0.6.2 Release Notes

This release is a bugfix release for the 0.6 stable branch.

Severe

  • Disable SSLv2 by default
  • Fix cases in XML handling which could emit invalid XML to clients
  • Multiple signals in quick succession could send the server into a loop

Important

  • Fix case where data sent immediately before a socket close could be lost
  • Make [c2s|s2s]_require_encryption enforce encryption in all cases
  • More robust detection of already-running Prosody instances
  • Fix small memory leak in HTTP and BOSH
  • Ensure the correct namespace is always set on s2s stanzas (for M-Link compatibility)
  • Fix the algorithm for selecting a SRV target from DNS

Compliance

  • Multiple compatibility fixes for presence subscription logic
  • Remove subscriptions to/from contacts on account deletion
  • Make sure to stamp a 'to' on outgoing stream headers in all cases
  • Restrict topic-changing to moderators in MUC rooms
  • Don't allow visitors (no voice) to send messages in MUC rooms
  • Fixes for PEP to make it work with Pidgin's avatar storage
  • Disallow registration of empty usernames
  • Better handling of presence requests for server hosts
  • Correctly send nicks instead of JIDs in MUC role configuration
  • Put the correct namespace on <text> in error stanzas
  • Fix handling of CNAME DNS records written in uppercase
  • Reflect the user's own presence back to them
  • Allow non-stanzas between auth and resource binding (for Pandion's compression)
  • Allow any admin or moderator to kick occupants from MUC rooms

Minor

  • Improve generation of MIME types from the HTTP server
  • Add message to error stanzas describing why an s2s connection failed
  • Allow prosodyctl to still work when stty is not available (OpenWRT)
  • Ensure that math.randomseed() is always passed an integer (OpenWRT)
  • Compatibility with LuaRocks 2.x
  • Improve performance by not forcing garbage collection in many cases
  • Allow s2s TLS to be disabled with s2s_allow_encryption = false
  • Handle gracefully the inability to create new connections (open file limit)