The Ignite Realtime Community is pleased to announce the 4.6.2 release of Openfire. For SQL Server users , this release contains an important fix that prevented a database upgrade script from working. Otherwise, the changelog denotes three other issues resolved. One change to note is a subtle difference on the Openfire administration console with how the version is reported in the upper right corner. For example:

The git repository commit hash the build was based off of is included to provide a more definitive provenance of the version you are running. In this case, “b61bce3” refers to the merge commit for the 4.6.2 release.

Release artifacts can be found on our download page and they have the following sha1sum values

678f7ca008ed8347f4b49efcac3ef68cde9814ed  openfire-4.6.2-1.i686.rpm10db897faff66be5228fde858da7618becee1251  openfire-4.6.2-1.noarch.rpm29c7aa59cac59eb15b0824e5a7d1dde0ce57976b  openfire-4.6.2-1.x86_64.rpm245e326efbcf02749a243ef7bee79a55b6b5afb3  openfire_4.6.2_all.deb1e9f0eb71650313f65848d376b600d6ce2d87db7  openfire_4_6_2_bundledJRE.exe1f80ba8835c55f7290ac05f2b88cffdd3a993616  openfire_4_6_2_bundledJRE_x64.exed9c0956ad8fcc28e27b92175e6931841f76b0935  openfire_4_6_2.dmg2c610a40648547aa37093fa0d73ce2e9eca4a0af  openfire_4_6_2.exec03ede9ee3693cccc5f95d2155637d0269567edf  openfire_4_6_2.tar.gz9192fcf7ac6abca3578e1720155723da0792ba98  openfire_4_6_2_x64.exef73c32f9a3b4c44b453f9f5d939b99238136d00f  openfire_4_6_2.zipa9a2dab04c03cccb5b1b371602dbea87dc860fd3  openfire_src_4_6_2.tar.gz8bb3f1f83cf0671924adde9b3809e9e71ed0a3ed  openfire_src_4_6_2.zip

And for those curious, here is an accounting of the number of 4.6.1 downloads by artifact.

Please report any issues in the community forums or stop on by the online groupchat to let us know how things are going for you. Thanks for your interest in Openfire!

For other release announcements and news follow us on Twitter

1 post - 1 participant

Read full topic

The Ignite Realtime community is happy to announce the release of version 0.8.0 of the Push Notification plugin for Openfire!

This update fixes a problem that prevented certain clients (like Siskin) from successfully register a push notification service.

Note that, after upgrading the plugin from an older version, Openfire will need to be restarted. This too is caused by a bug, that has been addressed in this new release (but one last restart is needed to remove remnants of the bug that was present in previous versions of the plugin).

As always, your installation of Openfire should automatically detect the availability of the update in the next few hours. Alternatively, visit the plugin archive page to download the plugin directly.

For other release announcements and news follow us on Twitter

1 post - 1 participant

Read full topic

There was a push outage for some users today for a few hours. Apple updated their intermediate certificate and it appears to have gone in effect earlier than expected. The new certificate expires in 2030 so this shouldn’t be an issue again. Apologies for the inconvenience.

We urge you to update to Monal ≥ 4.9 if you haven’t done it yet.

We discovered a security bug in Monal < 4.9 dubbed CVE-2020-26547 :

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP-0280) results. This allows a remote attacker
(able to send stanzas to a victim) to inject arbitrary messages into
the local history, with full control over the sender and receiver displayed
to the victim.

CVE-2020-26547

Thilo and Friedrich

Hi fellow Monal-Beta users,

we were asked to post an update of our development journey for the next xmpp summit.
Because we as the developers of the monal beta are way too proud of our own achievements,
we ask you as the community to provide a more realistic view of the monal project.

Can you write a (really) short paragraph about where the project started when you first used it,
where it is now (if you are still using it ;)) and what improved or not improved over the past year.
What are the things you are most happy with? What upcoming things do you await most eagerly?

Please submit your user stories as blog comment or in the monal groupchat until 2021-02-03 (YYYY-MM-DD).

If you want, just add your name below the text and we’ll publish it along the text (or leave it out to get published anonymously).

Thank you very much for the last year full of debugging builds with us!
Anu, Emus, Friedrich, Jim, Thilo

We like to support things as long as we can. However, eventually we do see the need to drop older os support so we can focus efforts on current versions. The long life of Apple devices means we end up supporting very old hardware for a long time. For example, we still support the iPad mini 2 from 2013 running ios12. Thankfully apple also provides OS updates for a long time and everyone upgrades. There are actually a very small number of devices from 7-8 years ago that run iOS 12 but not 13 or 14. We are dropping support for these devices after the next release because ios12 is different enough that it needs a different push server and code and has increasingly required special debugging to deal with differences in the way the os works. It appears there are now only 24 ios12 devices actively using Monal. Apple stats are opt in only so there are definitely more but this number will still be much much smaller than the thousands more using iOS 13 and 14.

App Store issues have been resolved. 4.9 is out on the Mac. I don’t expect the iOS and Mac releases to be out of synch again

We have identified the cause of the crash that was causing Apple to reject Monal when submitted to the Mac App Store. The root cause of the problem was the behavior of action sheet type of alerts. This was changed from a Mac style alert in Catalyst running on Catalina to the iPad popup style in Big Sur. This resulted in the OS expecting x/y coordinates for the origin of the popup and crashing. The plus side of Apple hardware is that it lasts forever. My mac mini is from 2011 and my Macbook is from 2010. With enough RAM and an SSD there wasn’t actually much of a reason to upgrade. Unfortunately, none of my machines can run Big Sur well now (even with with the hacks I use to run on unsupported hardware ) and I’ve purchased an M1 mini as a replacement. If anyone has tried to get a computer during the pandemic you know it involves waiting. I have a working solution for Big Sur while I wait for my new machine to arrive in mid Feb. This should let us catch issues in Catalina and Big Sur and prevent this from happening again.

We did a reconfiguration of our translation infrastructure, allowing translations to automatically reach the alpha build and eventually the beta and stable builds as well.

The display of missing translations and the translated percent displayed in weblate is more accurate now, too.

Please check your translations if some strings are still untranslated and update. Everyone is invited to join and make the translation even better!

Join us here: https://hosted.weblate.org/projects/monal/