prosody-debugsource-0.11.9-lp152.2.3.1 4>$  Ap`C̸/=„:aVxdxȩM63wsSݴDpW3k8 W{m?A{ZPx,R`!Xb}/ĸqUi=gjI ޽`i"i."C-p557cKE ,|A'xtU!HKM%|Okluڽ-ݭS.ڒ g"[fB7(ǥNALD7 n>_NK)7C@+b748433be04f45312c71f7d981b19c3095fc446fcb91adb66ab8626f4c724f3f928a9bd6767acb1efff0ec6d0a1f805a8384cb37`C̸/=„Rg#_\ɮD]er:ژ$F9W+ok3VAQwBwuRx!bO L!l]atNPIZjOp+ȓt Z>%+?A/F'Xî/# /\Gh,}?Ov5\^BԀp)!;)yz{m< u;8G*liz$Db}lR7`L{,w`*ѽݸ R\f}gB0;RG4 >p;s0?s d ) K  9K^dl             Y  $4(8(9\(: (FoGo, Ho` Io XoYo\o ]p ^pbqcqdrNerSfrVlrXurl vrzrrrrsCprosody-debugsource0.11.9lp152.2.3.1Debug sources for package prosodyThis package provides debug sources for package prosody. Debug sources are useful when developing applications that use this package or when debugging this package.`Clamb074openSUSE Leap 15.2openSUSEMIThttp://bugs.opensuse.orgDevelopment/Debughttp://prosody.im/linuxx86_640^%#@"wAA큤`C`C```````````4afc8b9d84b12a13c08712baa501a154816f91bea6b3aa3f9f3cd2b849e20fb9122b6794738ee31b8867285dc9d7ad3180727ec640af99314f5b8f8c33371b9ec2a8eb65eb04a485b52e708f990ed593a7f7fa56330e14aeb7eb4b41487596029553008b91d106d76c1d378c0872c147e627373e6234ee42dc21a2cc060a269c577258577b9b428f8b7838e6792d7a08981f0929fa0d2e87e65f1e3600c7ca9b9b61cdcaf159b283ebec01b1ea16f600c671cb99db4899fb747db9131cf7b17773c837eaa84e7b86c356ec73b8b4ecb85ac6492041e6d721336275368d08ac525fcb457fa7a51341cdbfa2847885abbc23401181e37b236128bb6ef031179461cbd40db6f7d4a1d858a411aba5e376ea3f0dceaed85cfc6019bbc1bd272d12a38893bdceacd958e2d722fe04c39970872180903abc9e2d8f5c2921b7984751d539124d9363428046f48ba43558c10960b244f32f5e248d5c7fa32d059821e575rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootprosody-0.11.9-lp152.2.3.1.src.rpmprosody-debugsourceprosody-debugsource(x86-64)    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1``+_w@_[f^|@^%@](]-@\\73[[@[Z@Z3@Z+@Y{YY)@Y@Yu@Yp@Yp@Yh@YdXv@Xv@Xx@W@Wڍ@Wc@WBWBW>@WX@VwVwUD@U#TD@Carsten Ziepke Michael Vetter Michael Vetter Michael Vetter Michael Vetter Michael Vetter mvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.comecsos@opensuse.orgmvetter@suse.combenedikt@g5r.eumvetter@suse.commvetter@suse.comsleep_walker@opensuse.orgmvetter@suse.commvetter@suse.combenedikt@g5r.eumvetter@suse.comjengelh@inai.detchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comMathias.Homann@opensuse.orgmvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.comnekolayer@yandex.rug.bluehut@gmail.comi@marguerite.su- Update to 0.11.9: Security: * mod_limits, prosody.cfg.lua: Enable rate limits by default * certmanager: Disable renegotiation by default * mod_proxy65: Restrict access to local c2s connections by default * util.startup: Set more aggressive defaults for GC * mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default stanza size limits * mod_authinternal{plain,hashed}: Use constant-time string comparison for secrets * mod_dialback: Remove dialback-without-dialback feature * mod_dialback: Use constant-time comparison with hmac Minor changes * util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp) * mod_c2s: Don’t throw errors in async code when connections are gone * mod_c2s: Fix traceback in session close when conn is nil * core.certmanager: Improve detection of LuaSec/OpenSSL capabilities * mod_saslauth: Use a defined SASL error * MUC: Add support for advertising muc#roomconfig_allowinvites in room disco#info * mod_saslauth: Don’t throw errors in async code when connections are gone * mod_pep: Advertise base pubsub feature (fixes #1632: mod_pep missing pubsub feature in disco) * prosodyctl check config: Add ‘gc’ to list of global options * prosodyctl about: Report libexpat version if known * util.xmppstream: Add API to dynamically configure the stanza size limit for a stream * util.set: Add is_set() to test if an object is a set * mod_http: Skip IP resolution in non-proxied case * mod_c2s: Log about missing conn on async state changes * util.xmppstream: Reduce internal default xmppstream limit to 1MB - Relevant: https://prosody.im/security/advisory_20210512 * boo#1186027: Prosody XMPP server advisory 2021-05-12 * CVE-2021-32919 * CVE-2021-32917 * CVE-2021-32917 * CVE-2021-32920 * CVE-2021-32918- Update to 0.11.8: Security: * mod_saslauth: Disable ‘tls-unique’ channel binding with TLS 1.3 (#1542) Fixes and improvements: * net.websocket.frames: Improve websocket masking performance by using the new util.strbitop * util.strbitop: Library for efficient bitwise operations on strings Minor changes: * MUC: Correctly advertise whether the subject can be changed (#1155) * MUC: Preserve disco ‘node’ attribute (or lack thereof) in responses (#1595) * MUC: Fix logic bug causing unnecessary presence to be sent (#1615) * mod_bosh: Fix error if client tries to connect to component (#425) * mod_bosh: Pick out the ‘wait’ before checking it instead of earlier * mod_pep: Advertise base PubSub feature (#1632) * mod_pubsub: Fix notification stanza type setting (#1605) * mod_s2s: Prevent keepalives before client has established a stream * net.adns: Fix bug that sent empty DNS packets (#1619) * net.http.server: Don’t send Content-Length on 1xx/204 responses (#1596) * net.websocket.frames: Fix length calculation bug (#1598) * util.dbuffer: Make length API in line with Lua strings * util.dbuffer: Optimize substring operations * util.debug: Fix locals being reported under wrong stack frame in some cases * util.dependencies: Fix check for Lua bitwise operations library (#1594) * util.interpolation: Fix combination of filters and fallback values #1623 * util.promise: Preserve tracebacks * util.stanza: Reject ASCII control characters (#1606) * timers: Ensure timers can’t block other processing (#1620)- Update to 0.11.7: Security: * mod_websocket: Enforce size limits on received frames (fixes #1593) Fixes and improvements: * mod_c2s, mod_s2s: Make stanza size limits configurable * Add configuration options to control Lua garbage collection parameters * net.http: Backport SNI support for outgoing HTTP requests (#409) * mod_websocket: Process all data in the buffer on close frame and connection errors (fixes #1474, #1234) * util.indexedbheap: Fix heap data structure corruption, causing some timers to fail after a reschedule (fixes #1572)- Update to 0.11.6: Fixes and improvements: * mod_storage_internal: Fix error in time limited queries on items without ‘when’ field, fixes #1557 * mod_carbons: Fix handling of incoming MUC PMs #1540 * mod_csi_simple: Consider XEP-0353: Jingle Message Initiation important * mod_http_files: Avoid using inode in etag, fixes #1498: Fail to download file on FreeBSD * mod_admin_telnet: Create a DNS resolver per console session (fixes #1492: Telnet console DNS commands reduced usefulness) * core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixes #1513) * mod_s2s: Escape invalid XML in loggin (same way as mod_c2s) (fixes #1574: Invalid XML input on s2s connection is logged unescaped) * mod_muc: Allow control over the server-admins-are-room-owners feature (see #1174) * mod_muc_mam: Remove spoofed archive IDs before archiving (fixes #1552: MUC MAM may strip its own archive id) * mod_muc_mam: Fix stanza id filter event name, fixes #1546: mod_muc_mam does not strip spoofed stanza ids * mod_muc_mam: Fix missing advertising of XEP-0359, fixes #1547: mod_muc_mam does not advertise stanza-id Minor changes: * net.http API: Add request:cancel() method * net.http API: Fix traceback on invalid URL passed to request() * MUC: Persist affiliation_data in new MUC format * mod_websocket: Fire event on session creation (thanks Aaron van Meerten) * MUC: Always include ‘affiliation’/‘role’ attributes, defaulting to ‘none’ if nil * mod_tls: Log when certificates are (re)loaded * mod_vcard4: Report correct error condition (fixes #1521: mod_vcard4 reports wrong error) * net.http: Re-expose destroy_request() function (fixes unintentional API breakage) * net.http.server: Strip port from Host header in IPv6 friendly way (fix #1302) * util.prosodyctl: Tell prosody do daemonize via command line flag (fixes #1514) * SASL: Apply saslprep where necessary, fixes #1560: Login fails if password contains special chars * net.http.server: Fix reporting of missing Host header * util.datamanager API: Fix iterating over “users” (thanks marc0s) * net.resolvers.basic: Default conn_type to ‘tcp’ consistently if unspecified (thanks marc0s) * mod_storage_sql: Fix check for deletion limits (fixes #1494) * mod_admin_telnet: Handle unavailable cipher info (fixes #1510: mod_admin_telnet backtrace) * Log warning when using prosodyctl start/stop/restart * core.certmanager: Look for privkey.pem to go with fullchain.pem (fixes #1526) * mod_storage_sql: Add index covering sort_id to improve performance (fixes #1505) * mod_mam,mod_muc_mam: Allow other work to be performed during archive cleanup (fixes #1504) * mod_muc_mam: Don’t strip MUC tags, fix #1567: MUC tags stripped by mod_muc_mam * mod_pubsub, mod_pep: Ensure correct number of children of (fixes #1496) * mod_register_ibr: Add FORM_TYPE as required by XEP-0077 (fixes #1511) * mod_muc_mam: Fix traceback saving message from non-occupant (fixes #1497) * util.startup: Remove duplicated initialization of logging (fix #1527: startup: Logging initialized twice)- Update to 0.11.5: Fixes and improvements: * prosody / mod_posix: Support for command-line flags to override ‘daemonize’ config option Minor changes: * mod_websocket: Clear mask bit when reflecting ping frames (fixes #1484: Websocket masks pong answer)- Update to 0.11.4: Fixes and improvements: * core.rostermanager: Improve performance by caching rosters of offline #1233 * mod_pep: Handling subscriptions more efficiently #1372 Minor changes: * util.interpolation: Support unescaped variables with more modifiers #1452 * MUC: Mark source of historic messages correctly #1416 * mod_auth_internal_hashed: Pass on errors #1477 * mod_mam, mod_muc_mam: Improve logging of failures #1478, #1480, #1481 * mod_muc, mod_muc_mam: Reschedule message expiry in case of failure * mod_mam: Add flag to session when it performs a MAM query * prosodyctl check: Warn about conflict between mod_pep and mod_pep_simple * prosodyctl check: Warn about conflict between mod_vcard and mod_vcard_legacy #1469 * core.modulemanager: Disable mod_vcard if mod_vcard_legacy is enabled to prevent conflict #1469 * MUC: Strip tags with MUC-related namespaces from private messages #1427 * MUC: Don’t advertise registration feature on host #1451 * mod_vcard_legacy: Fix handling of empty photo elements #1432 * mod_vcard_legacy: Advertise lack of avatar correctly #1431 * prosodyctl: Handle if the setting proxy65_address has the wrong type * prosodyctl: Print a blank line to improve spacing and readability * MUC: Fix role loss in Nickname change #1466 * util.pposix: Fix reporting of memory usage in 2-4GB range #1445 * util.startup: Fix a regression concerning directory paths #1430 * mod_websocket: Don’t mask WebSocket pong answers #1484 * net.resolvers: Apply IDNA conversion to ascii for DNS lookups (affects only HTTP queries) #1426 * net.resolvers.basic: Fix resolution of IPv6 literals (in brackets) #1459- Update to 0.11.3: * MUC: Advertise XEP-0410 support * mod_muc_mam: Import cleanup mechanism from mod_mam (fixes #672: mod_muc_mam: Archive expiry) * mod_bosh: Handle missing wait attribute (fixes #1288: BOSH: Traceback on missing ‘wait’ attribute) * mod_storage_sql: Handle SQLite DELETE with LIMIT being optional (fixes #1359: Sqlite3 archive_store:delete error in prepared statement) * mod_c2s: Fixed #1313: attempt to call a field ‘data’ (a nil value)) * net.server_epoll: Restore wantread flag after pause (fixes #1354: server_epoll: Race in chunked reads) * util.encodings: Allow unassigned code points in ICU mode to match libidn behavior (fixes #1348: Different treatment of unassigned code points between libidn and ICU ) * util.ip: Add missing netmask for 192.168⁄16 range (fixes #1343) * util.hashes: Use HMAC function provided by OpenSSL (fixes #1345: util.hashes: HMAC-SHA-512 implementation broken) * net.dns: Close resolv.conf handle when done (fixes #1342) * mod_websocket: Clone stanza before mutating (fixes #1398: mod_websocket leaks explicit xmlns attr) * mod_announce: Check for admin on current virtualhost instead of global (fixes #1365: “host admins” should be able to use mod_announce as well as “global admins”) (thanks yc) * mod_blocklist: Trigger resend of presence when unblocking a contact (fixes #1380: Prosody does not send presence when unblocking (XEP-0191)) * mod_vcard_legacy: Multiple improvements (fixes #1289: mod_vcard_legacy upgrade experience): - mod_vcard_legacy: Don’t overwrite existing PEP data - mod_vcard_legacy: Handle partial migration - mod_vcard_legacy: Allow disabling vcard conversion - mod_vcard_legacy: Adapt node defaults to number of avatars * mod_muc_mam: Strip the stanza ‘to’ attribute (fixes #1259: [muc_mam] forwarded stanza has a “to” attribute while spec says it MUST NOT) * util.pubsub: Validate node configuration on node creation (fixes #1328: Pubsub: Node configuration not validated on node creation) * mod_pep/mod_pubsub: Simplify configuration for storage of node data (fixes #1320) * MUC: Fix delay@from to be room JID (fixes #1416: MUC: Wrong delay@from on historic messages) * mod_mam/mod_muc_mam: Cache last date that archive owner has messages to reduce writes (fixes #1368: Archive cleanup doubles number of storage access) * mod_mam: Perform message expiry based on building an index by date (backport of 39ee70fbb009 from trunk) - For details see: https://blog.prosody.im/prosody-0.11.3-released/ - Remove prosody-0.11-upstream-fixes.patch- bsc#1141599: Add upstream fixes on 0.11 branch since 0.11.2 * Add prosody-0.11-upstream-fixes.patch: Up to 9712:7a36b7ac309b- bsc#1130588: Require shadow instead of old pwdutils- Update to 0.11.2: * mod_csi_simple: Multiple enhancements to built-in ‘importance’ rules (fixes #1250) * mod_vcard_legacy: Limit injection of XEP-0153 to normal presence (fixes #1252) * util.datetime: Make sure timezone difference is calculated correctly (fixes #1262) * MUC: Fix traceback when requesting voice (fixes #1269) (thanks jonas’) * MUC: Adjust priorities of muc-get-default-role handlers (fixes #1272) * MUC: Allow changing data attached to an only owner (fixes #1273) * Multiple fixes and improvements to our experimental epoll (non-libevent) backend * util.stanza: Deserialize stanza without mutating input (fixes #711) * mod_mam: Only accept valid JIDs in and prefs. (fixes #1275) * util.pubsub: Restore subscription index from stored data (fixes #1281) * prosodyctl check: Add statisticsmanager settings to known global options * util.startup: Always reload logging after config (fixes #1284) * mod_posix: Don’t reload log files twice - Run spec-cleaner- Update to 0.11.1: * Fixes and improvements - mod_csi_simple: Don’t set stamps on stanzas (fixes #1248) - mod_csi_simple: Bypass importance event in active mode (fixes #1249) * Minor changes - mod_csi_simple: Use the same event name when firing as when hooking (fixes #1245) - mod_csi: Set session.state to simplify CSI modules - MUC: Fix traceback on muc#admin query with missing child (#1242) - Fix build error for Leap 42.3- Update to 0.11.0: * Rewritten more extensible MUC module + Store inactive rooms to disk + Store rooms to disk on shutdown + Voice requests + Tombstones in place of destroyed rooms * PubSub features + Persistence + Affiliations + Access models + "publish-options" * PEP now uses our pubsub code and now shares the above features * Asynchronous operations * Busted for tests * mod\_muc\_mam (XEP-0313 in groupchats) * mod\_vcard\_legacy (XEP-0398) * mod\_vcard4 (XEP-0292) * mod\_csi, mod\_csi\_simple (XEP-0352) * New experimental network backend "epoll" - For more details see: * https://blog.prosody.im/prosody-0-11-0-released/ * https://prosody.im/doc/release/0.11.0#upgrade_notes - Remove prosody-makefile.patch: configure supports --libdir now - Update prosody-configure.patch: no libdir manipulation required - Update prosody-cfg.patch: refresh and remove posix part. It's enabled by default.- Update to 0.10.2: Security: * mod_c2s: Do not allow the stream ‘to’ to change across stream restarts (fixes #1147) Minor changes: * mod_websocket: Store the request object on the session for use by other modules (fixes #1153) * mod_c2s: Avoid concatenating potential nil value (fixes #753) * core.certmanager: Allow all non-whitespace in service name (fixes #1019) * mod_disco: Skip code specific to disco on user accounts (avoids invoking usermanager, fixes #1150) * mod_bosh: Store the normalized hostname on session (fixes #1151) * MUC: Fix error logged when no persistent rooms present (fixes #1154) - change /usr/bin/env lua5.1 to /usr/bin/lua5.1 to fix the env-script-interpreter rpmlint error- Update to 0.10.1: Security: * SQL: Ensure user archives are purged when a user account is deleted (fixes #1009[1]) Fixes and improvements: * Core: More robust signal handling (fixes #1047[2], #1029[3]) * MUC: Ensure that elements which match our from are stripped (fixes #1055[4]) * MUC: More robust handling of storage failures (fixes #1091[5], #1091[5]) * mod_mam: Ensure a user's archiving preferences apply even when they are offline (fixes #1024[6]) * Compatibility improvements with LuaSec 0.7, improving curve support * mod_stanza_debug: New module that logs full stanzas sent and received for debugging purposes * mod_mam: Implement option to enable MAM implicitly when client support is detected (#867[7]) * mod_mam: Add an option for whether to include 'total' counts by default in queries (for performance) * MUC: send muc#stanza_id feature as per XEP-0045 v1.31 (fixes #1097[8]) Minor changes: * SQL: Suppress error log if a transaction failed but was retried ok * core.stanza_router: Verify that xmlns exists for firing stanza/iq/xmlns/name events (fixes #1022[9]) (thanks SamWhited) * mod_carbons: Synthesize a 'to' attribute for carbons of stanzas to "self" (fixes #956[10]) * Core: Re-enable timestamps by default when logging to files (fixes #1004[11]) * HTTP: Report HTML Content-Type on error pages (fixes #1030[12]) * mod_c2s: Set a default value for c2s_timeout (fixes #1036[13]) * prosodyctl: Fix traceback with lfs < 1.6.2 and show warning * Fix incorrect '::' compression of a single 0-group which broke some IPv6 address matching * mod_dialback: Copy function from mod_s2s instead of depending on it, which made it harder to disable s2s (fixes #1050[14]) * mod_storage_sql: Add an index to SQL archive stores to improve performance of some queries * MUC: Don't attempt to reply to errors with more errors (fixes #1122[15]) * Module API: Fix parameter order to http client callbacks * mod_blocklist: Allow mod_presence to handle subscription stanzas before bouncing outgoing presence (fixes #575[16]) * mod_http_files: Fix directory listing cache entries not expiring (fixes #1130[17])- Add pid file location to default config Seems this got lost with the update to 0.10.0 - enable mod_posix- add lua51-BitOp as dependency for mod_websocket https://prosody.im/doc/packagers#section010- Update to 0.10.0: See https://blog.prosody.im/prosody-0-10-0-released/ for details - Remove because contained in new upstream: * prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch * prosody-backport-555.patch * prosody-local-socket.patch - Update: * prosody-configure.patch * prosody-makefile.patch * prosody-cfg.patch- Update prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch: * mod_c2s: Iterate over child tags instead of child nodes in stream error (fixes traceback from #987) * mod_component, mod_s2s: Iterate over child tags instead of child nodes (can include text) in stream error (same as 176b7f4e4ac9)- Add prosody-backport-555.patch to backport the fix of issue #555: * net.dns: Use new IPv4-specific socket factory if available (fixes dns on libevent with latest development version of luasocket)- Add prosody-upstream-0.9-branch-fixes-since-0.12-tag.patch to get the following bugfixes: * core.rostermanager: Add method for checking if the user is subscribed to a contact * mod_presence: Send probe once subscribed (fixes #794) * mod_net_multiplex: Enable SSL on the SSL port (fixes #803) * mod_register: Require encryption before registration if c2s_require_encryption is set (fixes #595) * mod_saslauth: Log SASL failure reason * mod_disco: Correctly set the 'node' attr (fixes #449) * mod_bosh: Update session.conn to point to the current connection (fixes #890) * net.dns: Simplify expiry calculation (fixes #919) * mod_watchregistrations: Return the pointer to the root of the stanza, fixes #922. * mod_disco: Add an account/registered identity on subscribed accounts, fixes #826. * mod_welcome: Return the pointer to the root of the stanza, fixes a bug similar to #922. * net.dns: Prevent answers from immediately expiring even if TTL=0 (see #919) * mod_saslauth: Use correct varible name (thanks Roi) * util.dependencies: Add compatibility code for LuaSocket no longer exporting as a global * util.dependencies: Add comment about LuaSec compat- Replace filler wording in description with content.- Add patch to fix crash "attempt to index global 'socket'": * prosody-local-socket.patch- Drop the systemd conditional as all systems have systemd now for our purposes. - Switch back to lua5.1 as 0.9 prosody works only with that- Build against lua5.3 instead of lua5.1- Fix build with namespaced lua- added patch: prosody-lua51coexist.patch * makes prosody work on systems that have lua 5.1 and lua 5.2 installed.- Update to 0.9.12: * Dependencies: Fix certificate verification failures when using LuaSec 0.6 (fixes #781) * mod_s2s: Lower log message to 'warn' level, standard for remotely-triggered protocol issues * certs/Makefile: Remove -c flag from chmod call (a GNU extension) * Networking: Prevent writes after a handler is closed (fixes #783)- Update to 0.9.11: * HTTP parser: Improve buffering of incoming HTTP data and add size limits (#603) * Sessionmanager: Fix for an issue which caused people to be kicked from conferences if mod_smacks was enabled (#648) * Dependencies: Workaround for compatibility with LuaSec 0.6 (#749) * MUC: Accept missing form as "instant room" request (#377) * C2S: Fix issues with destroying disconnected connections (#590), (#641) * mod_privacy: Fix selection of the top resource(s) #694 * mod_presence: Make sure both users get each others presence after adding each other (#673) * mod_http_files: Fix traceback when serving a non-wildcard path (#611) * mod_http_files: Preserve a trailing slash in paths (#639) * util.datamanager: Fix error handling (#632) * net.server_event: Fix internal socket API to allow writing from socket.ondrain callback (#661) * net.server_event: Fix timeout (commit 1909bde0e79f) * net.server_event: Fix traceback due to write during TLS handshake (commit c774622ad9db) * net.server_event: Fix buffer length check (commit 206f9b0485ad) - Remove prosody-upstream-0.9-branch-fixes.patch: included in update- Change license to MIT- Add prosody-upstream-0.9-branch-fixes.patch: Upstream pushes all fixes for a certain release to its own branch. See: https://prosody.im/files/branches_explained.png After some time, mostly when a security bug is found, they do a new minor release. The fixes however are often needed to make prosody run smoothly with its community modules. Thus I monitor them and add the patch set. It's only fixes no new features.- Remove prosody-rpmlintrc: Not needed since last cleanup- Add: * prosody-0.9.10.tar.gz.asc * prosody.keyring containing Matthew and Zashs keys - Enable source verification- Move rcprosody into systemd section until we have proper sysvinit support- Pass optflags to configure - Install service file and create directories if needed in one run - Dont strip debug symbols - Dont need to verify permissions since we set them - Create systemd tempfile properly - Install config files with file glob - Remove sysvinit stuff - Cleanup systemd conditionals- Use less rights- Update to 0.9.10 Security: * mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756) Fixes and improvements: * Startup: Open /dev/urandom read-only, to fix a failure to start on some systems * Networking: Improve handling of the 'select' network backend running out of file descriptors Minor changes: * Networking: Increase default internal read size to prevent connections stalling with LuaEvent * DNS: Discard queries that failed to send due to connection errors * c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users- Update to 0.9.9 Security fixes: * Fix path traversal vulnerability in mod_http_files (CVE-2016-1231) * Fix use of weak PRNG in generation of dialback secrets (CVE-2016-1232) Bugs: * Improve handling of CNAME records in DNS * Fix traceback when deleting a user in some configurations (issue #496) * MUC: restrict_room_creation could prevent users from joining rooms (issue #458) * MUC: fix occasional dropping of iq stanzas sent privately between occupants * Fix a potential memory leak in mod_pep Additions: * Add http:list() command to telnet to view active HTTP services * IPv4/v6 address selection code for outgoing s2s * Add support for importing SCRAM hashes from ejabberd- fix broken prosody-makefile.patch for correct lib path [bnc#926932]- Clean up spec file - Update to 0.9.8 * Ensure only valid UTF-8 is passed to libidn * Fix traceback caused when DNS server IP is unroutable * HTTP client: More robust handling of chunked encoding across packet boundaries * Stanza router: Fix handling of 'error' 's with multiple children * c2s: Fix error reply when clients try to bind multiple resources on the same stream * s2s: Ensure to/from attributes are always present on stream headers, even if empty * Build scripts: Add –libdir option to ./configure to simplify building on some platforms * Fix traceback in datamanager when used outside of Prosody * mod_admin_telnet: Fix potential traceback in server:memory() command * util.stanza: Don't XML-escape whitespace * prosodyctl: Fix traceback in 'about' command with LuaRocks 2.2.0- update version 0.9.6 * certmanager, net.http: Disable SSLv3 by default * net.http.parser: Support status code 101 and allow handling of the received data by plugins * util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded) * mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error * Networking API: Add 'ondetach' callback for listener objects, to prevent leaks when connections have their listener changed * core.stanza_router: Stricter validation of stanzas * mod_admin_adhoc: Mark 'accountjids' field as required in 'end user sessions' command * mod_admin_adhoc: Add required to field in user deletion form too * net.dns: Avoid duplicate cache entries * util.stanza: Escape newlines and tabs (\r\n\t) when serializing stanzas. * util/dataforms: Make sure we iterate over field tags only * mod_s2s: Capitalize log message * mod_pubsub: Fix error type of 'forbidden' (change from 'cancel' to 'auth')lamb07 1620984771 0.11.9-lp152.2.3.10.11.9-lp152.2.3.1prosody-0.11.9-lp152.2.3.1.x86_64util-srccompat.cencodings.chashes.cnet.cpoll.cpposix.cringbuffer.csignal.cstrbitop.ctable.ctime.c/usr/src/debug//usr/src/debug/prosody-0.11.9-lp152.2.3.1.x86_64//usr/src/debug/prosody-0.11.9-lp152.2.3.1.x86_64/util-src/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:16284/openSUSE_Leap_15.2_Update/a26dcfed5a4140737d5ac51383f92b30-prosody.openSUSE_Leap_15.2_Updatecpioxz5x86_64-suse-linuxdirectoryC source, ASCII text%H bqVutf-8f40c612e22628fcfa17009515486a59ba4f7509d903971e65d5de7882b9a3412?P7zXZ !t/ <] crt:bLL ☖dyAǨYEH9sHL7xlďTgQg[P!yw{Vdۖ.@v!w5㻂ShEU=1x3;?N+tPB 5;W8 `{Ee#XՇrl.-7p?OYӆ>80-߼8yhPFs "נX䔩TNWE#Cp" QƟPK;1_쳳'xd^/XAƅzDV4;~:f,8ƫW}U݀Z`arn# Ws\󖂶Ѹ8$)z<L=ebf~?-wb:c2sA7DbٵBrަِ";OhRT=eKbK?=ٯjMYZ^c՞hL6(3]软ዯ p:УjqƓ)D`Ew<íf2d$(Dv:!&u*"^bDvl xKI׀\J 6h-7|twS+M! 9+Ttu:Ҕ vj4.<}mSU@'o5Im8nAvGUr`kEE/tVHQ*A)IIAv1oK!K<Xs6qjWztLgiP0N4d /ctA.-qp * }Ξ%D[7) 8o(4Q3b`Z1ײko*p;@wP&}ޛ`FUY @C%- 6H)/*OrVsV.Vؿ~\4/ON9/$9{! p:jՐF*lx.>`ż@{\*_+!fè 9)lIY@%; E'aVwEV UZ0AlSr)]93lvݽMX$^x+TݲbpHSC(ksgD1B5@?;%RN&1+zR.x]swf]=r",a4EalcB:hVR )SU?1BHm'AomI{snWV *[$^|ߐeǺ6 ՠ:ƸpelAM.]D(<$\,+F# @b8RK\o\9cZh&fJ1.44yZq;"fVppgs?(⇾QϺr);SŬ(6$=n;@ɥ ~H <1 }=ƊW:d=sRrqL "+ 7Nke|&{A3AK %UېբH{u%,D 3Rd&m?I}jL[Ut&`t̞g[Qq7\jJ4m @]T(LKRǏڝ|o9oǃwBg&ڶ9sd 踄0K% z!n۷,R]ߡ N>_M@?b|dȨ'HEʄ`Rx~]/?#~!-cVV$vfa,N{Y7Q0Z,ۓ9p1ܽ=!" 0{LH_-o3<{B&2Wr',L lAX!&?:eֹPo)6KZO~"c畄'twD-divw҅PmЧϋXcߣƢ*&Ő6oB⻘ωiZDَ={zW' UƠz\nT:P5 '=:ypozE;ZQHv+g-eg',odrS邖!E|_P\ &QFd3;85[>palAN*;m"bDY8 s=x=FdJO"{/4sF|nTW+_Wr n>cgv q>3l'^]km]U0i;A s7$ͮ-vWM+[^^Ocd|&5Y;^խhV>]ڟ H!&en;/U{ vpϞ').~IX EyNsBa$WLtx3SO1蛙9fz^-'^ȵxW\A6! 槏=&K$6GNtD&E2f35޼޷d7]zF%Q@fUmz7Uݩ@F)Y0ٍ& y: 6,|$yu,H!F6x\4Y#Sˡ &Fݣ0[&>fosm]տjgcnmZ-Bz:A9 lq~ yN=Pq> 8t]2Bpު-ѠehjڳCј*}-jX:< m}Yh WAF$BBjϋ;4J*tTeT]}= D$5bxY}O0%%ryJodknC#53ij".UF-N1q˶6mw^w=7 .ak ErׇJ[@n8P#<6++h?x %u/P“*k|E30u8iཱི޽;\5cRbyH)Y3aN(?rYt1Թ(\F|_" vi4lA>9^MW Dy \L=sڹ[d:]j * UrBf)5L>D_ƆloZo,BodaM7=*Z8k 'Ҥa:N @}.JZ)g.Aӹo7>:8%laz1_`XVޘ4hOJ'a :e ܲY3G% tX+A !ft Rɖ=!1I9D+29 .Yy0#bi1y*Hl5Vs(D΋ľΨP?=Ư)uRF,}ӳvoJ 1z ZB\-7b#y_;aTMrNnU| /I,p46 ۑRQ _wlʦccx: 2LK]ce*Mp\WOXԃ͖a:AZ?(.g.DdPI@ H Be_uM`Hܕ]6oOJ H(@tl|,0(*8j3+ѩBfHi PKiן26]9#>&p0o0I/pGǽۜz$j9LVN|F^ ]z} rUJTuY++n}2-W輻 Zm/c~yl!FSމ`NTXQWHᙙy} ̟)P$\H#fHf-4+T7)nq,aZ/v2/9tHt`!Vn=g$h!],kpضAh %LUU97J_kOoRIhKuA{ o>/}2<vTDיp 3r XqD&?M/3#&PL-]6ԇ ,J|8=ZXZ^ZL (qW_ccOoM>ȵw۲&a\]C/X je1̢߷%1Dz`/w(a-LT?ԁ>`O +7Y? -8^X^r$};l4S6K)w6?L ދ3pԛVrzꞏ;fz APXk E.RYV>@.Ta|vrGUs gtu*%Z- ]Ji+չ]I wu0ǤPbHJ~#&1tcJȄZ{j2<=4deѨ\|^O~C*Ydܣn pL JlٳGw3,L;&tvE|N/ˣC20RU"%o򞞐feX.>&ktkWZH䅆>t .F%cݪCiE'$X[.wxnUҨ'/)w!Wa.GTXg8p{\/"wHixJSeU C[-I2X(ؗПL$rT?=c>!!+GO̸ΫLx.S+&D߃8qV@xcZS[x$m=e# eTF=ݧ:Cu5hNI7kt') <W !1>[ࣁVa XZo5W,yeUnLK P!T- \33MB%bx_kJHO,kpz}g6 64HdY6T48eg>)s1o_^=ͪOX7љ]gOA<@ΊF֓`\SYft:!\][`8Ժ94XrR{Z8#Au N&b_ʎvsS4WfU,0 ) YK/2Zl.|Udù/ۋ(ZB= qI ^"f%◃8vtIm^AEe/d XQDxvXy )Gh5qt#EL[xayVۘ_|- ӏN{ E. U%R`}kz#?cC<4mYQvWKMҠ4YC+]{2?v4Qg8[$$J2>Ur1pը:<bQ#*+BjXxY2QgbqЍ %%ٱ<P<ˉFp,g::?vO$G jаꍎv WXZJvdRnKixYλNLOdՎ|1ݿYYuowA^R1e7ͨ!_D?*sEUy£zLY{\/ [/(6lکEFm>obKޑ(Я њe(mB zqYIvNXJ11,)@u_mlZq{V$/ (ySӗrhm y𱵊<'Er_8g#ulGqcAbBЊ6oHLZ,ĪA8t!(UT&x 4(Eit/t@_:oˋ#xx)igvo >4Kld?̻\:3F~?%Pĺݤ@%mP ;hЫB3&Þ4,;M&v $w5KQ_*=3ěKW$uF))p(BVvjen# ws:>h^)Xw~<P` $f"9sPlȭlqv\y_^8/<5Z@iDp`TYJxR0@Frj/nl!YoUF(hd9"5EA=;'"yj8V֦B~@"ЯrasF{*>wsPs7Fxؔ_iC7Ffh> lx^]pR&M y`k!}% 2/~)#/Ɠ)ݾU,]+b_1=Fk/ P@Go-Oo :ׯg8{7`sR(uq)e>-˗kfT`yѓ7e音u ݿw!GmU68U >cz4?V^@IOV:[23˳la.-ޔtTMc侍O$\4{mcb 2.Ob-@]$=Z.ђclXv~\(pI^r|_X&EJWcyub'XW-ӌ!ɶ<(_ 96Qit@p闹et B%~劶MSJFmY Q} ndQA3c)h?rKAGɱZp|}˜tϞCI'hKLUf,"&KC3)1G7at 3fa,4VtT "k +كT %0[! Z&kXo}]7 wRE1HCpvs暁h3>yX+ɠa<#  U>pT^;(Ŷ1 7hbT>ްlة3EMֵ5<N%wVwBB c,w@_u9e3׺P`nÀԬY;Nwgt@܏@MveN7Fz7GymvHҀY;|a:q 'ec>71˘ UWj#G8ni$s%=E?zNt&&V )1?<4Cz?~]ˇ )1G)M<kUNfQqѦ E%|@UX*U[y6h 2 L97<Z(鴛V2 5-Ge 43 rMHCEYTgy|YD m{8g .X~JDH![ͻ Bv^3}UTZCM7: ]*O]Hs]RO܍\&<`3_4\$Eq\)fG^0_k{,m up\`b1H3/[DeW yjrθ$J `Ke\c Aev:Pq^y|e<ԢV6r_fw#=&|IBVFq M&(rbWkD/.Ԟoc`  MbP6\D3]^5^%n#g"|e@}(wcy^~") /7Mͷ_\ `9x@G? 6go=%p}<|:0K 8/հw6c eX=n9=:r 6ճ6e>N}.fTY^D͈?ܮ/uI1Bo.uy ۦ ߰T?HHEZB\b-w덥rGj=h᭧,O `,y8,c̽)JhH(v;؊ݢc̰)3Vmhڑ.`$vҼ˵ M!qzF8xuG}~nķ{1Y-ѸbN,1,pԁ:NQ zZ@vӮU8$}'-S}-KUvcOfCȶ7SHS^wk fBow~twQ& JH$q~ItA[Ń\sP QDy3T <Ue!4 /ƀռ8,|QЗtӳ2ω%,@mWh)`ڪi7Fhkső*bN<(t8<4TW4Hz#飃O}j3uE<3$cA G]/Ktn$iY|DC}"dOl_V`y|fEQÿ*U,VQ5 UqgLz^~Mzv3j2A}%JO6>[]UɱGHwTo/ sXAl  eeY=r$}$`k).GhE!o<.ֽ 9hy2>0IBbw-evF!ڱS4Y䑂4[9ښ(vR߮T'-q[j@6:ti'tH;]IY+N\թh!:Zq15#e er IOUf?ײiֹjKNAzN[%\9D1VzB{FSl*+O1E'vUB 8G6tCB =, NIAP~X2aEhZCú܍0X5I>XſYX`ne1qiU-᲼;N}y*n+35jkT\tpd["IQ.yT-ggQP$GnOr4q!奅n`w޹`GTҫX05L* bIMk1HM|wáAA"7ب:dʨ^eerfǶ_N⃓WfR%dϣh|gKaR}"eBPfpݬyBCB?7w/[5>GFMJe^|JBӫ$OBߪ_54uU<=ˑ"bfq:b[y_Cœrs%YCZ~aKot \pbpG+ZF)ƣ#E J4b$)bKAEo,T.xF W٬;M.pmDX~,ڛg-Q?gŻ{4v>{[̽<Õ>uJH? QR膤x?OUg  !EDXnTBtˁYFHmVrک^jxA9Ā~ؼN,[Eߥ"U1Ihw1[pUUxY'\ZH_j"- HH$1i2}^*F5]zV.kzPSΡw5&,2mSaf\K ޖ#:Qtn%q<|0ZƮ0jSQT TR{4tYMWT#<*7冾 yxbH&kX5`1XlY5`pOMn;DS)7 , y U)B da[&ynquJXsu;+ho()fA ES~bP9 s3: Q0[S ``s۽x YQQvj 9# ,Q3H 4rWTa%eR9349-'њDtW6B#niNfKIb<.Pb}^W@ݸws.boP,~bl,w8O$ExՆM-%#&nSv>e:^l{lHSd x$+Z2sB|bbI⚦nY(8'䞅 Rd}۩QCHaef`8"1?'󬾰 .v:zqBjDb e0BQtQ}qg枽Jt._'L)vQP7jVۀPa+#Yo8vZDI\.j1&,Q,E|'FvDYcnlzp/Yp*O'$]EL6> !Pf_}U 0)[S yX}>زKI *;un!#GnAR$bXH٨$>e1-2j;d%8-I蝭]bM L^Y݊:p-xi~sC7րU/=)g"`DrFCI= [#e*r+ǔ?h6wbR q氵lkG瞓[\%pm}5V^ksI>]-g _u=ӘS0.3fIxfi=3&dv"n=m@EVmM@3-޿(|{{3uc}HL]^}VQ (BE( :Cx>d(?TVkG vtp(~uӮ%?O@H;vC vkx30#}VcD$ ,z M]O` g 1gUo`Ҭ`׍mO\0k$-wƼea٩W(u0K;p@FX.CјGU蠁9J5MaEiq(о&֮%}Tv n9&kYpa^?!@bZ7urWsB;+pK,+FEsZUE̓O1?xRm5; )FCV{8)\QL ZiشS=TS!_7F) ]BQ Ҡڷ\ȷX]Źuy([۵$W0$*4Yט\78)_}oe 8Zu :$6Tq3O D_;+A&I푽;82r8Cssv'Nj]~ʗ"&܁9(jgjDgfG{-U-][aKq^ڸ͙]I T,{^GNI0- (b0۳;$V_G,=mF~~uAϯpmj7F/ FXkL jB G4-X JY.s #Lpv$[WVAmq RYTEAʪ6MOP1z @\vG+jWP!ٛvTuAA}WnD(+u.[Ly=:L~ "HL$ԒLbxlKɎwWtdm++49y'9 6#{׵qȰQy^(8A=j Ƞ086jbh{{wQ;Xשj5Nr5opUg$;&EA,G';F"J* p,)9Icߡg3R0wH6,١Ѕ6 %X%.H4OCDf}ra pZHI׮]tv=¡F<*]a<8•Ah#@KAr*Eb&A7/^dt^b^ѾA雗nㇳ+Ef\~+]*V/Q6{w,HWZO o&lbvς2cӝY8U3_CRIW5TAO0YZS//G=Ic޹Ԇ@ h3scΗ0zX%+N)} FU͖RYyȗ! g YZ