7a36b7ac309b
* Fri Apr 26 2019
  - bsc#1130588: Require shadow instead of old pwdutils
* Thu Jan 10 2019
  - Update to 0.11.2:
    * mod_csi_simple: Multiple enhancements to built-in ‘importance’ rules (fixes #1250)
    * mod_vcard_legacy: Limit injection of XEP-0153 to normal presence (fixes #1252)
    * util.datetime: Make sure timezone difference is calculated correctly (fixes #1262)
    * MUC: Fix traceback when requesting voice (fixes #1269) (thanks jonas’)
    * MUC: Adjust priorities of muc-get-default-role handlers (fixes #1272)
    * MUC: Allow changing data attached to an only owner (fixes #1273)
    * Multiple fixes and improvements to our experimental epoll (non-libevent) backend
    * util.stanza: Deserialize stanza without mutating input (fixes #711)
    * mod_mam: Only accept valid JIDs in and prefs. (fixes #1275)
    * util.pubsub: Restore subscription index from stored data (fixes #1281)
    * prosodyctl check: Add statisticsmanager settings to known global options
    * util.startup: Always reload logging after config (fixes #1284)
    * mod_posix: Don’t reload log files twice
  - Run spec-cleaner



Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Feb 3 00:14:55 2023