0.6.2 Release Notes
This release is a bugfix release for the 0.6 stable branch.
Severe
- Disable SSLv2 by default
- Fix cases in XML handling which could emit invalid XML to clients
- Multiple signals in quick succession could send the server into a loop
Important
- Fix case where data sent immediately before a socket close could be lost
- Make [c2s|s2s]_require_encryption enforce encryption in all cases
- More robust detection of already-running Prosody instances
- Fix small memory leak in HTTP and BOSH
- Ensure the correct namespace is always set on s2s stanzas (for M-Link compatibility)
- Fix the algorithm for selecting a SRV target from DNS
Compliance
- Multiple compatibility fixes for presence subscription logic
- Remove subscriptions to/from contacts on account deletion
- Make sure to stamp a 'to' on outgoing stream headers in all cases
- Restrict topic-changing to moderators in MUC rooms
- Don't allow visitors (no voice) to send messages in MUC rooms
- Fixes for PEP to make it work with Pidgin's avatar storage
- Disallow registration of empty usernames
- Better handling of presence requests for server hosts
- Correctly send nicks instead of JIDs in MUC role configuration
- Put the correct namespace on <text> in error stanzas
- Fix handling of CNAME DNS records written in uppercase
- Reflect the user's own presence back to them
- Allow non-stanzas between auth and resource binding (for Pandion's compression)
- Allow any admin or moderator to kick occupants from MUC rooms
Minor
- Improve generation of MIME types from the HTTP server
- Add message to error stanzas describing why an s2s connection failed
- Allow prosodyctl to still work when stty is not available (OpenWRT)
- Ensure that math.randomseed() is always passed an integer (OpenWRT)
- Compatibility with LuaRocks 2.x
- Improve performance by not forcing garbage collection in many cases
- Allow s2s TLS to be disabled with s2s_allow_encryption = false
- Handle gracefully the inability to create new connections (open file limit)