CHANGES - metacpan.org

0.85 2011-06-13 *CRITICAL SECURITY RELEASE*
  - Fix an XML entity injection attack allowing the attacker to read random files
    from the server. Reported by Wouter Coekaerts <wouter@coekaerts.be>.
    (Yann Kerherve <yann@cyberion.net>)

  - Support intermediate SSL certificates.
    (Rajiv Aaron Manglani <rajiv@brontes3d.com>)

  - SASL support (Previously released, but not advertised here)
    (Yann Kerherve <yann@cyberion.net>)

  - Implement proper support for XML namespace prefixes
    (Daniel Ruoso <daniel@ruoso.com>)

  - Meta: djabberd is now hosted on http://github.com/djabberd

  - Meta: The core repository is now separated from plugins.

  - Treat the node and domain parts of a JID as case-insensitive as per
    the XMPP spec. This creates a dependency on the CPAN module
    Unicode::Stringprep. A backward-compatibility setting is provided
    for servers that have existing non-normalized JIDs stored,
    since they are likely to be broken by this change until their
    stored data is normalized.
    Patch from Alex Vandiver <alexmv@bestpractical.com>

  - Some configuration file docs
    (Alex Vandiver <alexmv@bestpractical.com>)

  - Improve debugging information for S2S connections.
    (Alex Vandiver <alexmv@bestpractical.com>)

  - Remove the stream:features-in-dialback quirk hack, since it breaks
    interop with a few different implementations and is incorrect
    per spec. This may break interop with some other implementation,
    but we've been unable to determine which one, so I'm assuming
    that it's no longer an issue.
    (Alex Vandiver <alexmv@bestpractical.com>)

  - Small tweak to comment and logging in DJabberd::Connection::ServerOut
    (Alex Vandiver <alexmv@bestpractical.com>)

  - Don't treat hostnames that look like 192.168.0.1.domain.com as IP
    addresses. (Reported by Domrachev Ivan <domrachev.ivan@gmail.com>).

  - new hook chain called "SendFeatures" allows plugins to add xml
    to the stream:features stanza returned by the server

  - new hook chain called "HandleStanza" allows plugins to register 
    for and then handle what would otherwise be unsupported-stanza-type

  - SSL memory leak fix (http://codereview.appspot.com/2326)

  - hook chain callback logging fix merged from 'kane-hacking' branch

0.84_01 (2009-07-31) dev release because it's beeen awhile

  - SARTAK caught a typo in BotContext.pm where a qr was used in a place
    that obviously should have been qq.

  - "use bytes" in Connection.pm, which reportedl fixes UTF-8
    corruption in rosters (Aleksey Luzin <subscr@p34.net>)

  - If an explicit configuration file location is given to djabberd,
    don't fall back on the built-in default locations. If the user
    wanted the defaults, he wouldn't have used the --conffile option.

  - Allow the location of the log4perl configuration file to be
    set via a command-line argument to djabberd.
    (Jakob Burkhart <igotimac@gmail.com>)

  - Correct support for re-using an S2S connection for multiple source
    domains. (Adrian Ulrich <slack@blinkenlights.ch>)

  - Jacob Burkhart <igotimac@gmail.com>: Fix memory leak when using SSL

  - Michael Scherer <misc@mandriva.org>: more helpful error
    messages in logs after dialback failure (shows hosts in question)

  - Piers Harding <piers@ompka.net>: Fix bug where server wasn't
    including a "from" attribute in IQ responses.

  - Multiple resources of the same local JID are now made aware of
    one another via presence stanzas as required by the spec.

  - don't leak UDP sockets on DNS SRV lookup timeouts

  - handle improper SSL disconnects without spinning CPU

  - Updated DJabberd::Component::Example which uses the correct
    API. The previous example didn't actually work anymore.

  - Add POD for DJabberd::Agent, DJabberd::Component and a bunch of
    other related modules.

  - Make bots automatically accept roster subscription requests.

0.83  2007-05-08
  - the "yes, this project is still alive" release

  - packaging fixes, tree clean, dist now managed by ShipIt, for more
    regular releases

  - ClientPort, ServerPort, AdminPort can include IPs to bind to, not
    just port numbers.

  - better pidfile support

  - optional expansion of environment in config files, using
    syntax:  ${ENV:KEY}, which expands to environment variable KEY

  - vhost/server/plugin nesting issues in config files.  more
    tolerant now

  - DJabberd::Delivery::ComponentConnection - Delivery through a
    JEP-0114 component connection

  - DJabberd::Connection::ComponentIn - JEP-0114 Server

  - DJabberd::Connection::ComponentOut - JEP-0114 Client

  - when closing an XMLElement, also clone the raw field

  - don't crash when DNS SRV records have no port defined

  - Component::External bug fixes, enhancements

  - warnings about implicit delivery/etc plugins auto-added
    for you (like Local deliver, S2S deliver, local presence
    checks, etc...)

0.82 2007-05-08
  - accidental release in which I mistakenly claimed nothing was new
    since 0.81... whoops!

0.81  2006-10-01
  - fix the MANIFEST to include the dozen some missing files.

0.80
  - first tarball release of core only after svn rearrange to split
    modules into per-distribution directories.
	Global
`s`	Focus search bar
`?`	Bring up this help dialog
	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)
	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse
	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)