Openfire currenty uses 8.0.17, for which at least one CVE has been published:
Updating to the latest patch-release should be a low risk way to mitigate these issues.
Openfire is already on 4.5.3 version. Setting fix version to 4.4.2 doesn't make sense.
Ah, thanks. Daft ticket cloning fail.